Help annoying problem

Forge · 02-01-2008, 03:04 PM

You may think this is simple. But im doing everything right and its not working.
I want it so that only logged in members can see a page. But when i logout and go to the page the content turns up!
Its sodding simple and its not working. Any ideas?

Thanks
- Luke

Invent · 02-01-2008, 03:11 PM

Sessions:

PHP Code:


<?php
session_start();

if(isset($_SESSION['session_var']))
{

// Content goes here

}
else
{

die(); // End html

}
?>

Cookies

PHP Code:


<?php
ob_start();

if(isset($_COOKIE['session_var']))
{

    // Content goes here

}
else
{

    die(); // End html

}
?>

Forge · 02-01-2008, 03:14 PM

right its working but it keeps showing me the content that the logged out person should see.

Invent · 02-01-2008, 03:17 PM

Paste your code.

Forge · 02-01-2008, 03:22 PM

login.php

<?php
echo("
<form action='validation.php' method='post'>
Username: <input type='text' name='username' size='20'><br><br>
Password: <input type='password' name='password' size='20'><br><br>
<input type='submit' name='submit' value='login'>
</form>
");
?>

validation.php

<?php
require("includes/connect.php");
$username=$_POST['username'];
$password=$_POST['password'];
$sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1){
session_register("username");
session_register("password");
echo("<meta HTTP-EQUIV='REFRESH' content='2; url=main.php'>");
}
else {
echo "Wrong Username or Password";
}
?>

main.php

<?php
session_start();
if(!session_is_registered("username"))
{
echo("user sees thus");
}
?>

Invent · 02-01-2008, 03:32 PM

Ew, ew, ew.

PHP Code:


<?php
session_start();
require("includes/connect.php");

function clean($var)
{
    
    $var = htmlspecialchars( $var, ENT_QUOTES );

    if( get_magic_quotes_gpc(   ) ) {

        $var = stripslashes( $var );
                
    }
            
    $var = htmlentities( $var );
    $var = mysql_real_escape_string( $var );
    
    return $var;

}

// Declare variables
$username = clean($_POST['username']);
$password = clean($_POST['password']);

// Define SQL Query and execute it
$sql = "SELECT * FROM `".$tbl_name."` WHERE `username` = '".$username."' AND`password` = '".$password."'";
$result = mysql_query($sql) or die("MySQL could not execute the query: ".mysql_error());

// Count the rows
$count = mysql_num_rows($result) or die("MySQL could not execute the query: ".mysql_error());

if($count === 1)
{

    $_SESSION["username"] = $username;
    /* We're not making a session for the password as why is it needed?.. */
    echo("<meta HTTP-EQUIV='REFRESH' content='2; url=main.php'>");

}
else
{

    echo "Wrong Username or Password";

}
?>

PHP Code:


<?php
session_start();

if(isset($_SESSION["username"]))
{

    echo("user sees thus");

}

?>

Forge · 02-01-2008, 03:36 PM

Thanks for the help pal! Your a good un'

+rep if i can

Invent · 02-01-2008, 03:36 PM

No problem

I hope your script works now ^^.

Forge · 02-01-2008, 03:41 PM

It doesnt lol but i know why now. Thanks again!
Sorry cant rep you

stupid vb

Thread: Help annoying problem

Thread Tools

Help annoying problem

Posting Permissions