sir pannels
10-27-2002, 02:09 PM
hey..
i posted a while back about sessions.. and found some stuff
i have this code now.. but it doesnt seem to work... i include this code on the top of my pages i wana protect but it just asks for pass and user name even after youve loged in..
any ideas why it dont work?
cheers
heres the code...
<?php // accesscontrol.php
session_start();
if(!isset($uid)) {
?>
<html>
<head>
<title> Please Log In for Access </title>
</head>
<body>
<h1> Login Required </h1>
<p>You must log in to access this area of the site. If you are
not a registered user, <a href="signup.php">click here</a>
to sign up for instant access!</p>
<p><form method="post" action="login.php">
User ID: <input type="text" name="username" size="8"><br>
Password: <input type="password" name="password" SIZE="8"><br>
<input type="submit" value="Log in">
</form></p>
</body>
</html>
<?php
exit;
}
session_register("username");
session_register("password");
dbConnect("sessions");
$sql = "SELECT * FROM user WHERE
username = '$username' AND password = PASSWORD('$password')";
$result = mysql_query($sql);
if (!$result) {
error("A database error occurred while checking your ".
"login details.\\nIf this error persists, please ".
"contact support\@tabberstemple.com");
}
if (mysql_num_rows($result) == 0) {
session_unregister("username");
session_unregister("password");
?>
<html>
<head>
<title> Access Denied </title>
</head>
<body>
<h1> Access Denied </h1>
<p>Your user ID or password is incorrect, or you are not a
registered user on this site. To try logging in again, click
<a href="<?=$PHP_SELF?>">here</a>. To register for instant
access, click <a href="signup.php">here</a>.</p>
</body>
</html>
<?php
exit;
}
$username = mysql_result($result,0,"fullname");
?>
sir p:thumbsup:
i posted a while back about sessions.. and found some stuff
i have this code now.. but it doesnt seem to work... i include this code on the top of my pages i wana protect but it just asks for pass and user name even after youve loged in..
any ideas why it dont work?
cheers
heres the code...
<?php // accesscontrol.php
session_start();
if(!isset($uid)) {
?>
<html>
<head>
<title> Please Log In for Access </title>
</head>
<body>
<h1> Login Required </h1>
<p>You must log in to access this area of the site. If you are
not a registered user, <a href="signup.php">click here</a>
to sign up for instant access!</p>
<p><form method="post" action="login.php">
User ID: <input type="text" name="username" size="8"><br>
Password: <input type="password" name="password" SIZE="8"><br>
<input type="submit" value="Log in">
</form></p>
</body>
</html>
<?php
exit;
}
session_register("username");
session_register("password");
dbConnect("sessions");
$sql = "SELECT * FROM user WHERE
username = '$username' AND password = PASSWORD('$password')";
$result = mysql_query($sql);
if (!$result) {
error("A database error occurred while checking your ".
"login details.\\nIf this error persists, please ".
"contact support\@tabberstemple.com");
}
if (mysql_num_rows($result) == 0) {
session_unregister("username");
session_unregister("password");
?>
<html>
<head>
<title> Access Denied </title>
</head>
<body>
<h1> Access Denied </h1>
<p>Your user ID or password is incorrect, or you are not a
registered user on this site. To try logging in again, click
<a href="<?=$PHP_SELF?>">here</a>. To register for instant
access, click <a href="signup.php">here</a>.</p>
</body>
</html>
<?php
exit;
}
$username = mysql_result($result,0,"fullname");
?>
sir p:thumbsup: