...

View Full Version : help member area problem (login-session



tsifutokai
06-29-2007, 09:49 AM
at first.. sory if my english bad :o

um.. i have problem with my login php script with session..
i have 3 file..

1.login.php (this where user login)

<form action="checklogin.php" method="post" name="form1" id="form1" onsubmit="MM_validateForm('nama','','R','password','','R');return document.MM_returnValue">
<table width="200" border="0">
<tr>
<td>Nama</td>
<td><input type="text" name="nama" id="nama" /></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="password" id="password" /></td>
</tr>
</table>
<p>
<label>
<input type="submit" name="button" id="button" value="Submit" />
</label></p>
</form>
(with html tag ofcourse)

then the form action is direct to checklogin.php

this is script inside checklogin.php

<?php
// Connect to server and select databse
mysql_connect("localhost","root","123");
mysql_select_db("soundy")or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_POST['nama'];
$mypassword=$_POST['password'];
$sql="SELECT * FROM user WHERE nama='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_start();
$_SESSION['loggedin'] = true;
header('Location: loginsuccess.php');
}
else {
echo "Wrong Username or Password";
}
?>

until here.. there is no problem.. because if i put username and password that is not in database... then its show Wrong username or password)

then this is the problem.. (member area)

this is script inside loginsuccess.php

<?php
session_start();
// is the one accessing this page logged in or not?
if (!isset($_SESSION['loggedin'])) {
header('Location: login.php');
}
else
{
echo 'nice';
}
?>
<html>
<body>

WELCOME
</body>
</html>

the question is why i always directed back to login.php? although i put the right username and password

help me plss >.<

rafiki
06-29-2007, 10:20 AM
session_start() at the top of the page?
comment this line out
header('Location: loginsuccess.php');
and add 1 line below in print_r($_SESSION) to see if it co ntains a value for loggedin => true

daemonkin
06-29-2007, 10:23 AM
I commented out the sql code and set $count to 1 to fulfill your if statement and was redirected to the success page. This leads me to believe that there is something wrong with your sql statements.

Change your sql statement to this:


$myusername=$_POST['nama'];
$mypassword=$_POST['password'];
$sql = "SELECT COUNT(*) FROM user WHERE nama='$myusername' and password='$mypassword'";
$result = mysql_query($sql);
$count = mysql_result($result,0);
if ($count==1) {
session_start();
$_SESSION['loggedin'] = true;
header('Location: loginsuccess.php');
exit;
}
else {
echo "Wrong Username or Password";
}

to see if this works

tsifutokai
06-29-2007, 12:26 PM
session_start() at the top of the page?
comment this line out
header('Location: loginsuccess.php');
and add 1 line below in print_r($_SESSION) to see if it co ntains a value for loggedin => true

ok rafiki... i already made change with this script as your request.. so this is it

<?php
// Connect to server and select databse
mysql_connect("localhost","root","123");
mysql_select_db("soundy")or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_POST['nama'];
$mypassword=$_POST['password'];
$sql="SELECT * FROM user WHERE nama='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_start();
$_SESSION['loggedin'] = true;
print_r($_SESSION);
}
else {
echo "Wrong Username or Password";
}
?>

and the result shown is

Array ( [loggedin] => 1 )

but why i cannot enter the member area after i loggedin?

this is script in the member area

<?php
session_start();
// is the one accessing this page logged in or not?
if (!isset($_SESSION['loggedin'])) {
header('Location: login.php');
}
else
{
echo 'nice';
}
?>
<html>
<body>

WELCOME
</body>
</html>

tsifutokai
06-29-2007, 12:29 PM
I commented out the sql code and set $count to 1 to fulfill your if statement and was redirected to the success page. This leads me to believe that there is something wrong with your sql statements.

Change your sql statement to this:


$myusername=$_POST['nama'];
$mypassword=$_POST['password'];
$sql = "SELECT COUNT(*) FROM user WHERE nama='$myusername' and password='$mypassword'";
$result = mysql_query($sql);
$count = mysql_result($result,0);
if ($count==1) {
session_start();
$_SESSION['loggedin'] = true;
header('Location: loginsuccess.php');
exit;
}
else {
echo "Wrong Username or Password";
}

to see if this works

i think my code as shown above no need to change..becaus if i put the wrong pass and wrong user.. the code will run the echo "wrongusernameandpassword" else directed to loginsucces.php

:)

rafiki
06-29-2007, 12:30 PM
<?php
session_start();
print_r($_SESSION);
// is the one accessing this page logged in or not?
if (!isset($_SESSION['loggedin'])) {
header('Location: login.php');
}
else
{
echo 'nice';
}
?>
<html>
<body>

WELCOME
</body>
</html>

daemonkin
06-29-2007, 12:40 PM
tsifutokai: Did the code work?

D.

tsifutokai
06-29-2007, 01:09 PM
tsifutokai: Did the code work?

