Solved

PHP Session Multiple pages

Posted on 2011-09-26
7
190 Views
Last Modified: 2012-05-12
I am trying to create a login page that keeps the user's login name (myusername) throughout the website. I have this code that is not capturing the sessions:
//login.html
//...code to log into the index.php works

if($count==1){
$_SESSION["myusername"] = $myusername;
$_SESSION["mypassword"] = $mypassword;
header("location: index.php");
}
else {
echo "<font color='#FF0000'><b>You have entered a wrong Username or Password. Please try again.</b></font>";
}
?>



//Second page "index.php:

<?
session_start();

if(!isset($_SESSION['myusername'])){
header("location: login.html");
}
?>

Open in new window

0
Comment
Question by:jj1103
  • 4
  • 2
7 Comments
 
LVL 13

Expert Comment

by:Hugh McCurdy
ID: 36649975
For starters, you need to have session_start() in all scripts that use the SESSION variable.  Perhaps you do.  I don't think you included all your code.
0
 
LVL 15

Accepted Solution

by:
Jagadishwor Dulal earned 250 total points
ID: 36676299
Review your code :
if($count==1){
$_SESSION["myusername"] = $myusername;
$_SESSION["mypassword"] = $mypassword;
header("location: index.php");
}

Open in new window

You have assigned value in session variable so now change it like
session_start();

$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword;
if(isset($_SESSION['myusername'])){
header("location: index.php");
}else{
header("location: login.html");
}

Open in new window

0
 
LVL 13

Expert Comment

by:Hugh McCurdy
ID: 36680212
I suggest you try jagadishdulal's suggestion.  It's far more complete than mine.  
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 

Author Comment

by:jj1103
ID: 36709467
When I insert jagadishdulal's code into index_ck.php and the correct username and password is entered, it keeps taking me to the login page instead of the index page. I tried different variations and none will display the index.php page after logging in correctly.

This is checklogin.php page that the user is sent to after entering their username and password:
<?php
session_start();
?>
<html>

<body>


<?php
$host="localhost"; 
$username="";
$password=""; 
$db_name="";
$tbl_name=""; 

mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");


$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM users WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

$count=mysql_num_rows($result);
if($count==1){
$_SESSION["myusername"] = $myusername;
$_SESSION["mypassword"] = $mypassword;
header("location: index.php");
}
else {
echo "<font color='#FF0000'><b>You have entered a wrong Username or Password. Please try again.</b></font>";
}
?>



//THIS IS THE INDEX.PHP PAGE



<?php
session_start();
$_SESSION['myusername'] = $myusername;
if(isset($_SESSION['myusername'])){
?>

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Materials</title>
<link href="style.css" rel="stylesheet" type="text/css" />
</head>

<frameset rows="125,25,*" cols="*" framespacing="0" frameborder="0" bordercolor="#E4E4E4">
    <frame src="top.html" scrolling="No" noresize="noresize" name="header"/>
	<frame src="nav.html" scrolling="No" noresize="noresize" name="menuFrame" />
	<frame src="index_contents2.html" name="pageFrame" />
</frameset>
<noframes>
<body>

</body>
</noframes>
</html>

<?php
}else{
header("location: login.html");
}
?>

Open in new window

0
 
LVL 13

Assisted Solution

by:Hugh McCurdy
Hugh McCurdy earned 250 total points
ID: 36709717
One possible problem that I see is you are calling login.html. I would think you'd be calling login.php.

What I normally do at this point is ask the program what it is "thinking."

Specifically, I would comment out the header calls and instead echo that the program would normally load index.php or login.php

Of course, you can't get to the login page if index.html doesn't load login.  I would make 2 index pages.  They would be exactly the same except the first index page would call login and the second one would just echo a message that says it would call login if it had an actual header() call.

Anyway, if you do that (and if I'm making sense) then you can observe the program flow to see if anything about the flow surprises you.

Does this make sense?  

0
 

Author Closing Comment

by:jj1103
ID: 36710508
Thank you both. In combination with both your suggestions I was able to get it to work.

<?php
session_start();
if(isset($_SESSION['myusername'])){

?>
0
 
LVL 13

Expert Comment

by:Hugh McCurdy
ID: 36710627
I think it's pretty cool when experts join up and solve a problem jointly.  Glad you have it working.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
These days socially coordinated efforts have turned into a critical requirement for enterprises.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now