DigitalSeraph
11-30-2005, 08:45 PM
ok, i have a problem with a login script that i wrote.
The problem is that when viewed in Firefox, Opera, etc(anything but IE) the user can login just fine and they are redirected properly.
BUT, when i try it in Internet Explorer, it says your not logged in and returns you to the home page(this happens if you go to a member page on my site and aren't logged in). I'm pretty sure it has to do with the $_SESSION variables that i set. It determines if you're logged in based on if the $_SESSION['username'] is set.
here is the login script:
<?php
session_start();
if (isset($_POST['pswd']))
{
//get username and pswd
$username = $_POST['username'];
$pswd = $_POST['pswd'];
if($username == '' || $pswd == '')
{
echo "Enter a username/password combination to login.";
exit;
}
//connect to the database
mysql_connect("localhost","xxx","xxx");
mysql_select_db("database");
//Find user in database
$query = "SELECT * FROM users WHERE username='$username' AND pswd='$pswd'";
$result = mysql_query($query);
//verify that the user does indeed exist
//Find user in database
$verifyQuery = "SELECT * FROM users WHERE username='$username'";
$verifyResult = mysql_query($verifyQuery);
if($verifyResult)
{
for ($count=0; $count <= mysql_numrows($verifyResult) - 1; $count++)
{
$dbUsername = mysql_result($verifyResult, $count, "username");
}
}
else
{
echo "Problem";
}
if($dbUsername == $username)
{
echo " <br/>";
}
else
{
echo "Username/Password combination does not exist!";
exit;
}
if($result)
{
//Set status to 1
$queryStatus = "UPDATE users SET status='1' WHERE username='$username'
";
$resultStatus = mysql_query($queryStatus);
for ($count=0; $count <= mysql_numrows($result) - 1; $count++)
{
$_SESSION['username'] = mysql_result($result,$count,"username");
$_SESSION['firstName'] = mysql_result($result,$count,"firstName");
$_SESSION['lastName'] = mysql_result($result,$count,"lastName");
$_SESSION['status'] = mysql_result($result,$count,"status");
}
$username = $_SESSION['username'];
$firstName = $_SESSION['firstName'];
$lastName = $_SESSION['lastName'];
$status = $_SESSION['status'];
if($resultStatus)
{
echo "<div align=\"center\">Login successful!<br/>If you are not redirected, then click the link below:<br/><a href=\"/members.php\">Members' Page</a>.</div>";
echo "<meta http-equiv=\"refresh\" content=\"2;url=/members.php\">";
}
else
{
echo "Problem setting status";
}
}
else
{
echo "Username/Password do not match.<br />
<a href\"javascript: history.go(-1);\">Go Back</a>";
}
}
else
{
echo "Enter a username/password combination.";
exit;
} ?>
i know its long and some stuff is redundant(ill clean it up later), but the thing is even in IE, it does INDEED say that you're logged in and redirects you to the member.php page. which goes somethign like this:
<?php
session_start();
$pageName = "Members' Area";
include("php/header.inc");
if(isset($_SESSION['username']))
{
display the member stuff
} else
{
tell user they're not logged in and redirect them
}
in IE, it always gives me the else statement instead of the if. please help me here, i need to fix this soon
The problem is that when viewed in Firefox, Opera, etc(anything but IE) the user can login just fine and they are redirected properly.
BUT, when i try it in Internet Explorer, it says your not logged in and returns you to the home page(this happens if you go to a member page on my site and aren't logged in). I'm pretty sure it has to do with the $_SESSION variables that i set. It determines if you're logged in based on if the $_SESSION['username'] is set.
here is the login script:
<?php
session_start();
if (isset($_POST['pswd']))
{
//get username and pswd
$username = $_POST['username'];
$pswd = $_POST['pswd'];
if($username == '' || $pswd == '')
{
echo "Enter a username/password combination to login.";
exit;
}
//connect to the database
mysql_connect("localhost","xxx","xxx");
mysql_select_db("database");
//Find user in database
$query = "SELECT * FROM users WHERE username='$username' AND pswd='$pswd'";
$result = mysql_query($query);
//verify that the user does indeed exist
//Find user in database
$verifyQuery = "SELECT * FROM users WHERE username='$username'";
$verifyResult = mysql_query($verifyQuery);
if($verifyResult)
{
for ($count=0; $count <= mysql_numrows($verifyResult) - 1; $count++)
{
$dbUsername = mysql_result($verifyResult, $count, "username");
}
}
else
{
echo "Problem";
}
if($dbUsername == $username)
{
echo " <br/>";
}
else
{
echo "Username/Password combination does not exist!";
exit;
}
if($result)
{
//Set status to 1
$queryStatus = "UPDATE users SET status='1' WHERE username='$username'
";
$resultStatus = mysql_query($queryStatus);
for ($count=0; $count <= mysql_numrows($result) - 1; $count++)
{
$_SESSION['username'] = mysql_result($result,$count,"username");
$_SESSION['firstName'] = mysql_result($result,$count,"firstName");
$_SESSION['lastName'] = mysql_result($result,$count,"lastName");
$_SESSION['status'] = mysql_result($result,$count,"status");
}
$username = $_SESSION['username'];
$firstName = $_SESSION['firstName'];
$lastName = $_SESSION['lastName'];
$status = $_SESSION['status'];
if($resultStatus)
{
echo "<div align=\"center\">Login successful!<br/>If you are not redirected, then click the link below:<br/><a href=\"/members.php\">Members' Page</a>.</div>";
echo "<meta http-equiv=\"refresh\" content=\"2;url=/members.php\">";
}
else
{
echo "Problem setting status";
}
}
else
{
echo "Username/Password do not match.<br />
<a href\"javascript: history.go(-1);\">Go Back</a>";
}
}
else
{
echo "Enter a username/password combination.";
exit;
} ?>
i know its long and some stuff is redundant(ill clean it up later), but the thing is even in IE, it does INDEED say that you're logged in and redirects you to the member.php page. which goes somethign like this:
<?php
session_start();
$pageName = "Members' Area";
include("php/header.inc");
if(isset($_SESSION['username']))
{
display the member stuff
} else
{
tell user they're not logged in and redirect them
}
in IE, it always gives me the else statement instead of the if. please help me here, i need to fix this soon