• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 170
  • Last Modified:

Do if with the session.

if  "$user" = "$user"
{
      echo "<p>still in the secure area.</p>";
      include ("secure.php");
      exit;
}

else

echo "sign out already";
0
CONDOI
Asked:
CONDOI
1 Solution
 
ldbkuttyCommented:
Do you want something like this :

<?php
   
    session_start();
    if ( isset( $_SESSION["user"] ) && !empty( $_SESSION["user"] ) )
    {
        echo "<p>still in the secure area.</p>";
        include ( "secure.php" );
        exit();
    }
    else
        echo "sign out already";

?>
0
 
msimionCommented:
in order to be able to check your session vars you must call session_start() function in every page prior to start checking session vars existence. you can put the call in your header to be absolved of this worry, since you must include the header on every page of the site. the approach presented in the post above is ok, i am using a similar one too.

pls check out my post on this thread
http://www.experts-exchange.com/Web/Web_Languages/PHP/PHP_Databases/Q_21332607.html

kind regards,
mircea
0
 
4RabbitsCommented:
Maybe this will help you, its a simple login secure site that also prevents against SQL injection.

-------------------- login.php ----------------------
session_start();

$res_login = mysql_query("SELECT username,first_name,last_name FROM users WHERE username = '" . mysql_escape_string($_POST['username'] . "' AND password = '" . mysql_escape_string($_POST['password'] . "' ");

if(mysql_num_rows($res_login) == 1){
    $arr_user = mysql_fetch_array($res_login);
    $_SESSION['username'] == $arr_user['username'];
    $_SESSION['first_name'] == $arr_user['first_name'];
    $_SESSION['last_name'] == $arr_user['last_name'];
    header("Location: members.php");
    exit;
} else {
    echo "invalid username/password";
}


------- top of any page that requires login ----------------
session_start();
if($_SESSION['username'] == ""){
    header("Location: login.php");
    exit;
}

>>>
4Rabbits.
0
 
neesterCommented:
No comment has been added to this question in more than 21 days, so it is now classified as abandoned..
I will leave the following recommendation for this question in the Cleanup topic area:
Split between 4Rabbits, msimion and ldbkutty

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

- Neester -
EE Cleanup Volunteer
0
 
neesterCommented:
No comment has been added to this question in more than 21 days, so it is now classified as abandoned..
I will leave the following recommendation for this question in the Cleanup topic area:
Accept 4Rabbits solution

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

- Neester -
EE Cleanup Volunteer
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now