Page 1 of 1
Logging In
Posted: Thu Jun 12, 2003 8:28 am
by adm
k Hi im just starting PHP!
Ive got all the code to log in to a website and so on, but im still confused how i would make the login text boxes not visible after login and make the users name and other stats appear on the same .php sheet.
Anyone got an idea how u make the contents change if an action is performed?
Posted: Thu Jun 12, 2003 8:38 am
by B|uSmurf
yeah, just make if statements....
http://www.yoursite.com/login.php?success=yes
Code: Select all
<?
if($success==yes) {
<-- your text here -->
} else {
include:("login.php");
}
?>
Now, if you have display errors on in your php.ini, youll get variable not defined, so you $success = $_REQUEST['success'] i believe.
Posted: Thu Jun 12, 2003 9:57 am
by twigletmac
That should be $_GET['success'] not $success - please post code assuming register_globals off.
Mac
Posted: Thu Jun 12, 2003 11:19 am
by B|uSmurf
actually should be
Code: Select all
<?php
$success = ""; //initialize var
if (isset($_REQUEST["success"])) {
$success = $_REQUEST["success"];
}
if ($success==1) {
<--- text here --->
} else {
<---- text here --->
}
?>
but oh well
Posted: Thu Jun 12, 2003 11:28 am
by twigletmac
There is one major problem with that code - if I guess that you have a success variable and just pass 1 to it in the URL, then I end up logged in without any other validation.
Using sessions would be more secure:
Before Post Read: Sessions with a Minor in User Logins
Mac
Posted: Thu Jun 12, 2003 11:30 am
by B|uSmurf
well that was just the frame work with out doing everything, I personally use both sessions and cookies to validate the user... I was just showing him how to do the refrencing to other areas of the page
Posted: Thu Jun 12, 2003 11:35 am
by twigletmac
I was pointing out the flaw in that method of deciding whether a user was logged in or not. I wouldn't want anybody to use that as part of their login system just because they don't understand the inherent problem.
I also wanted to point the OP to the sticky that we have specifically dealing with user logins.
Mac
Posted: Thu Jun 12, 2003 11:36 am
by B|uSmurf
oh hehe i thought you where talking about the code I had just posted
Edit: and sorry for posting with out assuming register_globals is off, hehe, just a habit in coding for me.
Posted: Thu Jun 12, 2003 11:41 am
by PastAustin
Well personally I am a cookies only man. Though sessions are nice, I have never been able to get used to them, plus they set cookies anyways.
adm: What exactly are you trying to hide. If you have text boxes you want to hide, you could do something like this:
Code: Select all
<?php
if (!isSet($_COOKIE['cookiename'])) {
?>
<form method="post">
User | <input name="username"><br>
Password | <input type="password" name="password"><br>
<input type="submit" value="login">
</form>
<?php
} else {
?>
You are logged in!
<?php
}
?>
Than your login function could look like this:
Code: Select all
if (login info success) {
setcookie("cookiename", "dataincookie", time() + 7200);
}