Page 1 of 1

Logging In

Posted: Thu Jun 12, 2003 8:28 am
by adm
k Hi im just starting PHP!

Ive got all the code to log in to a website and so on, but im still confused how i would make the login text boxes not visible after login and make the users name and other stats appear on the same .php sheet.

Anyone got an idea how u make the contents change if an action is performed?

Posted: Thu Jun 12, 2003 8:38 am
by B|uSmurf
yeah, just make if statements....

http://www.yoursite.com/login.php?success=yes

Code: Select all

<?
if($success==yes) &#123;
     <-- your text here -->
&#125; else &#123;
     include:("login.php");
&#125;
?>
Now, if you have display errors on in your php.ini, youll get variable not defined, so you $success = $_REQUEST['success'] i believe.

Posted: Thu Jun 12, 2003 9:57 am
by twigletmac
That should be $_GET['success'] not $success - please post code assuming register_globals off.

Mac

Posted: Thu Jun 12, 2003 11:19 am
by B|uSmurf
actually should be

Code: Select all

<?php
$success = ""; //initialize var

if (isset($_REQUEST["success"])) {
$success = $_REQUEST["success"];
}

if ($success==1) {
     <--- text here --->
} else {
    <---- text here --->
}

?>
but oh well

Posted: Thu Jun 12, 2003 11:28 am
by twigletmac
There is one major problem with that code - if I guess that you have a success variable and just pass 1 to it in the URL, then I end up logged in without any other validation.

Using sessions would be more secure:
Before Post Read: Sessions with a Minor in User Logins

Mac

Posted: Thu Jun 12, 2003 11:30 am
by B|uSmurf
well that was just the frame work with out doing everything, I personally use both sessions and cookies to validate the user... I was just showing him how to do the refrencing to other areas of the page

Posted: Thu Jun 12, 2003 11:35 am
by twigletmac
I was pointing out the flaw in that method of deciding whether a user was logged in or not. I wouldn't want anybody to use that as part of their login system just because they don't understand the inherent problem.

I also wanted to point the OP to the sticky that we have specifically dealing with user logins.

Mac

Posted: Thu Jun 12, 2003 11:36 am
by B|uSmurf
oh hehe i thought you where talking about the code I had just posted

Edit: and sorry for posting with out assuming register_globals is off, hehe, just a habit in coding for me.

Posted: Thu Jun 12, 2003 11:41 am
by PastAustin
Well personally I am a cookies only man. Though sessions are nice, I have never been able to get used to them, plus they set cookies anyways.
adm: What exactly are you trying to hide. If you have text boxes you want to hide, you could do something like this:

Code: Select all

<?php
  if (!isSet($_COOKIE['cookiename'])) {
?>
<form method="post">
User | <input name="username"><br>
Password | <input type="password" name="password"><br>
<input type="submit" value="login">
</form>
<?php
  } else {
?>
You are logged in!
<?php
  }
?>
Than your login function could look like this:

Code: Select all

if (login info success) {
 setcookie("cookiename", "dataincookie", time() +  7200);
}