Very Basic Login Script - Page 2

Fou-Lu · 04-13-2011, 04:46 PM

Add session_start to the top of the script. This one is still wrong: $_SESSION("Login")=$Prename;, as you cannot assign to a result of a function call (remember, $_SESSION("login") is trying to map $_SESSION to a callable function which will fail). Those must be changed to square braces.

Also, best to make sure your variables exist:

PHP Code:


			
$Prename=isset($_POST['Prename']) ? trim($_POST['Prename']) : '';
$Surname=isset($_POST['Surname']) ? trim($_POST['Surname']) : '';

If the script is accessed without these two post variables, they will default to nothing without triggering a notice.

Watch the use of the operators as well. These are deceiving (though correct here as well), since both exist in PHP:

PHP Code:


			
$Prename=="firstname1" && $Surname=="lastname1" or $Prename=="firstname2" &&

Notice your use of && and OR. PHP has all four ops for this: '&&' > '||' > '=' > 'AND' > 'OR', if you can read that ok. This works no problem since all levels of and override that of OR. This can be found on the precedence list here: http://php.ca/manual/en/language.ope...precedence.php

Notice if you switched things up:

PHP Code:


			
$Prename == "firstname1" AND $Surname == "lastname1" || $Prename == "firstname2"...

The evaluation changes from logical: if ((prename AND surname) OR (prename.....) to: if (prename AND (surname OR prename) AND....), which is definitely not what you want.

munkeyboy · 04-13-2011, 04:52 PM

You omitted the session_start() function so your variables are getting lost during the page refresh. Also your assignment operators ie $Surname==""; should only have one =.

Fou-Lu · 04-13-2011, 05:02 PM

Quote:

Originally Posted by munkeyboy

You omitted the session_start() function so your variables are getting lost during the page refresh. Also your assignment operators ie $Surname==""; should only have one =.

Yep, good catch I completely missed that.

Elsean · 04-18-2011, 03:55 PM

I do have the session_start() on the first line of my page, It just says<?php session_start(); ?> is that enough?

munkeyboy · 04-19-2011, 04:27 AM

Yes that is sufficient, however that wasn't in the code you posted so as far as we could tell it wasn't there. Once you fix the double equals (==) in your assignment operators then your code should work.

Edit:
Assignment Operators and Comparison Operators

Elsean · 04-19-2011, 07:40 PM

I did what you said, but now it thinks $_SESSION['LoginTester']==True, (which I haven't even set yet!) when I first enter the page. The updated script is:

PHP Code:


			
<?php
$Prename=$_POST['Prename'];
$Surname=$_POST['Surname'];

if ($_SESSION['LoginTester']==True)
  {
  echo "Hello, " . $_SESSION['Login'];
  }
else
  {
  if ($Surname=="Surname")
    {
    $Surname="";
    }

  if ($Prename=="Prename")
    {
    $Prename="";
    }

  if ($Prename <> "" && $Surname <> "")
    {
    if (//the names)
      {
      $_SESSION["LoginTester"]=True;
      $_SESSION["Login"]=$Prename . " " . $Surname;
      }
    else
      {
      echo "<u>Login</u><br>You are not a registered user";
      }
    }
  else
    {
    if ($Prename=="//another name" && $Surname=="")
      {
      $_SESSION["LoginTester"]=True;
      $_SESSION["Login"]=$Prename;
      }
    else
      {
      echo "<u>Login</u><br>Please login<br><form action='Stories.php' method='post'><input type='text' value='Prename' name='Prename'><br><input type='text' value='Surname' name='Surname'><br><input type='Submit' value='Submit'></form>";
      }
    }
  }
?>

It basically doesn't give me a chance to imput my login and just runs echo "Hello, " . $_SESSION['Login'] but the Session Variable 'login' doesn't exist so it comes up blank

munkeyboy · 04-21-2011, 06:54 PM

Try closing your browser then reopening it before trying to access the form again. It's very possible that your session data is being saved and without having a logout script in place the easiest way to log out is to close and re-open the browser. If that resolves the issue then you will need to build a method of logging out of the session. The session_destroy function would be a good place to start.

Elsean · 04-22-2011, 05:53 PM

considering a logout script, is there any way I could get a button or hyperlink to run the session_destroy function.

munkeyboy · 04-23-2011, 05:10 AM

There are several ways you could go about it, the simplest method would be to have a single (separate) page that only had the session_destroy function in it, then by linking to that page you would be able to logout.

Elsean · 04-23-2011, 10:40 AM

wouldn't that only work with a button though?