mnoel76
asked on
Need help enabling session_start variable.....it does not seem to be working properly??
I have a login page that should check to see if the user is authenticatedor logged in when the user clicks 'My Account' button but it is just reloading the login page even though in the top left corner of the page it shows user is logged in.
What should happen is it check of there is a session variable and if so take that user to his account info. if not it should load the login.php page
Can you look at the code to see whats going on...dont quiet understand what going on in this login form.
Thanks
<?php
require_once('Connections/ myconn.php ');
// *** Validate request to login to this site.
unset($_SESSION['MM_Userna me']);
unset($_SESSION['MM_UserGr oup']);
unset($_SESSION['memberId' ]);
session_unregister('MM_Use rname');
session_unregister('MM_Use rGroup');
session_unregister('member Id');
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($accesscheck)) {
session_register('PrevUrl' );
$_SESSION['PrevUrl'] = $accesscheck;
}
if (isset($_POST['username']) ) {
$loginUsername=$_POST['use rname'];
$password=$_POST['password '];
$MM_fldUserAuthorization = "login_check.php";
$MM_redirectLoginSuccess = "memberindex.php";
$MM_redirectLoginFailed = "login.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_ myconn, $myconn);
$LoginRS__query=sprintf("S ELECT id,email,name, password FROM members WHERE email='%s' AND password='%s' and active = 'Yes' ",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername) , get_magic_quotes_gpc() ? $password : addslashes($password));
$LoginRS = mysql_query($LoginRS__quer y, $myconn) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
//admin type
$loginStrGroup = "MEMBER";
$array = mysql_fetch_assoc($LoginRS );
//$GLOBALS['memberID'] = $array['id'];
//$GLOBALS['memberName'] = $array['name'];
//declare two session variables and assign them
// $GLOBALS['MM_Username'] = $loginUsername;
// $GLOBALS['MM_UserGroup'] = $loginStrGroup;
//register the session variables
session_register("MM_Usern ame");
$_SESSION['MM_Username'] = $loginUsername;
session_register("MM_UserG roup");
$_SESSION['MM_UserGroup'] = $loginStrGroup;
session_register("memberID ");
$_SESSION['memberID'] = $array['id'];
session_register("memberNa me");
$_SESSION['memberName'] = $array['name'];
mysql_query('update members set last_login = NOW() where id = '.$array['id'],$myconn) or die(mysql_error());
if (isset($_SESSION['PrevUrl' ]) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
include('header.php');
?>
<FORM ACTION="<?php echo $loginFormAction; ?>" METHOD="POST" >
What should happen is it check of there is a session variable and if so take that user to his account info. if not it should load the login.php page
Can you look at the code to see whats going on...dont quiet understand what going on in this login form.
Thanks
<?php
require_once('Connections/
// *** Validate request to login to this site.
unset($_SESSION['MM_Userna
unset($_SESSION['MM_UserGr
unset($_SESSION['memberId'
session_unregister('MM_Use
session_unregister('MM_Use
session_unregister('member
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($accesscheck)) {
session_register('PrevUrl'
$_SESSION['PrevUrl'] = $accesscheck;
}
if (isset($_POST['username'])
$loginUsername=$_POST['use
$password=$_POST['password
$MM_fldUserAuthorization = "login_check.php";
$MM_redirectLoginSuccess = "memberindex.php";
$MM_redirectLoginFailed = "login.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_
$LoginRS__query=sprintf("S
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername)
$LoginRS = mysql_query($LoginRS__quer
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
//admin type
$loginStrGroup = "MEMBER";
$array = mysql_fetch_assoc($LoginRS
//$GLOBALS['memberID'] = $array['id'];
//$GLOBALS['memberName'] = $array['name'];
//declare two session variables and assign them
// $GLOBALS['MM_Username'] = $loginUsername;
// $GLOBALS['MM_UserGroup'] = $loginStrGroup;
//register the session variables
session_register("MM_Usern
$_SESSION['MM_Username'] = $loginUsername;
session_register("MM_UserG
$_SESSION['MM_UserGroup'] = $loginStrGroup;
session_register("memberID
$_SESSION['memberID'] = $array['id'];
session_register("memberNa
$_SESSION['memberName'] = $array['name'];
mysql_query('update members set last_login = NOW() where id = '.$array['id'],$myconn) or die(mysql_error());
if (isset($_SESSION['PrevUrl'
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
include('header.php');
?>
<FORM ACTION="<?php echo $loginFormAction; ?>" METHOD="POST" >
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER