Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 389
  • Last Modified:

I need help on limiting accounts features by their login I am using php and mysql

I think my problem is that I cannot get session information to post from the login page to the index.php page I have tried very unsuccsessfully at it though.
this is what i think is suppose to go at the top of every page:
<?php

// Inialize session
session_start();

// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['username']))
elseif (!isset ($_SESSION['allow'] => 1))


{
        header('Location: index.html');
}
 $username1 = $_SESSION['username'];

?>Here is the my index.html that has the login form on it:
 
<html>
<head>
<title>Welcome to Passport to Languages!</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<meta name="description" content="Passport to Languages provides interpretation and translation services on-site by phone, by fax, or by e-mail.  We specialize in legal, medical, dental, business, and other professional translation and interpretation needs.  We serve our customers 24 hours, 7 days per week." />
<meta name="keywords" content="interpretation, translation, interpret, translate, medical, dental, legal, business, professional, 24 hours, communication, travel, ESL, language, translator, interpretor, language link, passport to languages" />
</head>

<body bgcolor="#FFFFFF">
<div align="center">
 
<table border="0" cellpadding="0" cellspacing="0" width="576">
  <tr><!-- spacing row, 0 height. -->
   <td><img src="images/passport_mai_00.gif" width="16" height="1" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="102" height="1" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="151" height="1" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="64" height="1" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="243" height="1" border="0" /></td>
  </tr>
  <tr><!-- row 01 -->
    <td rowspan="1" colspan="4"><img name="Npassportmain_01_01" src="images/logo.gif" width="333" height="113" border="0" /></td>
      <td rowspan="1" colspan="1"><img name="Npassportmain_01_05" src="images/languagelink.gif" width="243" height="113" border="0" usemap="#Language Link" /></td>
   <td><img src="images/passport_mai_00.gif" width="1" height="113" border="0" /></td>
  </tr>
  <tr><!-- row 02 -->
    <td rowspan="1" colspan="2"><img name="Npassportmain_02_01" src="images/blank1.gif" width="118" height="32" border="0" /></td>
    <td rowspan="1" colspan="3"><img name="Npassportmain_02_03" src="images/passport_mai_02_03.gif" width="458" height="32" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="1" height="32" border="0" /></td>
  </tr>
  <tr><!-- row 03 -->
    <td rowspan="2" colspan="1"><img name="Npassportmain_03_01" src="images/blank2.gif" width="16" height="239" border="0" /></td>
      <td rowspan="1" colspan="2"><img name="Npassportmain_03_02" src="images/links.gif" width="253" height="143" border="0" usemap="#Main Links" /></td>
    <td rowspan="2" colspan="2"><img name="Npassportmain_03_04" src="images/passport_mai_03_04.gif" width="307" height="239" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="1" height="143" border="0" /></td>
  </tr>
  <tr><!-- row 04 -->
    <td rowspan="1" colspan="1"><img name="Npassportmain_04_02" src="images/blank3.gif" width="102" height="96" border="0" /></td>
    <td rowspan="1" colspan="1"><img name="Npassportmain_04_03" src="images/passport_mai_04_03.gif" width="151" height="96" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="1" height="96" border="0" /></td>
  </tr>
</table>

<form name="login" method="post" action="login.php">
<table border="0" width="225" align="center">
    <tr>
        <td width="219" bgcolor="#999999">
            <p align="center"><font color="white"><span style="font-size:12pt;"><b>Login</b></span></font></p>
        </td>
    </tr>
    <tr>
        <td width="219">
            <table border="0" width="220" align="center">
                <tr>
                    <td width="71"><span style="font-size:10pt;">Username:</span></td>
                    <td width="139"><input type="text" name="username"></td>
                </tr>
                <tr>
                    <td width="71"><span style="font-size:10pt;">Password:</span></td>
                    <td width="139"><input type="password" name="password"></td>
                </tr>
                <tr>
                    <td width="71">&nbsp;</td>
                        <td width="139">
                            <p align="right"><input type="submit" name="submit" value="Submit"></p>
                        </td>
                </tr>
            </table>
        </td>
    </tr>
    <tr>
        <td width="219" bgcolor="#999999"><font color="white"> </font><a href="register/register.htm" target="_self"><font color="white"></font></a><font color="white"> </font><b><i><font color="white"></font></i></b></td>
    </tr>
</table>
</form>



  <p><font face="Arial, Helvetica, sans-serif" size="-1"><a href="../about/index.html">[About
    Our Company]</a><a href="../services/index.html">[Service Request]</a><a href="../info/index.html">[Information
    Request]</a><br />
    <a href="../employment/index.html">[Employment Info]</a><a href="../languages/index.html">[Available
    Languages]</a><a href="../contact/index.html">[Contact Us]</a></font></p>
</div>

<map name="Buttons">
  <area shape="rect" coords="0,117,136,139" href="contact/index.html" />
  <area shape="rect" coords="1,94,211,116" href="languages/index.html" />
  <area shape="rect" coords="270,113,256,119" />
  <area shape="rect" coords="1,72,253,93" href="employment/index.html" />
  <area shape="rect" coords="0,49,212,70" href="info/index.html" />
  <area shape="rect" coords="0,25,180,46" href="services/index.html" />
  <area shape="rect" coords="1,1,213,24" href="about/index.html" />
</map> <map name="Main Links">
  <area shape="rect" coords="0,117,132,139" href="contact/index.html" />
  <area shape="rect" coords="0,94,211,116" href="languages/index.html" />
  <area shape="rect" coords="0,72,249,93" href="employment/index.html" />
  <area shape="rect" coords="0,47,211,71" href="info/index.html" />
  <area shape="rect" coords="0,25,175,46" href="services/index.html" />
  <area shape="rect" coords="1,0,209,23" href="about/index.html" />
</map> <map name="Language Link">
  <area shape="rect" coords="27,35,51,55" href="about/index.html" />
  <area shape="rect" coords="52,12,193,95" href="about/index.html" />
</map>
</body>
</html>

Here is my login.php


<?php

//Database Information

$dbhost = "";
$dbname = "";
$dbuser = "";
$dbpass = "";

//Connect to database

mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());

session_start();
$username = $_POST['username'];
$password = md5($_POST['password']);


$login = mysql_query ("select * FROM members WHERE username='$username' and password='$password'");
$allow=mysql_query('select * FROM members WHERE allowed='$allowed'");
if (mysql_num_rows($login) == 1)

{

$_SESSION['username'] = "$username";

header('Location: index.php');

}
else {

   
header('Location: index.html');
  }
?>


This is what the users see after they have succesfully loged on




<?php

// Inialize session
session_start();

// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['username']))
 


{
        header('Location: index.html');
}
 $username1 = $_SESSION['username'];

?>
<html>

<head>
  <title>Secured Page</title>
</head>

<body>

<p>This is a secured page with session: <b><?php echo $username1; ?></b>

<p><a href="logout.php">Logout</a></p>
<p><a href="members.php">Members Profile</a></p>


<p><a href="form.php">Search filemaker database</a></p>
<p><a href="membersonly/services/index.php">Request Service
<html>
<head>
<title>Welcome to Passport to Languages!</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<meta name="description" content="Passport to Languages provides interpretation and translation services on-site by phone, by fax, or by e-mail.  We specialize in legal, medical, dental, business, and other professional translation and interpretation needs.  We serve our customers 24 hours, 7 days per week." />
<meta name="keywords" content="interpretation, translation, interpret, translate, medical, dental, legal, business, professional, 24 hours, communication, travel, ESL, language, translator, interpretor, language link, passport to languages" />
</head>

<body bgcolor="#FFFFFF">
<div align="center">
 
<table border="0" cellpadding="0" cellspacing="0" width="576">
  <tr><!-- spacing row, 0 height. -->
   <td><img src="images/passport_mai_00.gif" width="16" height="1" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="102" height="1" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="151" height="1" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="64" height="1" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="243" height="1" border="0" /></td>
  </tr>
  <tr><!-- row 01 -->
    <td rowspan="1" colspan="4"><img name="Npassportmain_01_01" src="images/logo.gif" width="333" height="113" border="0" /></td>
      <td rowspan="1" colspan="1"><img name="Npassportmain_01_05" src="images/languagelink.gif" width="243" height="113" border="0" usemap="#Language Link" /></td>
   <td><img src="images/passport_mai_00.gif" width="1" height="113" border="0" /></td>
  </tr>
  <tr><!-- row 02 -->
    <td rowspan="1" colspan="2"><img name="Npassportmain_02_01" src="images/blank1.gif" width="118" height="32" border="0" /></td>
    <td rowspan="1" colspan="3"><img name="Npassportmain_02_03" src="images/passport_mai_02_03.gif" width="458" height="32" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="1" height="32" border="0" /></td>
  </tr>
  <tr><!-- row 03 -->
    <td rowspan="2" colspan="1"><img name="Npassportmain_03_01" src="images/blank2.gif" width="16" height="239" border="0" /></td>
      <td rowspan="1" colspan="2"><img name="Npassportmain_03_02" src="images/links.gif" width="253" height="143" border="0" usemap="#Main Links" /></td>
    <td rowspan="2" colspan="2"><img name="Npassportmain_03_04" src="images/passport_mai_03_04.gif" width="307" height="239" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="1" height="143" border="0" /></td>
  </tr>
  <tr><!-- row 04 -->
    <td rowspan="1" colspan="1"><img name="Npassportmain_04_02" src="images/blank3.gif" width="102" height="96" border="0" /></td>
    <td rowspan="1" colspan="1"><img name="Npassportmain_04_03" src="images/passport_mai_04_03.gif" width="151" height="96" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="1" height="96" border="0" /></td>
  </tr>
</table>




  <p><font face="Arial, Helvetica, sans-serif" size="-1"><a href="../about/index.html">[About
    Our Company]</a><a href="membersonly/services/index.php">[Service Request]</a><a href="membersonly/info/index.php">[Information
    Request]</a><br />
    <a href="../employment/index.html">[Employment Info]</a><a href="../languages/index.html">[Available
    Languages]</a><a href="../contact/index.html">[Contact Us]</a></font></p>
</div>

<map name="Buttons">
  <area shape="rect" coords="0,117,136,139" href="contact/index.html" />
  <area shape="rect" coords="1,94,211,116" href="languages/index.html" />
  <area shape="rect" coords="270,113,256,119" />
  <area shape="rect" coords="1,72,253,93" href="employment/index.html" />
  <area shape="rect" coords="0,49,212,70" href="info/index.html" />
  <area shape="rect" coords="0,25,180,46" href="services/index.html" />
  <area shape="rect" coords="1,1,213,24" href="about/index.html" />
</map> <map name="Main Links">
  <area shape="rect" coords="0,117,132,139" href="contact/index.html" />
  <area shape="rect" coords="0,94,211,116" href="languages/index.html" />
  <area shape="rect" coords="0,72,249,93" href="employment/index.html" />
  <area shape="rect" coords="0,47,211,71" href="info/index.html" />
  <area shape="rect" coords="0,25,175,46" href="services/index.html" />
  <area shape="rect" coords="1,0,209,23" href="about/index.html" />
</map> <map name="Language Link">
  <area shape="rect" coords="27,35,51,55" href="about/index.html" />
  <area shape="rect" coords="52,12,193,95" href="about/index.html" />
</map>
NOTICE: This information  may be sensitive and/or private, thus subject to HIPAA privacy and security  regulations. This information is not to be shared or distributed to persons  without a right or business need to know.<br />
</body>
</html>
0
lostinfmland
Asked:
lostinfmland
  • 10
  • 10
  • 2
  • +1
1 Solution
 
fabzster187Commented:
Hi

your session_start(); must be the very first line in the file on both files using sessions in order to pass them
0
 
lostinfmlandAuthor Commented:
does it need to be on the login.php as well?
0
 
fabzster187Commented:
It depends on where u setting the session...

If you only set the session on the login.php it and the pages ur trying to restrict access to need to have the session_start();

On every page that you would need to use sessions session_start(); must be at the very first line and not have anything above it.

 
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
lostinfmlandAuthor Commented:
did not work i must have something else wrong
0
 
fabzster187Commented:
to check if the sessions are set u could just print them on each page
print $_SESSION['username'] ;
print $_SESSION['allow'];

Open in new window


also I see that in the mysql_query you u use the variable $allowed, where is this set?
'select * FROM members WHERE allowed='$allowed'"

Open in new window

0
 
lostinfmlandAuthor Commented:
I tried to echo but it came up blank
<?php

// Inialize session
session_start();
$_SESSION['allowed'];
echo $_SESSION['allowed'];

// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['username']))
 


{
        header('Location: index.html');
0
 
lostinfmlandAuthor Commented:
allowed is manually set in mysql
0
 
lostinfmlandAuthor Commented:
the only thing that prints is the username and the password none of the other fields are displaying

<?php

// Inialize session
session_start();
$_SESSION['allowed'];
$_SESSION['contact_name'];
print $_SESSION['contact_name'];
print $_SESSION['username'];

// Check, if username session is NOT set then this page will jump to login page
if (!isset($_SESSION['username']))
 

0
 
Jagadishwor DulalBraces MediaCommented:
Hi lostinfmland

Obviously you must start your session before any other code exist.
Use this code in your session check you may create a seperate file for it. and include in every page where you need to check as you metion above you must not include this one in login.php but you must start session. I have given this page check.php don't forget.

<?php
session_start();
if (!isset($_SESSION['username'])|| $_SESSION['allowed'] !== true) {
session_unset();
   header('Location:index.html');
   exit;
}
?>

Open in new window


In your login.php change code like below:
<?php
session_start();
$dbhost = "";
$dbname = "";
$dbuser = "";
$dbpass = "";
mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());
$username = $_POST['username'];
$password = $_POST['password'];
$q="select * FROM members WHERE username='$username' and password='$password'";
$login = mysql_query ($q);
$row=mysql_fetch_assoc($login);
if(mysql_num_rows($login)>0){
	$_SESSION['username']=$row['username'];
	$_SESSION['allowed']=$row['allowed'];
if(($_SESSION['allowed']>=1) && ($_SESSION['username']!="")){
	$_SESSION['allowed']=true;
	header('Location: index.php');
}else {
	header('Location: index.html');
  }
}

?>

Open in new window


And now your index.php is :

<html>
<head>
  <title>Secured Page</title>
</head>

<body>

<p>This is a secured page with session: <b><?php echo $username; ?></b>

<p><a href="logout.php">Logout</a></p>
<p><a href="members.php">Members Profile</a></p>


<p><a href="form.php">Search filemaker database</a></p>
<p><a href="membersonly/services/index.php">Request Service
<html>
<head>
<title>Welcome to Passport to Languages!</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<meta name="description" content="Passport to Languages provides interpretation and translation services on-site by phone, by fax, or by e-mail.  We specialize in legal, medical, dental, business, and other professional translation and interpretation needs.  We serve our customers 24 hours, 7 days per week." />
<meta name="keywords" content="interpretation, translation, interpret, translate, medical, dental, legal, business, professional, 24 hours, communication, travel, ESL, language, translator, interpretor, language link, passport to languages" />
</head>

<body bgcolor="#FFFFFF">
<div align="center">
 
<table border="0" cellpadding="0" cellspacing="0" width="576">
  <tr><!-- spacing row, 0 height. -->
   <td><img src="images/passport_mai_00.gif" width="16" height="1" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="102" height="1" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="151" height="1" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="64" height="1" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="243" height="1" border="0" /></td>
  </tr>
  <tr><!-- row 01 -->
    <td rowspan="1" colspan="4"><img name="Npassportmain_01_01" src="images/logo.gif" width="333" height="113" border="0" /></td>
      <td rowspan="1" colspan="1"><img name="Npassportmain_01_05" src="images/languagelink.gif" width="243" height="113" border="0" usemap="#Language Link" /></td>
   <td><img src="images/passport_mai_00.gif" width="1" height="113" border="0" /></td>
  </tr>
  <tr><!-- row 02 -->
    <td rowspan="1" colspan="2"><img name="Npassportmain_02_01" src="images/blank1.gif" width="118" height="32" border="0" /></td>
    <td rowspan="1" colspan="3"><img name="Npassportmain_02_03" src="images/passport_mai_02_03.gif" width="458" height="32" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="1" height="32" border="0" /></td>
  </tr>
  <tr><!-- row 03 -->
    <td rowspan="2" colspan="1"><img name="Npassportmain_03_01" src="images/blank2.gif" width="16" height="239" border="0" /></td>
      <td rowspan="1" colspan="2"><img name="Npassportmain_03_02" src="images/links.gif" width="253" height="143" border="0" usemap="#Main Links" /></td>
    <td rowspan="2" colspan="2"><img name="Npassportmain_03_04" src="images/passport_mai_03_04.gif" width="307" height="239" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="1" height="143" border="0" /></td>
  </tr>
  <tr><!-- row 04 -->
    <td rowspan="1" colspan="1"><img name="Npassportmain_04_02" src="images/blank3.gif" width="102" height="96" border="0" /></td>
    <td rowspan="1" colspan="1"><img name="Npassportmain_04_03" src="images/passport_mai_04_03.gif" width="151" height="96" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="1" height="96" border="0" /></td>
  </tr>
</table>




