November 18, 2008 11:38pm pst

10.15.2008 at 11:11AM PDT, ID: 23817714

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

9.3

validation using sessions

Asked by sendhelp in PHP Scripting Language, PHP and Databases

Tags: PHP

I am trying to change from using cookies for login to usign sessions and I am having problems. Now my screen shows up blank. What should I be doing instead.Start Free Trial

         
           
             1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
128:

           
           
             <?php session_start();?>
<?php
//  location of this script
$thisfile = "login.php";
//  relative path location of the authentication script
$auth = "validate.php";
 
//  if the cookie has been set, if not, go to login screen
if (!isset($_SESSION['level'])) {
echo "<meta http-equiv=\"refresh\" content=\"0;URL=$auth?url=$thisfile\">";
} else {
$level = "$_SESSION['level']";
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
 
<?php
//level for views.
if ($level < 1) {
?>
<h1>Welcome Administrator<h1>
<h5><a href="<?php echo "$auth?url=$thisfile&cmd=logout"; ?>">LOGOUT</a></h5>
<?php
} else {
?>
<h1>SECURITY ALERT</h1>
<p>You do not have sufficient level to view this information.</p>
<meta http-equiv="refresh" content="2;URL=<? echo "$auth?url=$thisfile"; ?>>
<?php 
} 
} 
?>
</body>
</html>
 
 
validate.php
<?php session_start();  
$_SESSION['level'] = 'level';  ?>
<?php
define('DBSERVER', 'localhost');
define('DATABASE', '********');
define('USER', '********');
define('PASSWRD', '********');
define('TABLE', 'users');
$thisfile = basename($SCRIPT_NAME);
$url = $_REQUEST['url'];
$cmd = $_REQUEST['cmd'];
$goto = $thisfile."?url=".$url;
if ($cmd == "logout") {
//let's delete the cookie
unset($_SESSION['level'];
$message = "<p>You have been logged out.</p>";
}
if ($cmd == "verify") {
$slogin = $_POST['username'];
$spassword = $_POST['password'];
//find the login
$sql="SELECT password, level FROM " . TABLE .  " WHERE login='$slogin'";
$connection = mysql_connect(DBSERVER,USER,PASSWRD);
$selectdb = mysql_select_db(DATABASE);
$result = mysql_query($sql);
if(mysql_num_rows($result) == 0) {
  //login was not found
  $message = "<p>Username was not found.  Try again? </p>";   
} else {
  //see what that password is
  $row = mysql_fetch_array($result, MYSQL_ASSOC) ;
  $password = $row['password'];
  $level = $row['level'];
  if($password == $spassword) {
	//that's a match
    $message = "<p>Your level level is $level.</p>";
    //set session
	 echo $_SESSION['level'];
	//redirect
	$goto = $url;
  } else {
	//login okay, password did not match
    $message = "<p>Password did not match username.  Try again? </p>";
  } 
}
mysql_close($connection);
}
?>
 
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>User Validation</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<?php 
if (($cmd == "verify") or ($cmd == "logout")) {
echo "$message"; 
?>
<meta http-equiv="refresh" content="2;URL=<?php echo "$goto";?>">
<?php } else { ?>
<h3 align="center">Please enter database username and password:</h3>
<form name="form1" method="post" action="<?php echo "$thisfile";?>">
  <div align="center">
    <table border="0">
      <tr> 
        <td><strong>Username</strong>:</td>
        <td><input name="username" type="text" size="20" maxlength="20"></td>
      </tr>
      <tr> 
        <td><strong>Password</strong>:</td>
        <td><input name="password" type="password" id="password" size="20" maxlength="20"> 
        </td>
      </tr>
      <tr> 
        <td colspan="2"><input type="submit" name="Submit" value="Submit"> <input name="Reset" type="reset" id="Reset" value="Reset"></td>
      </tr>
    </table>
    <input name="cmd" type="hidden" id="cmd" value="verify">
    <input name="url" type="hidden" id="url" value="<?php echo "$url" ?>">
  </div>
</form>
<?php } ?>
</body>
</html>

           
         

Keywords: validation using sessions

	Title
1	Sessions Time Out
2	Login System Problem with cookies an…
3	session_start() [function.sessio…
4	Session
5	Session for Login Module
6	Session management

Loading Advertisement...

20080716-EE-VQP-32 - Hierarchy / EE_QW_2_20070628

1. hielo 1,856,558
2. hernst42 873,109
3. Ray_Pas... 493,326
4. logudotcom 369,338
5. angelIII 363,759
6. Roonaan 324,309
7. Squinky 319,319
8. ddrudik 290,528
9. RQuadling 267,962
10. glcummins 264,749
11. routinet 256,214
12. nplib 229,436
13. bportlock 189,935
14. Xyptilon2 181,581
15. yodercm 175,174
16. b0lsc0tt 162,320
17. ali_kayahan 135,432
18. dr_dedo 129,863
19. cxr 128,514
20. darron_c... 126,396
21. Michael701 121,189
22. Tchuki 120,335
23. fibo 113,065
24. gamebits 111,677
25. rowejd 110,480

1. hernst42 2,439,187
2. Roonaan 2,038,628
3. hielo 1,897,083
4. TeRReF 1,246,909
5. Diablo84 1,046,676
6. Squinky 1,015,924
7. angelIII 963,965
8. RQuadling 809,664
9. glcummins 751,662
10. steelseth12 650,695
11. snoyes_jw 589,263
12. Ray_Pas... 495,326
13. ldbkutty 468,085
14. Batalf 452,611
15. nizsmo 451,170
16. Zyloch 433,586
17. yodercm 427,888
18. routinet 420,026
19. logudotcom 394,050
20. nicholass... 391,903
21. b0lsc0tt 383,726
22. gamebits 353,443
23. ddrudik 335,803
24. nplib 334,921
25. MasonWolf 333,458

validation using sessions

Asked by sendhelp in PHP Scripting Language, PHP and Databases

Tags: PHP

About this solution