Back To Programming / Scripting / Coding Forum

[solved] - Thanks Everyone - login php script problem

  • Nem
  • Guru
  • Guru
  • No Avatar
  • Joined: Feb 13, 2004
  • Posts: 1243
  • Loc: UK
  • Status: Offline

Post June 30th, 2004, 3:09 am

Im still running in to problems...

I opened up my cookie folder... once i logged in i refreshed the cookie folder and the cookie didnt appear.

Also, i can still go on to the 'secure' pages without even logging in? The log out button works fine but i had to rearrange it to this:

PHP Code: [ Select ]
 
<?PHP
 
session_start();
 
session_destroy();
 
 
 
echo "You have been successfully logged out.";
 
?>
  1.  
  2. <?PHP
  3.  
  4. session_start();
  5.  
  6. session_destroy();
  7.  
  8.  
  9.  
  10. echo "You have been successfully logged out.";
  11.  
  12. ?>


The common.php file
PHP Code: [ Select ]
<?
 
  require_once("admin_login.php");
 
  if(!isset($cookie_uid)){$cookie_uid = false;}
 
  $cookie_uid = get_data_by_method($_COOKIE,"admin");
 
  if(!$cookie_uid){ header("Location: login.php"); }
 
?>
  1. <?
  2.  
  3.   require_once("admin_login.php");
  4.  
  5.   if(!isset($cookie_uid)){$cookie_uid = false;}
  6.  
  7.   $cookie_uid = get_data_by_method($_COOKIE,"admin");
  8.  
  9.   if(!$cookie_uid){ header("Location: login.php"); }
  10.  
  11. ?>


now this is working fine, but this is the main cause of going on to secure pages logged in or logged out.

I been trying to figure it out, but i got a splitting headache. Im almost out of time too.[/php]
  • Anonymous
  • Bot
  • No Avatar
  • Joined: 25 Feb 2008
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post June 30th, 2004, 3:09 am

  • Carnix
  • Guru
  • Guru
  • User avatar
  • Joined: Apr 28, 2004
  • Posts: 1099
  • Status: Offline

Post June 30th, 2004, 7:02 am

Ok, try this.

Remove all the stuff about cookies...

In your common.php file:

PHP Code: [ Select ]
 
<?
 
  session_start();
 
  if(!isset($_SESSION['username'])){$_SESSION['username'] = false;}
 
?>
 
 
 
 
  1.  
  2. <?
  3.  
  4.   session_start();
  5.  
  6.   if(!isset($_SESSION['username'])){$_SESSION['username'] = false;}
  7.  
  8. ?>
  9.  
  10.  
  11.  
  12.  


Make sure common.php is included on your homepage so the session will be activated and the username variable instantiated to false.

Now, on your admin_login.php file:


PHP Code: [ Select ]
 
<?
 
    function get_data_by_method($method_hash,$element){
 
        foreach ($method_hash as $key => $value){
 
            if($key == $element){ return $value; }
 
        }
 
        return "";
 
    }
 
 
 
 
 
  $submit = get_data_by_method($_POST,"submit");
 
    $user = get_data_by_method($_POST,"username");
 
    $pass = md5(get_data_by_method($_POST,"password"));
 
    if(!isset($db_user)){$db_user = false;}
 
    if(!isset($db_pass)){$db_pass = false;}
 
 
 
    $username = "";
 
    $password = "";
 
    $host = "";
 
    $database = "";
 
    mysql_connect($host,$username,$password) or die("Cannot connect to the database.<br>" . mysql_error());
 
    mysql_select_db($database) or die("Cannot select the database.<br>" . mysql_error());
 
    $result = mysql_query("SELECT username,password FROM userdata WHERE username='".$user."' and password='".$pass."';");
 
    while ($row = mysql_fetch_array($result, MYSQL_BOTH)) {
 
        $db_user = $row["username"];
 
        $db_pass = $row["password"];
 
    }
 
 
 
    if(!$db_user || !$db_pass){ echo "couldnt get informtion"; }
 
    else{
 
        if($db_user == $user && $db_pass == $pass){
 
           $_SESSION['username'] = $db_user;
 
            echo "Welcome Admin - You have Admin Access <a href=admin.php>click here to continue</a>";
 
        }
 
        else{ echo "You do not have permission to access this area, sorry <a href=login.php>click here to go back</a>"; }
 
    }
 
    mysql_free_result($result);
 