  <p><font face="Arial, Helvetica, sans-serif" size="-1"><a href="../about/index.html">[About
    Our Company]</a><a href="membersonly/services/index.php">[Service Request]</a><a href="membersonly/info/index.php">[Information
    Request]</a><br />
    <a href="../employment/index.html">[Employment Info]</a><a href="../languages/index.html">[Available
    Languages]</a><a href="../contact/index.html">[Contact Us]</a></font></p>
</div>

<map name="Buttons">
  <area shape="rect" coords="0,117,136,139" href="contact/index.html" />
  <area shape="rect" coords="1,94,211,116" href="languages/index.html" />
  <area shape="rect" coords="270,113,256,119" />
  <area shape="rect" coords="1,72,253,93" href="employment/index.html" />
  <area shape="rect" coords="0,49,212,70" href="info/index.html" />
  <area shape="rect" coords="0,25,180,46" href="services/index.html" />
  <area shape="rect" coords="1,1,213,24" href="about/index.html" />
</map> <map name="Main Links">
  <area shape="rect" coords="0,117,132,139" href="contact/index.html" />
  <area shape="rect" coords="0,94,211,116" href="languages/index.html" />
  <area shape="rect" coords="0,72,249,93" href="employment/index.html" />
  <area shape="rect" coords="0,47,211,71" href="info/index.html" />
  <area shape="rect" coords="0,25,175,46" href="services/index.html" />
  <area shape="rect" coords="1,0,209,23" href="about/index.html" />
</map> <map name="Language Link">
  <area shape="rect" coords="27,35,51,55" href="about/index.html" />
  <area shape="rect" coords="52,12,193,95" href="about/index.html" />
</map>
NOTICE: This information  may be sensitive and/or private, thus subject to HIPAA privacy and security  regulations. This information is not to be shared or distributed to persons  without a right or business need to know.<br />
</body>
</html>

Open in new window

0
 
Jagadishwor DulalBraces MediaCommented:
And be sure I have post this assuming that in your mysql table you have on allowed field value will be  0 or 1 value only. Hope u will understand.
0
 
fabzster187Commented:
$allow = mysql_query("select * FROM members WHERE allowed='{$allowed}'");

Open in new window


$allow is set by the query but where do u set the value for $allowed?
0
 
fabzster187Commented:
surely then u have to make the above query

$allow = mysql_query("select * FROM members WHERE allowed='1' ");

Open in new window

0
 
fabzster187Commented:
Ok here is what I have done

changed the query to reflect the post above, removed the MD5(for testing purposes) from the session and the db  and it works
0
 
lostinfmlandAuthor Commented:
I tried what jagadishdulal suggested I got a blank screen  i checked to make sure that allowed is set to 1
0
 
lostinfmlandAuthor Commented:
fabzster187 could you post your code i am able to get in wether the field is set to 1 or 0
0
 
fabzster187Commented:
Ahh I see why it is doing this

you say:

if (mysql_num_rows($login) == 1)

{

$_SESSION['username'] = "$username";

header('Location: index.php');

}

Open in new window


Basically you are saying that if the first query returns a row  then access is granted
you need to say if both queries give you a result access is granted

like this Change the top if statement

 if (mysql_num_rows($login) == 1) && (mysql_num_rows($allow)== 1)
0
 
fabzster187Commented:
sorry u need to change it to

if ((mysql_num_rows($login) == 1) && (mysql_num_rows($allow)== 1))

Open in new window

0
 
lostinfmlandAuthor Commented:
I tried what you suggested but, it just goes back to the index.html and not to index.php

<?php
//Database Information

$dbhost = "t";
$dbname = ";
$dbuser = "";
$dbpass = ";

//Connect to database

mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());

session_start();
$username = $_POST['username'];
$password = md5($_POST['password']);



$login = mysql_query ("SELECT * FROM members WHERE username='$username' and password='$password'");
$allow = mysql_query ("SELECT * FROM members WHERE $allowed='1'");
if ((mysql_num_rows($login) == 1) && (mysql_num_rows($allow) == 1))

 

{

$_SESSION['username'] = "$username";
header('Location: index.php');

}
else {

   
header('Location: index.html');
  }
?>
0
 
fabzster187Commented:
the code definitely works tested it here.

Index.html
<html>
<head>
<title>Welcome to Passport to Languages!</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<meta name="description" content="Passport to Languages provides interpretation and translation services on-site by phone, by fax, or by e-mail.  We specialize in legal, medical, dental, business, and other professional translation and interpretation needs.  We serve our customers 24 hours, 7 days per week." />
<meta name="keywords" content="interpretation, translation, interpret, translate, medical, dental, legal, business, professional, 24 hours, communication, travel, ESL, language, translator, interpretor, language link, passport to languages" />
</head>

<body bgcolor="#FFFFFF">
<div align="center">
 
<table border="0" cellpadding="0" cellspacing="0" width="576">
  <tr><!-- spacing row, 0 height. -->
   <td><img src="images/passport_mai_00.gif" width="16" height="1" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="102" height="1" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="151" height="1" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="64" height="1" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="243" height="1" border="0" /></td>
  </tr>
  <tr><!-- row 01 -->
    <td rowspan="1" colspan="4"><img name="Npassportmain_01_01" src="images/logo.gif" width="333" height="113" border="0" /></td>
      <td rowspan="1" colspan="1"><img name="Npassportmain_01_05" src="images/languagelink.gif" width="243" height="113" border="0" usemap="#Language Link" /></td>
   <td><img src="images/passport_mai_00.gif" width="1" height="113" border="0" /></td>
  </tr>
  <tr><!-- row 02 -->
    <td rowspan="1" colspan="2"><img name="Npassportmain_02_01" src="images/blank1.gif" width="118" height="32" border="0" /></td>
    <td rowspan="1" colspan="3"><img name="Npassportmain_02_03" src="images/passport_mai_02_03.gif" width="458" height="32" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="1" height="32" border="0" /></td>
  </tr>
  <tr><!-- row 03 -->
    <td rowspan="2" colspan="1"><img name="Npassportmain_03_01" src="images/blank2.gif" width="16" height="239" border="0" /></td>
      <td rowspan="1" colspan="2"><img name="Npassportmain_03_02" src="images/links.gif" width="253" height="143" border="0" usemap="#Main Links" /></td>
    <td rowspan="2" colspan="2"><img name="Npassportmain_03_04" src="images/passport_mai_03_04.gif" width="307" height="239" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="1" height="143" border="0" /></td>
  </tr>
  <tr><!-- row 04 -->
    <td rowspan="1" colspan="1"><img name="Npassportmain_04_02" src="images/blank3.gif" width="102" height="96" border="0" /></td>
    <td rowspan="1" colspan="1"><img name="Npassportmain_04_03" src="images/passport_mai_04_03.gif" width="151" height="96" border="0" /></td>
   <td><img src="images/passport_mai_00.gif" width="1" height="96" border="0" /></td>
  </tr>
</table>

<form name="login" method="post" action="login.php">
<table border="0" width="225" align="center">
    <tr>
        <td width="219" bgcolor="#999999">
            <p align="center"><font color="white"><span style="font-size:12pt;"><b>Login</b></span></font></p>
        </td>
    </tr>
    <tr>
        <td width="219">
            <table border="0" width="220" align="center">
                <tr>
                    <td width="71"><span style="font-size:10pt;">Username:</span></td>
                    <td width="139"><input type="text" name="username"></td>
                </tr>
                <tr>
                    <td width="71"><span style="font-size:10pt;">Password:</span></td>
                    <td width="139"><input type="password" name="password"></td>
                </tr>
                <tr>
                    <td width="71">&nbsp;</td>
                        <td width="139">
                            <p align="right"><input type="submit" name="submit" value="Submit"></p>
                        </td>
                </tr>
            </table>
        </td>
    </tr>
    <tr>
        <td width="219" bgcolor="#999999"><font color="white"> </font><a href="register/register.htm" target="_self"><font color="white"></font></a><font color="white"> </font><b><i><font color="white"></font></i></b></td>
    </tr>
</table>
</form>



  <p><font face="Arial, Helvetica, sans-serif" size="-1"><a href="../about/index.html">[About
    Our Company]</a><a href="../services/index.html">[Service Request]</a><a href="../info/index.html">[Information
    Request]</a><br />
    <a href="../employment/index.html">[Employment Info]</a><a href="../languages/index.html">[Available
    Languages]</a><a href="../contact/index.html">[Contact Us]</a></font></p>
</div>

<map name="Buttons">
  <area shape="rect" coords="0,117,136,139" href="contact/index.html" />
  <area shape="rect" coords="1,94,211,116" href="languages/index.html" />
  <area shape="rect" coords="270,113,256,119" />
  <area shape="rect" coords="1,72,253,93" href="employment/index.html" />
  <area shape="rect" coords="0,49,212,70" href="info/index.html" />
  <area shape="rect" coords="0,25,180,46" href="services/index.html" />
  <area shape="rect" coords="1,1,213,24" href="about/index.html" />
</map> <map name="Main Links">
  <area shape="rect" coords="0,117,132,139" href="contact/index.html" />
  <area shape="rect" coords="0,94,211,116" href="languages/index.html" />
  <area shape="rect" coords="0,72,249,93" href="employment/index.html" />
  <area shape="rect" coords="0,47,211,71" href="info/index.html" />
  <area shape="rect" coords="0,25,175,46" href="services/index.html" />
  <area shape="rect" coords="1,0,209,23" href="about/index.html" />
</map> <map name="Language Link">
  <area shape="rect" coords="27,35,51,55" href="about/index.html" />
  <area shape="rect" coords="52,12,193,95" href="about/index.html" />
</map>
</body>
</html>

Open in new window


login.php
<?php
session_start();

//Database Information

$dbhost = "localhost";
$dbname = "help";
$dbuser = "root";
$dbpass = "";



//Connect to database
mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());


$username = $_POST['username'];
$password = $_POST['password'];



$login = mysql_query ("select * FROM members WHERE username='{$username}' and password='{$password}'");
$allow = mysql_query("select * FROM members WHERE allowed='1'");

if ((mysql_num_rows($login) == 1) && (mysql_num_rows($allow)== 1))

{

$_SESSION['username'] = "$username";

header('Location: index.php');

}
else {

   
header('Location: index.html');
  }
?>

Open in new window

0
 
lostinfmlandAuthor Commented:
The only difference I see is iam using md5 could that be the problem?
0
 
Ray PaseurCommented:
@lostinfmland, Looking at the dialog in this question so far, I would like to gently suggest that you may want to hire a professional programmer to help you with the fundamentals here.  It will not cost much (this is not rocket science, at least not yet) and it may save you considerable time and frustration.

The design patterns for how to log in and carry client information from page to page are pretty well understood today.  This article shows that:
http://www.experts-exchange.com/Web_Development/Web_Languages-Standards/PHP/A_2391-PHP-login-logout-and-easy-access-control.html

Error reporting and data visualization are two key elements for getting any program code to work right.  Add these two statements to the top of all of your scripts:

ini_set('display_errors', TRUE);
error_reporting(E_ALL);

Test your queries for success.  The PHP function mysql_query() gives a return value.  If that value is FALSE, you really want to find out why.  You can use mysql_error() to print out the reasons for query errors.

Do some reading to get a foundation in how PHP and MySQL work together.  In addition to reading the article I posted above, buy this book right now and work through the exercises.  It will not make you a pro, but it is very readable and has great examples.
http://www.sitepoint.com/books/phpmysql4/

Best of luck with it.  And after you read that article, please post back here with any specific questions, ~Ray
0
 
lostinfmlandAuthor Commented:
thanks fabzster187 it worked not to sure what i did wrong but it is working now Thanx..
0
 
fabzster187Commented:
My pleasure

The mysql query
 the if statement
and the positioning of the session_start();
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 10
  • 10
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now