...

View Full Version : Session handling - Login in PHP



amol0010
08-30-2007, 10:58 PM
Hi,

I have created three .PHP files as main.php which asks for username, password and forwards it to checklogin.php which has connection details for the MySQL database.

After entering login details on main.php, it successfully checks if the username and password entered are correct or not, and shows the appropriate message, which means that main.php and checklogin.php are working correctly.

checklogin.php forwards the browser to the third .php script

login_success.php


the contents of login_success.php are as follows :

<?php
session_start();
if(!session_is_registered('username')){
header("location:main.php");
}
?>

<html>
<body>
Login Successful
</body>
</html>


However, this file still shows Login Successful even if I clear my cache/history/cookies after typing this in the browser :

http://mydomain/login_success.php

instead of taking the browser to the main.php login screen

What's wrong with the code ??


Thanks

Mwnciau
08-30-2007, 11:22 PM
In what way did you register the SESSION variables?

matak
08-30-2007, 11:43 PM
If you want you can check this out. Tell me if you like it :)
sloppy login script link (http://www.trap17.com/forums/page-1-t48340-s0.html)

CFMaBiSmAd
08-30-2007, 11:47 PM
The session_register(), session_is_registered() and session_unregister() functions are depreciated and only work when register globals are enabled. They should not be used when writing new code (these functions, along with register globals are eliminated in PHP6.) Use the global associative array $_SESSION instead.

fl00d
08-31-2007, 03:38 AM
also to really make sure your sessions are gone make another file called like logout.php or something and use session_destroy to destroy the sessions.

logout.php


<?php
session_start();
session_destroy();
?>



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum