Solved

PHP Session Multiple pages

Posted on 2011-09-26
7
191 Views
Last Modified: 2012-05-12
I am trying to create a login page that keeps the user's login name (myusername) throughout the website. I have this code that is not capturing the sessions:
//login.html
//...code to log into the index.php works

if($count==1){
$_SESSION["myusername"] = $myusername;
$_SESSION["mypassword"] = $mypassword;
header("location: index.php");
}
else {
echo "<font color='#FF0000'><b>You have entered a wrong Username or Password. Please try again.</b></font>";
}
?>



//Second page "index.php:

<?
session_start();

if(!isset($_SESSION['myusername'])){
header("location: login.html");
}
?>

Open in new window

0
Comment
Question by:jj1103
  • 4
  • 2
7 Comments
 
LVL 13

Expert Comment

by:Hugh McCurdy
ID: 36649975
For starters, you need to have session_start() in all scripts that use the SESSION variable.  Perhaps you do.  I don't think you included all your code.
0
 
LVL 15

Accepted Solution

by:
Jagadishwor Dulal earned 250 total points
ID: 36676299
Review your code :
if($count==1){
$_SESSION["myusername"] = $myusername;
$_SESSION["mypassword"] = $mypassword;
header("location: index.php");
}

Open in new window

You have assigned value in session variable so now change it like
session_start();

$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword;
if(isset($_SESSION['myusername'])){
header("location: index.php");
}else{
header("location: login.html");
}

Open in new window

0
 
LVL 13

Expert Comment

by:Hugh McCurdy
ID: 36680212
I suggest you try jagadishdulal's suggestion.  It's far more complete than mine.  
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 

Author Comment

by:jj1103
ID: 36709467
When I insert jagadishdulal's code into index_ck.php and the correct username and password is entered, it keeps taking me to the login page instead of the index page. I tried different variations and none will display the index.php page after logging in correctly.

This is checklogin.php page that the user is sent to after entering their username and password:
<?php
session_start();
?>
<html>

<body>


<?php
$host="localhost"; 
$username="";
$password=""; 
$db_name="";
$tbl_name=""; 

mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");


$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM users WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

$count=mysql_num_rows($result);
if($count==1){
$_SESSION["myusername"] = $myusername;
$_SESSION["mypassword"] = $mypassword;
header("location: index.php");
}
else {
echo "<font color='#FF0000'><b>You have entered a wrong Username or Password. Please try again.</b></font>";
}
?>



//THIS IS THE INDEX.PHP PAGE



<?php
session_start();
$_SESSION['myusername'] = $myusername;
if(isset($_SESSION['myusername'])){
?>

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Materials</title>
<link href="style.css" rel="stylesheet" type="text/css" />
</head>

<frameset rows="125,25,*" cols="*" framespacing="0" frameborder="0" bordercolor="#E4E4E4">
    <frame src="top.html" scrolling="No" noresize="noresize" name="header"/>
	<frame src="nav.html" scrolling="No" noresize="noresize" name="menuFrame" />
	<frame src="index_contents2.html" name="pageFrame" />
</frameset>
<noframes>
<body>

</body>
</noframes>
</html>

<?php
}else{
header("location: login.html");
}
?>

Open in new window

0
 
LVL 13

Assisted Solution

by:Hugh McCurdy
Hugh McCurdy earned 250 total points
ID: 36709717
One possible problem that I see is you are calling login.html. I would think you'd be calling login.php.

What I normally do at this point is ask the program what it is "thinking."

Specifically, I would comment out the header calls and instead echo that the program would normally load index.php or login.php

Of course, you can't get to the login page if index.html doesn't load login.  I would make 2 index pages.  They would be exactly the same except the first index page would call login and the second one would just echo a message that says it would call login if it had an actual header() call.

Anyway, if you do that (and if I'm making sense) then you can observe the program flow to see if anything about the flow surprises you.

Does this make sense?  

0
 

Author Closing Comment

by:jj1103
ID: 36710508
Thank you both. In combination with both your suggestions I was able to get it to work.

<?php
session_start();
if(isset($_SESSION['myusername'])){

?>
0
 
LVL 13

Expert Comment

by:Hugh McCurdy
ID: 36710627
I think it's pretty cool when experts join up and solve a problem jointly.  Glad you have it working.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Both Easy and Powerful How easy is PHP? http://lmgtfy.com?q=how+easy+is+php (http://lmgtfy.com?q=how+easy+is+php)  Very easy.  It has been described as "a programming language even my grandmother can use." How powerful is PHP?  http://en.wikiped…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now