Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 209
  • Last Modified:

PHP Session Multiple pages

I am trying to create a login page that keeps the user's login name (myusername) throughout the website. I have this code that is not capturing the sessions:
//login.html
//...code to log into the index.php works

if($count==1){
$_SESSION["myusername"] = $myusername;
$_SESSION["mypassword"] = $mypassword;
header("location: index.php");
}
else {
echo "<font color='#FF0000'><b>You have entered a wrong Username or Password. Please try again.</b></font>";
}
?>



//Second page "index.php:

<?
session_start();

if(!isset($_SESSION['myusername'])){
header("location: login.html");
}
?>

Open in new window

0
jj1103
Asked:
jj1103
  • 4
  • 2
2 Solutions
 
Hugh McCurdyCommented:
For starters, you need to have session_start() in all scripts that use the SESSION variable.  Perhaps you do.  I don't think you included all your code.
0
 
Jagadishwor DulalBraces MediaCommented:
Review your code :
if($count==1){
$_SESSION["myusername"] = $myusername;
$_SESSION["mypassword"] = $mypassword;
header("location: index.php");
}

Open in new window

You have assigned value in session variable so now change it like
session_start();

$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword;
if(isset($_SESSION['myusername'])){
header("location: index.php");
}else{
header("location: login.html");
}

Open in new window

0
 
Hugh McCurdyCommented:
I suggest you try jagadishdulal's suggestion.  It's far more complete than mine.  
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
jj1103Author Commented:
When I insert jagadishdulal's code into index_ck.php and the correct username and password is entered, it keeps taking me to the login page instead of the index page. I tried different variations and none will display the index.php page after logging in correctly.

This is checklogin.php page that the user is sent to after entering their username and password:
<?php
session_start();
?>
<html>

<body>


<?php
$host="localhost"; 
$username="";
$password=""; 
$db_name="";
$tbl_name=""; 

mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");


$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM users WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

$count=mysql_num_rows($result);
if($count==1){
$_SESSION["myusername"] = $myusername;
$_SESSION["mypassword"] = $mypassword;
header("location: index.php");
}
else {
echo "<font color='#FF0000'><b>You have entered a wrong Username or Password. Please try again.</b></font>";
}
?>



//THIS IS THE INDEX.PHP PAGE



<?php
session_start();
$_SESSION['myusername'] = $myusername;
if(isset($_SESSION['myusername'])){
?>

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Materials</title>
<link href="style.css" rel="stylesheet" type="text/css" />
</head>

<frameset rows="125,25,*" cols="*" framespacing="0" frameborder="0" bordercolor="#E4E4E4">
    <frame src="top.html" scrolling="No" noresize="noresize" name="header"/>
	<frame src="nav.html" scrolling="No" noresize="noresize" name="menuFrame" />
	<frame src="index_contents2.html" name="pageFrame" />
</frameset>
<noframes>
<body>

</body>
</noframes>
</html>

<?php
}else{
header("location: login.html");
}
?>

Open in new window

0
 
Hugh McCurdyCommented:
One possible problem that I see is you are calling login.html. I would think you'd be calling login.php.

What I normally do at this point is ask the program what it is "thinking."

Specifically, I would comment out the header calls and instead echo that the program would normally load index.php or login.php

Of course, you can't get to the login page if index.html doesn't load login.  I would make 2 index pages.  They would be exactly the same except the first index page would call login and the second one would just echo a message that says it would call login if it had an actual header() call.

Anyway, if you do that (and if I'm making sense) then you can observe the program flow to see if anything about the flow surprises you.

Does this make sense?  

0
 
jj1103Author Commented:
Thank you both. In combination with both your suggestions I was able to get it to work.

<?php
session_start();
if(isset($_SESSION['myusername'])){

?>
0
 
Hugh McCurdyCommented:
I think it's pretty cool when experts join up and solve a problem jointly.  Glad you have it working.
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now