?>
 
 
  1.  
  2. <?
  3.  
  4.     function get_data_by_method($method_hash,$element){
  5.  
  6.         foreach ($method_hash as $key => $value){
  7.  
  8.             if($key == $element){ return $value; }
  9.  
  10.         }
  11.  
  12.         return "";
  13.  
  14.     }
  15.  
  16.  
  17.  
  18.  
  19.  
  20.   $submit = get_data_by_method($_POST,"submit");
  21.  
  22.     $user = get_data_by_method($_POST,"username");
  23.  
  24.     $pass = md5(get_data_by_method($_POST,"password"));
  25.  
  26.     if(!isset($db_user)){$db_user = false;}
  27.  
  28.     if(!isset($db_pass)){$db_pass = false;}
  29.  
  30.  
  31.  
  32.     $username = "";
  33.  
  34.     $password = "";
  35.  
  36.     $host = "";
  37.  
  38.     $database = "";
  39.  
  40.     mysql_connect($host,$username,$password) or die("Cannot connect to the database.<br>" . mysql_error());
  41.  
  42.     mysql_select_db($database) or die("Cannot select the database.<br>" . mysql_error());
  43.  
  44.     $result = mysql_query("SELECT username,password FROM userdata WHERE username='".$user."' and password='".$pass."';");
  45.  
  46.     while ($row = mysql_fetch_array($result, MYSQL_BOTH)) {
  47.  
  48.         $db_user = $row["username"];
  49.  
  50.         $db_pass = $row["password"];
  51.  
  52.     }
  53.  
  54.  
  55.  
  56.     if(!$db_user || !$db_pass){ echo "couldnt get informtion"; }
  57.  
  58.     else{
  59.  
  60.         if($db_user == $user && $db_pass == $pass){
  61.  
  62.            $_SESSION['username'] = $db_user;
  63.  
  64.             echo "Welcome Admin - You have Admin Access <a href=admin.php>click here to continue</a>";
  65.  
  66.         }
  67.  
  68.         else{ echo "You do not have permission to access this area, sorry <a href=login.php>click here to go back</a>"; }
  69.  
  70.     }
  71.  
  72.     mysql_free_result($result);
  73.  
  74. ?>
  75.  
  76.  



Then, on any page you wish to protect with a login:

PHP Code: [ Select ]
 
 
 
<?
 
  if(!$_SESSION['username']){header("Location: login.php");}
 
?>
 
 
 
 
  1.  
  2.  
  3.  
  4. <?
  5.  
  6.   if(!$_SESSION['username']){header("Location: login.php");}
  7.  
  8. ?>
  9.  
  10.  
  11.  
  12.  


Then, when you want to log out:
PHP Code: [ Select ]
 
<?
 
  $_SESSION['username'] = false;
 
  session_destroy();
 
?>
 
 
 
 
 
Give that a try instead of cookies.
 
 
 
.c
  1.  
  2. <?
  3.  
  4.   $_SESSION['username'] = false;
  5.  
  6.   session_destroy();
  7.  
  8. ?>
  9.  
  10.  
  11.  
  12.  
  13.  
  14. Give that a try instead of cookies.
  15.  
  16.  
  17.  
  18. .c
  • Nem
  • Guru
  • Guru
  • No Avatar
  • Joined: Feb 13, 2004
  • Posts: 1243
  • Loc: UK
  • Status: Offline

Post June 30th, 2004, 7:05 am

i fixed it carnix! read topic title :P [solved]
GSDomains.com -Click here - Packages starting from £3.69 a month. 1.5GB Space & 10GB Bandwidth.
  • Carnix
  • Guru
  • Guru
  • User avatar
  • Joined: Apr 28, 2004
  • Posts: 1099
  • Status: Offline

Post June 30th, 2004, 7:22 am

Ah, excellent!
.c
  • Nem
  • Guru
  • Guru
  • No Avatar
  • Joined: Feb 13, 2004
  • Posts: 1243
  • Loc: UK
  • Status: Offline

Post June 30th, 2004, 7:25 am

one thing though :$

i created a news script to add/edit/delete from a dbase.

But i got a table like this...

Code: [ Select ]
<table width="90%" height="109" border="1" cellpadding="0" cellspacing="0" bordercolor="666666" class="newstable">
       <tr>
        <td height="21" class="news_title">Title</td>
       </tr>
       <tr>
        <td height="63" align="right" valign="bottom" class="news_bg"><br>
         <font size="2" face="Verdana, Arial, Helvetica, sans-serif"><em><br>
         Click here for more...</em></font></td>
       </tr>
       <tr>
        <td height="12" class="news_title">
         <div align="right"><font size="1" face="Verdana, Arial, Helvetica, sans-serif">Posted
          By: $USER Date: $Date</font></div></td>
       </tr>
      </table>
      <br>
  1. <table width="90%" height="109" border="1" cellpadding="0" cellspacing="0" bordercolor="666666" class="newstable">
  2.        <tr>
  3.         <td height="21" class="news_title">Title</td>
  4.        </tr>
  5.        <tr>
  6.         <td height="63" align="right" valign="bottom" class="news_bg"><br>
  7.          <font size="2" face="Verdana, Arial, Helvetica, sans-serif"><em><br>
  8.          Click here for more...</em></font></td>
  9.        </tr>
  10.        <tr>
  11.         <td height="12" class="news_title">
  12.          <div align="right"><font size="1" face="Verdana, Arial, Helvetica, sans-serif">Posted
  13.           By: $USER Date: $Date</font></div></td>
  14.        </tr>
  15.       </table>
  16.       <br>


i connect to dbase, and "SELECT * FROM news WHERE"...

How do i insert this on to the table and make it loop until it has input all the news? there is an id on the news table btw.
GSDomains.com -Click here - Packages starting from £3.69 a month. 1.5GB Space & 10GB Bandwidth.
  • Nem
  • Guru
  • Guru
  • No Avatar
  • Joined: Feb 13, 2004
  • Posts: 1243
  • Loc: UK
  • Status: Offline

Post June 30th, 2004, 7:47 am

dont worry, i done it.
GSDomains.com -Click here - Packages starting from £3.69 a month. 1.5GB Space & 10GB Bandwidth.

1, 2, 3, 4

Post Information

  • Total Posts in this topic: 51 posts
  • Users browsing this forum: No registered users and 251 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 2011 Unmelted, LLC. Ozzu® is a registered trademark of Unmelted, LLC.