D.

yes. :)

tsifutokai
06-29-2007, 01:13 PM
<?php
session_start();
print_r($_SESSION);
// is the one accessing this page logged in or not?
if (!isset($_SESSION['loggedin'])) {
header('Location: login.php');
}
else
{
echo 'nice';
}
?>
<html>
<body>

WELCOME
</body>
</html>


not working.. it directed back to login.php

rafiki
06-29-2007, 01:24 PM
<?php
session_start();
print_r($_SESSION);
// is the one accessing this page logged in or not?
if (!isset($_SESSION['loggedin'])) {
//header('Location: login.php');
}
else
{
echo 'nice';
}
?>
<html>
<body>

WELCOME
</body>
</html>

strange you should have got an error headers already sent message.
try commenting out the header() and make sure you have the print_r($_SESSION)
under session start.

daemonkin
06-29-2007, 02:16 PM
Post the code that you now have on checklogin.php
please.

D.

tsifutokai
06-29-2007, 02:34 PM
<?php
session_start();
print_r($_SESSION);
// is the one accessing this page logged in or not?
if (!isset($_SESSION['loggedin'])) {
//header('Location: login.php');
}
else
{
echo 'nice';
}
?>
<html>
<body>

WELCOME
</body>
</html>

strange you should have got an error headers already sent message.
try commenting out the header() and make sure you have the print_r($_SESSION)
under session start.


wow how about if there is no logged in user? that mean they can view content which specialy for login user.... (without redirection only for not logged in user)

tsifutokai
06-29-2007, 02:36 PM
Post the code that you now have on checklogin.php
please.

D.

i have post them before... ok.

this is original code from me


<?php
// Connect to server and select databse
mysql_connect("localhost","root","123");
mysql_select_db("soundy")or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_POST['nama'];
$mypassword=$_POST['password'];
$sql="SELECT * FROM user WHERE nama='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_start();
$_SESSION['loggedin'] = true;
header('Location: loginsuccess.php');
}
else {
echo "Wrong Username or Password";
}
?>

:)

tsifutokai
06-29-2007, 02:49 PM
ithink the problem is between checklogin.php and logginsucess.php..

because : 1. i have logged in.. but in the logginsucces.php i directed back to login.php because this script "if (!isset($_SESSION['loggedin']))"

need help >.<

rafiki
06-29-2007, 03:21 PM
<?php
// Connect to server and select databse
mysql_connect("localhost","root","123");
mysql_select_db("soundy")or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_POST['nama'];
$mypassword=$_POST['password'];
$sql="SELECT * FROM user WHERE nama='$myusername'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
while ($count=mysql_fetch_array($result)){
if ($count['password'] == $password){

session_start();
$_SESSION['loggedin'] = true;
header('Location: loginsuccess.php');
}else{

echo "Wrong Username or Password";
}
?>
use that in login.php
loginsuccess.php should have


if ($_SESSION['loggedin'] != true){
include(login.php);
//login
}else{
echo "you are logged in please continue!";
}

Try that.

tsifutokai
06-29-2007, 03:42 PM
<?php
// Connect to server and select databse
mysql_connect("localhost","root","123");
mysql_select_db("soundy")or die("cannot select DB");
// Define $myusername and $mypassword
$myusername=$_POST['nama'];
$mypassword=$_POST['password'];
$sql="SELECT * FROM user WHERE nama='$myusername'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
while ($count=mysql_fetch_array($result)){
if ($count['password'] == $password){

session_start();
$_SESSION['loggedin'] = true;
header('Location: loginsuccess.php');
}else{

echo "Wrong Username or Password";
}
?>
use that in login.php
loginsuccess.php should have


if ($_SESSION['loggedin'] != true){
include(login.php);
//login
}else{
echo "you are logged in please continue!";
}

Try that.

1 have tried that's script.. but if i type url : http://localhost/loginsucces.php without login... i still can view it content..... (i try to delete cookies from browser and still can view the member area content)..

note loginsucces is member area.. >.<

tsifutokai
06-29-2007, 06:45 PM
oh.. i found the problem.

i think my php.ini configuration is wrong so the session cannot work..

any ideas for configuration in php.ini for session?
oh i forgot... i am running in LOCALHOST :P

SMGames
07-01-2007, 12:31 PM
This is my logining system and it works fine:
-------------login--------------

<form action="user_logged_in.php" method="post">
<font color="#1874CD">
Username: <input type="text" name="loginname" size="19"><br>
Password: <input type="password" name="password" size="19"><br>
</font>
<br>
<input type="Submit" value="Login">
</form>

----------------------------------------

And my user_logged_in.php is:

------------logged_in_options.php-------------------

<?php
session_start();
$_SESSION['loggedin']=false;

$username="************";
$password="************";
$database="************";

mysql_connect('***********',$username,$password);
@mysql_select_db($database) or die("Unable to select database");

$loginname = $_POST['loginname']; $password = $_POST['password'];

$result = MYSQL_QUERY("SELECT * from users WHERE loginname='$loginname'and password='$password'")
or die ("Incorrect username or password");

if ($row = mysql_fetch_array($result))
{
$_SESSION['loginname'] = $row['loginname'] ; $_SESSION['email'] = $row['email'] ; $_SESSION['Loggedin'] = true ;

header("location:index.php");
echo 'WELCOME '.$_SESSION['loginname'] ;
}else{
$_SESSION['incorrect_login'] = 'true';

header("location:error_login.php");
}?>

---------------------------------------
If you costomize that to the right things it should work fine. The error_login.php is just a copy of the index page with a message saying incorrect login.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum