[RESOLVED] Login Script help

@UAL225Jul 16.2009

Hello all,

I wrote this log in script and everything seems to be good but it throws me this:

Warning: session_start() [function.session-start]: Cannot send session cache limiter – headers already sent (output started at /home2/*****/public_html/dbconnect.php:1) in /home2/chicagt7/public_html/functions.php on line 2

here is the loginscript.php:

[code=php]<?php require_once(‘dbconnect.php’); include(‘functions.php’);

if(isset($_POST[‘Login’])) { if($_POST[‘usern’]!=” && $_POST[‘passw’]!=”) { //Use the input username and password and check against ‘users’ table $query = mysql_query(‘SELECT ID, uname, Active FROM `users` WHERE uname = “‘.mysql_real_escape_string($_POST[‘usern’]).'” AND pass = “‘.mysql_real_escape_string(md5($_POST[‘passw’])).'”‘);

if(mysql_num_rows($query) == 1) { $row = mysql_fetch_assoc($query); if($row[‘Active’] == 1) { $_SESSION[‘user_id’] = $row[‘ID’]; $_SESSION[‘logged_in’] = TRUE; header(“Location: members.php”); redirect (“index2.php”); } else { $error = ‘Your membership was not activated. Please open the email that we sent and click on the activation link’; } } else { $error = ‘Login failed !’; } } else { $error = ‘Please user both your username and password to access your account’; } } ?>

<?php if(isset($error)){ echo $error;}?> <form action=”<?=$_SERVER[‘PHP_SELF’]?>” method=”post”> <input type=”text” id=”username” name=”username” size=”32″ value=”” /> <input type=”password” id=”password” name=”password” size=”32″ value=”” /> <input type=”submit” name=”Login” value=”Login” /> </form>[/code]

and here is the functions.php:

[code=php]<? session_start(); //connect to the database require (“dbconnect.php”); //send the user somewhere else function redirect($url) { ob_start(); header(‘location: ‘ . $url); ob_end_flush(); } //rearranges a date function rearrangedate($date) { $date1 = explode(‘-‘, $date); $newdate = $date1[1] . “-” . $date1[2] . “-” . $date1[0]; echo $newdate; } //rearranges a date and time function rearrangedatetime($datetime) { $datetime1 = explode(” “, $datetime); $date1 = explode(‘-‘, $datetime1[0]); $newdatetime = $date1[1] . “-” . $date1[2] . “-” . $date1[0] . ” at ” . $datetime1[1]; echo $newdatetime; } ?>[/code]

any help please!

to post a comment

PHP

51 Comments(s) _↴

@criterion9Jul 16.2009 — #Move you include for the functions.php above the other include. If that doesn't help it may have something to do with you including the same file in the first file and the functions include. Additionally your opening tag in functions.php should be [b]<?php[/b] instead of [i]<?[/i] (the shorthand version).

@UAL225authorJul 16.2009 — #Yea thanks that helped,it doesn't throw out an error any more, but it doesn't redirect and it is not starting the session.

@criterion9Jul 16.2009 — #What are the contents of the db_connect.php? (Make sure to edit out your username, password, etc before posting it here). It sounds like the db_connect.php file is outputting something which is why you were having the session error message before.

@UAL225authorJul 16.2009 — #

[code=php]<?php
 //opens a connection to the MYSQUL 
 $dbc = mysql_connect('localhost', '*******', '******');
 if (!dbc)
 {
 die('Server is off line try back later :'  . mysql_error());
 }
 //selects the MYSQL database
 $db_selected = mysql_select_db("******", $dbc);
 if (!$db_selected)
 {
 die ("cant connect :" . mysql_error());
 }
 ?>[/code]

@criterion9Jul 16.2009 — #Try hitting that page live and see if it spits an error out. If you don't get any errors post what you have now and the output you are getting.

@UAL225authorJul 16.2009 — #That page is live I am not getting any errors, all I am getting is the log in form again that is at the bottom of loginscrpit.php There are no errors that it is reporting and its not holding the session variable and not redirecting to index2.php All I know is that its not doing what its supposed to be doing. ?

Here is the loginscipt.php:

[code=php]<?php
 include('functions.php');
 require_once('dbconnect.php');
 
 
  if(isset($_POST['Login']))
  {
   if($_POST['usern']!='' && $_POST['passw']!='')
   {
   //Use the input username and password and check against 'users' table
   $query = mysql_query('SELECT ID, uname, Active FROM users WHERE uname = "'.mysql_real_escape_string($_POST['usern']).'" AND pass = "'.mysql_real_escape_string(md5($_POST['passw'])).'"');
 
   if(mysql_num_rows($query) == 1)
   {
   $row = mysql_fetch_assoc($query);
   if($row['Active'] == 1)
   {
   $_SESSION['user_id'] = $row['ID'];
   $_SESSION['logged_in'] = TRUE;
   header("Location: members.php");
   redirect ("index2.php");
   }
   else {
   $error = 'Your membership was not activated. Please open the email that we sent and click on the activation link';
   }
   }
   else { 
   $error = 'Login failed !'; 
   }
   }
   else {
   $error = 'Please use both your username and password to access your account';
   }
  }
 ?>
 
 <?php if(isset($error)){ echo $error;}?>
 <form action="<?=$_SERVER['PHP_SELF']?>" method="post">
 <input type="text" id="username" name="username" size="32" value="" />
 <input type="password" id="password" name="password" size="32" value="" />
 <input type="submit" name="Login" value="Login" />
 </form>[/code]

Here is functions.php:

[code=php]<?php
 session_start();
 //connect to the database
 require ("dbconnect.php");
 //send the user somewhere else
 function redirect($url)
 {
 ob_start();
 header('location: ' . $url);
 ob_end_flush();
 }
 //rearranges a date
 function rearrangedate($date)
 {
 $date1 = explode('-', $date);
 $newdate = $date1[1] . "-" . $date1[2] . "-" . $date1[0];
 echo $newdate;
 }
 //rearranges a date and time
 function rearrangedatetime($datetime)
 {
 $datetime1 = explode(" ", $datetime);
 $date1 = explode('-', $datetime1[0]);
 $newdatetime = $date1[1] . "-" . $date1[2] . "-" . $date1[0] . " at " . $datetime1[1];
 echo $newdatetime;
 }
 ?>[/code]

@criterion9Jul 16.2009 — #Do you have errors set to E_ALL? Maybe there is a warning or notice that is causing the error? Do you have a publicly available version I can access to test?

@ShortsJul 16.2009 — #Something is being printed out before the Header (which is the same error that caused the session_start() from working). Look for any spacesnew lines in your files that are outside of <?php ?>.

@UAL225authorJul 16.2009 — #Do you have errors set to E_ALL? Maybe there is a warning or notice that is causing the error? Do you have a publicly available version I can access to test?[/QUOTE]

Go to http://www.chicagoaviation.org/login.php

and try logging in with:

Username:Test

Password: Test

@UAL225authorJul 16.2009 — #Something is being printed out before the Header (which is the same error that caused the session_start() from working). Look for any spacesnew lines in your files that are outside of <?php ?>.[/QUOTE]

Yea I looked, no spaces no nothing.

@criterion9Jul 16.2009 — #
header("Location: members.php");

redirect ("index2.php");
[/quote]
This won't work because the header("Location:... part is redirecting to members.php before the redirect("index2.php") line is called. Also the "members.php" redirect is incorrect because that file doesn't exist. Try removing the "header(..." part and see what happens.

Do you have error reporting set to E_ALL?

@ShortsJul 16.2009 — #Well, got:

"Please use both your username and password to access your account"

While trying to connect via loginscript.php (login.php just sent me there without any messages). Which the input fields are username and password and the posts are usern and passw. However, on login.php, $_POST['Login'] isn't being set anywhere so it's not pushing the usernpassw to the loginscript.

@UAL225authorJul 16.2009 — #Well, got:

"Please use both your username and password to access your account"

While trying to connect via loginscript.php (login.php just sent me there without any messages). Which the input fields are username and password and the posts are usern and passw. However, on login.php, $_POST['Login'] isn't being set anywhere so it's not pushing the usernpassw to the loginscript.[/QUOTE]

how would I make it push the info to the loginscript.php? Because on the registration page I also got that same button and that whole script works just fine.

@ShortsJul 16.2009 — #on login.php, add name="Login" to the submit button, that'll set $_POST['Login'] and then it will check for $_POST['usern'] and $_POST['passw'];

As for the other error, can't see it yet as this is currently the issue. also, on loginscript.php, the fields should be name="usern" and name="passw" respectively (and name="Login" for the submit button).

@UAL225authorJul 16.2009 — #OK thanks, I did that, and I hope it is pushing the info through, this is the current loginscript:

[code=php]<?php
 include('functions.php');
 require_once('dbconnect.php');
 
 
  if(isset($_POST['Login']))
  {
   if($_POST['usern']!='' && $_POST['passw']!='')
   {
   //Use the input username and password and check against 'users' table
   $query = mysql_query('SELECT ID, uname, Active FROM users WHERE uname = "'.mysql_real_escape_string($_POST['usern']).'" AND pass = "'.mysql_real_escape_string(md5($_POST['passw'])).'"');
 
   if(mysql_num_rows($query) == 1)
   {
   $row = mysql_fetch_assoc($query);
   if($row['Active'] == 1)
   {
 
   $_SESSION['user_id'] = $row['ID'];
   $_SESSION['logged_in'] = TRUE;
   redirect ('index2.php');
 
   }
   else {
   $error = 'Your membership was not activated. Please open the email that we sent and click on the activation link';
   }
   }
   else { 
   $error = 'Login failed !'; 
   }
   }
   else {
   $error = 'Please use both your username and password to access your account';
   }
  }
 ?>
 
 <?php if(isset($error)){ echo $error;}?>
 <form action="<?=$_SERVER['PHP_SELF']?>" method="post">
 <input type="text" id="username" name="username" size="32" value="" />
 <input type="password" id="password" name="password" size="32" value="" />
 <input type="submit" name="Login" value="Login" />
 </form>[/code]

and I am getting this error:

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home2/****/public_html/loginscript.php:1) in /home2/******/public_html/functions.php on line 2



Warning: Cannot modify header information - headers already sent by (output started at /home2/*****/public_html/loginscript.php:1) in /home2/*****/public_html/functions.php on line 9

and here is functions.php:

[code=php]<?php
 session_start(); 
 //connect to the database
 require ("dbconnect.php");
 //send the user somewhere else
 function redirect($url)
 {
 ob_start();
 header('location: ' . index2.php);
 ob_end_flush();
 }
 //rearranges a date
 function rearrangedate($date)
 {
 $date1 = explode('-', $date);
 $newdate = $date1[1] . "-" . $date1[2] . "-" . $date1[0];
 echo $newdate;
 }
 //rearranges a date and time
 function rearrangedatetime($datetime)
 {
 $datetime1 = explode(" ", $datetime);
 $date1 = explode('-', $datetime1[0]);
 $newdatetime = $date1[1] . "-" . $date1[2] . "-" . $date1[0] . " at " . $datetime1[1];
 echo $newdatetime;
 }
 ?>[/code]

@criterion9Jul 17.2009 — #We found out what was causing your problem before...why did it come back? Also you still haven't either renamed $_POST['usern'] and $_POST['passw'] to $_POST['username'] and $_POST['password'] or changed the name/ids of the input fields from username and password to usern and passw...

@criterion9Jul 17.2009 — #You are also including the db_connect.php file twice.

@UAL225authorJul 17.2009 — #We found out what was causing your problem before...why did it come back? Also you still haven't either renamed $_POST['usern'] and $_POST['passw'] to $_POST['username'] and $_POST['password'] or changed the name/ids of the input fields from username and password to usern and passw...[/QUOTE]

First how I am I including the dbconnect.php twice?

And second, in my input feilds and in my table I have username and password as

usename=uname

password=passw

so I thought if I was calling it through $_POST['uname'], the stuff in the '' has to be the same way as it is in the form?

@criterion9Jul 17.2009 — #The file you posted has "username" and "password" for the input fields and "usern" and "passw" for the _POST vars. You are including the db connection file in your functions.php and loginscript.php and you are also including functions.php in loginscript.php.

@Phill_PaffordJul 17.2009 — #Here is a redirect function to use:

[code=php]
 function redirect($url) {
 if (!headers_sent()) {
 //If headers not sent yet... then do php redirect
 header('Location: '.$url); exit;
 } else {
 //If headers are sent... do javascript redirect... if javascript disabled, do html redirect.
 echo '<script type="text/javascript">';
 echo 'window.location.href="'.$url.'";';
 echo '</script>';
 echo '<noscript>';
 echo '<meta http-equiv="refresh" content="0;url='.$url.'" />';
 echo '</noscript>'; exit;
 }
 } 
 [/code]

How to Call:

[code=php]
 $url = "/redirect.php"; // This is the variable with the URL
 redirect($url); // This is using the variable in the function 
 [/code]

@UAL225authorJul 17.2009 — #The file you posted has "username" and "password" for the input fields and "usern" and "passw" for the _POST vars. You are including the db connection file in your functions.php and loginscript.php and you are also including functions.php in loginscript.php.[/QUOTE]

What file has "username" "and password" for the input feilds?

the login.php has this

[CODE]Username: <input type="text" name="uname" id="uname" />
 <br/>
 <br/>
 Password: <input type="password" name="passw" id="passw" />
 <br/>
 [/CODE]

Username has a name of 'uname' and password has a name of 'passw'

So what, I should remove functions.php from my loginscript? and remove the connection file from functions.php?! How would that work?

@criterion9Jul 17.2009 — #The code you posted not but 2 posts ago has username and password for the inputs. You didn't post the code form "login.php". I did not say you should remove all includes. I was pointing out that you were including functions.php which also includes db_connect.php and then including db_connect.php in the file you posted the code to.

If you don't want help don't ask for it.

@UAL225authorJul 17.2009 — #I am not saying I don't want help, this is straying from the point, I was trying to point out that I was confused by what you said because the way you worded it was very confusing to say the least but thanks anyways.

@JunkMaleJul 17.2009 — #MY 2 Pence worth...

MOVE... the [code=php]session_start();[/code] to the main script.

Use [code=php]require_once( ... );[/code] to include files and safeguard agains loading up the same scripts over an over when they have already been included.

Your problem could be the use of

[code=php]require("dbconnect.php"); [/code]

when in an earlier script you are shown to have included the connection under the [code=php]require_once("dbconnect.php");[/code] method.

[code=php]require( ... );[/code] not only issues an error on failure, it will also terminate the script that is currently processing, so this could be the cause of the problems.

As for the other problems you have raised, I would get this lot sorted first then see what problems arise after.

@NogDogJul 18.2009 — #The error messages are telling you that output was started at line 1 (the ":1" in the error message) of the loginscript.php file. Make sure that (a) there is absolutely nothing -- including spaces or newlines -- before the opening "<?php" tag, and (b) if your editor is saving the file as UTF-8 that it is configured to do so [b]without[/b] a BOM (byte order mark) -- or just have it save it as plain ASCII text instead.

@UAL225authorJul 18.2009 — #Thanks for the reply NogDog! Anyways I did that and made sure and double checked to make sure there was nothing before the tags. Still nothing here are the current errors:

Warning: Cannot modify header information - headers already sent by (output started at /home2/chicagt7/public_html/dbconnect.php:1) in /home2/chicagt7/public_html/loginscript.php on line 20

Warning: Cannot modify header information - headers already sent by (output started at /home2/chicagt7/public_html/dbconnect.php:1) in /home2/chicagt7/public_html/functions.php on line 9

and here is the current code...

loginscript.php

[code=php]<?php
 include('functions.php');
 require_once('dbconnect.php');
 
 
  if(isset($_POST['Login']))
  {
   if($_POST['uname']!='' && $_POST['passw']!='')
   {
   //Use the input username and password and check against 'users' table
   $query = mysql_query('SELECT ID, uname, Active FROM users WHERE uname = "'.mysql_real_escape_string($_POST['uname']).'" AND pass = "'.mysql_real_escape_string(md5($_POST['passw'])).'"');
 
   if(mysql_num_rows($query) == 1)
   {
   $row = mysql_fetch_assoc($query);
   if($row['Active'] == 1)
   {
   $_SESSION['user_id'] = $row['ID'];
   $_SESSION['logged_in'] = TRUE;
   header("Location: inde2.php");
   redirect ("index2.php");
   }
   else {
   $error = 'Your membership was not activated. Please open the email that we sent and click on the activation link';
   }
   }
   else { 
   $error = 'Login failed !'; 
   }
   }
   else {
   $error = 'Please user both your username and password to access your account';
   }
  }
 ?>
 
 <?php if(isset($error)){ echo $error;}?>
 <form action="<?=$_SERVER['PHP_SELF']?>" method="post">
 <input type="text" id="username" name="username" size="32" value="" />
 <input type="password" id="password" name="password" size="32" value="" />
 <input type="submit" name="Login" value="Login" />
 </form>[/code]

functions.php

[code=php]<?php
 session_start();
 //connect to the database
 require_once ("dbconnect.php");
 //send the user somewhere else
 function redirect($url)
 {
 ob_start();
 header('location: ' . index2.php);
 ob_end_flush();
 }
 //rearranges a date
 function rearrangedate($date)
 {
 $date1 = explode('-', $date);
 $newdate = $date1[1] . "-" . $date1[2] . "-" . $date1[0];
 echo $newdate;
 }
 //rearranges a date and time
 function rearrangedatetime($datetime)
 {
 $datetime1 = explode(" ", $datetime);
 $date1 = explode('-', $datetime1[0]);
 $newdatetime = $date1[1] . "-" . $date1[2] . "-" . $date1[0] . " at " . $datetime1[1];
 echo $newdatetime;
 }
 ?> [/code]

I also tried doing what JunkMale told me with no success.

@NogDogJul 18.2009 — #Now it's saying the same thing for the dbconnect.php file, so do the same clean-up for it and the other include file. You may also want to delete the terminal "?>" in each included file so that there is no possibility of accidental output at the end of those files. (PHP will automatically assume the "?>" at the end if it's not provided.)

@UAL225authorJul 18.2009 — #I did that, but it is still giving those two errors and decided to throw this one in there also...

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home2/chicagt7/public_html/loginscript.php:1) in /home2/chicagt7/public_html/functions.php on line 2

@NogDogJul 18.2009 — #What editor are you using?

@UAL225authorJul 18.2009 — #Adobe Dreamweaver CS3

@NogDogJul 18.2009 — #I don't know DW, so don't know if there are any settings you can tweak to make sure it's saving files as plain text with no garbage of any sort at the top of the file. Ultimately, though, it still appears to be the same issue: something being output at the very start of a file. If you can't locate it (maybe try another simple text editor such as Notepad to save the files?), if you can tweak the php settings in php.ini or .htaccess, you could turn on output buffering so that it becomes a non-issue (though you incur a tad bit more processing time on the server)

@UAL225authorJul 18.2009 — #Well the prosscing time is a not a big issue for me. My issue is that its not holding the session variable and not redirecting you.

@NogDogJul 18.2009 — #Well the prosscing time is a not a big issue for me. My issue is that its not holding the session variable and not redirecting you.[/QUOTE]

Yep, because they are dependent upon various HTTP headers getting sent, but they are not getting sent because the relevant function that generate them are being called [i]after[/i] some sort of output is generated, and all HTTP headers must be sent [i]before[/i] content is sent. Therefore you must solve this problem if you want those header-related functions to work.

@UAL225authorJul 18.2009 — #so if I turn on output buffering the header related functions will work?

@NogDogJul 18.2009 — #so if I turn on output buffering the header related functions will work?[/QUOTE]

Probably...at least you should get past all these "headers already sent" errors.

@JunkMaleJul 18.2009 — #I did that, but it is still giving those two errors and decided to throw this one in there also...

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home2/chicagt7/public_html/loginscript.php:1) in /home2/chicagt7/public_html/functions.php on line 2[/QUOTE]

If you read the error... the way I am reading it, you need to move the "SESSION_START" to the loginscript.php.

The other question is loginscript.php an include file or is it called directly as http?

Note: If you are using cookie-based sessions, you must call session_start() before anything is outputted to the browser.

Note: Use of zlib.output_compression is recommended rather than ob_gzhandler()

Note: This function will send out several HTTP headers depending on the configuration.[/QUOTE]

It was drilled in to me the importance of putting session_start(); at the very beginning of the base script that includes other files, what I reccon is happening is because the called script that contains the session_start() is not in the same directory or some reason the session_start() is being initalized by a previous call of functions.php, this additional call is resulting in the error as I do not see any output other than that which is automatically generated by the "SESSION_START"

So please, MOVE THE session_start(); to the base script that calls all include files.

I could be barking up the wrong lamp post, but please humor me. If I am wrong, I am wrong, does it hurt to move the session_start() object?

@UAL225authorJul 21.2009 — #Ok I fixed my header issue and session start, I dont get any errors thrown out! But when I tell it to redirect to index2.php it says the file doesn't exist and it is not keeping the session up so you can go to the members area and such, here is the revised and working code:

loginscript.php

[code=php]<?php
 session_start();
 include('functions.php');
 require_once('dbconnect.php');
 
 
  if(isset($_POST['Login']))
  {
   if($_POST['uname']!='' && $_POST['passw']!='')
   {
   //Use the input username and password and check against 'users' table
   $query = mysql_query('SELECT ID, uname, Active FROM users WHERE uname = "'.mysql_real_escape_string($_POST['uname']).'" AND pass = "'.mysql_real_escape_string(md5($_POST['passw'])).'"');
 
   if(mysql_num_rows($query) == 1)
   {
   $row = mysql_fetch_assoc($query);
   if($row['Active'] == 1)
   {
   $_SESSION['user_id'] = $row['ID'];
   $_SESSION['logged_in'] = TRUE;
   header("Location: inde2.php");
   redirect ("index2.php");
   }
   else {
   $error = 'Your membership was not activated. Please open the email that we sent and click on the activation link';
   }
   }
   else { 
   $error = 'Login failed !'; 
   }
   }
   else {
   $error = 'Please user both your username and password to access your account';
   }
  }
 ?>
 
 <?php if(isset($error)){ echo $error;}?>
 <form action="<?=$_SERVER['PHP_SELF']?>" method="post">
 <input type="text" id="username" name="username" size="32" value="" />
 <input type="password" id="password" name="password" size="32" value="" />
 <input type="submit" name="Login" value="Login" />
 </form>[/code]

functions.php

[code=php]<?php
 //connect to the database
 require_once ("dbconnect.php");
 //send the user somewhere else
 function redirect($url)
 {
 ob_start();
 header('location: ' . index2.php);
 ob_end_flush();
 }
 //rearranges a date
 function rearrangedate($date)
 {
 $date1 = explode('-', $date);
 $newdate = $date1[1] . "-" . $date1[2] . "-" . $date1[0];
 echo $newdate;
 }
 //rearranges a date and time
 function rearrangedatetime($datetime)
 {
 $datetime1 = explode(" ", $datetime);
 $date1 = explode('-', $datetime1[0]);
 $newdatetime = $date1[1] . "-" . $date1[2] . "-" . $date1[0] . " at " . $datetime1[1];
 echo $newdatetime;
 }
 ?> [/code]

So why isnt it keeping the session variable and why does it say the file doesnt exist?

@JunkMaleJul 21.2009 — #Where is index2.php in relation to the site root? If you redirect to it, you may need to do something like:-[code=php]redirect ("./index2.php");[/code]or[code=php]redirect ("../index2.php");[/code]or[code=php]redirect ("/index2.php");[/code]or correctly generate an absoloute path to the file.

If you want session vars to persist, then session_start() needs to be at the base of every page you load and as the php info page says, they will "Magically" be avaiable...

@criterion9Jul 21.2009 — #
header('location: ' . index2.php);
[/quote]
Should be:

[code=php]
 header('location: index2.php'); 
 [/code]

@UAL225authorJul 21.2009 — #criterion9 I changed what you told me, and JunkMale index2.php is in the same location where loginscript is. So I dont need to 'jump' out to another folder or 'jump' into another folder. I think that the '.' is acting as a multiplier and that is why it is throwing out cant find index2php with out the dot. and session_start(); is on top of every web page already and still no session holding.

@criterion9Jul 21.2009 — #Try posting what you have and I'll try to run it on my dev box when I get home. That way we can make sure it isn't some random file encoding with BOM issue and work backwards till we target the culprit.

@UAL225authorJul 21.2009 — #Try posting what you have and I'll try to run it on my dev box when I get home. That way we can make sure it isn't some random file encoding with BOM issue and work backwards till we target the culprit.[/QUOTE]
Ok thanks! I also have output_buffring on. anyways here ya go:

loginscript.php:

[code=php]<?php
 session_start();
 include('functions.php');
 require_once('dbconnect.php');
 
 
  if(isset($_POST['Login']))
  {
   if($_POST['uname']!='' && $_POST['passw']!='')
   {
   //Use the input username and password and check against 'users' table
   $query = mysql_query('SELECT ID, uname, Active FROM users WHERE uname = "'.mysql_real_escape_string($_POST['uname']).'" AND pass = "'.mysql_real_escape_string(md5($_POST['passw'])).'"');
 
   if(mysql_num_rows($query) == 1)
   {
   $row = mysql_fetch_assoc($query);
   if($row['Active'] == 1)
   {
   $_SESSION['user_id'] = $row['ID'];
   $_SESSION['logged_in'] = TRUE;
   header('location: index2.php'); 
   redirect ("index2.php");
   }
   else {
   $error = 'Your membership was not activated. Please open the email that we sent and click on the activation link';
   }
   }
   else { 
   $error = 'Login failed !'; 
   }
   }
   else {
   $error = 'Please user both your username and password to access your account';
   }
  }
 ?>
 
 <?php if(isset($error)){ echo $error;}?>
 <form action="<?=$_SERVER['PHP_SELF']?>" method="post">
 <input type="text" id="username" name="username" size="32" value="" />
 <input type="password" id="password" name="password" size="32" value="" />
 <input type="submit" name="Login" value="Login" />
 </form>[/code]

functions.php:

[code=php]<?php
 //connect to the database
 require_once ("dbconnect.php");
 //send the user somewhere else
 function redirect($url)
 {
 ob_start();
 header('location: index2.php'); 
 ob_end_flush();
 }
 //rearranges a date
 function rearrangedate($date)
 {
 $date1 = explode('-', $date);
 $newdate = $date1[1] . "-" . $date1[2] . "-" . $date1[0];
 echo $newdate;
 }
 //rearranges a date and time
 function rearrangedatetime($datetime)
 {
 $datetime1 = explode(" ", $datetime);
 $date1 = explode('-', $datetime1[0]);
 $newdatetime = $date1[1] . "-" . $date1[2] . "-" . $date1[0] . " at " . $datetime1[1];
 echo $newdatetime;
 }
 ?> [/code]

@ShortsJul 21.2009 — #still,

header('location: ' . index2.php);

should be

header('location: index2.php');

@UAL225authorJul 21.2009 — #Yea thanks, I forgot to change it in the functions, but I updated it and now no errors and a redirect! but it still doesn't pass the session variable. And I have session_start(); on every web page.

@JunkMaleJul 21.2009 — #Strange... if a session set in one page is started in another, then the session values should be avaible to you.

What does the code in index2.php look like?

@UAL225authorJul 21.2009 — #that is the entire index2.php

[code=php]<?php
 session_start();
 ?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml">
 
 <head>
 <meta name="keywords" content="Aviation, Chicago, FSX, server, ATC, Teamspeak, Fleet, Chicago Aviation, Chicago FSX ATC" />
 <meta name="description" content="FSX server for flying withor without ATC." />
 <title>Chicago Aviation-Where Dreams Take Flight! | Home</title>
 <link href="index.css" type="text/css" rel="stylesheet"/>
 <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
 <link href="images/favicon.ico" rel="SHORTCUT ICON" />
 <style type="text/css">
 .style1 {
 color: #FFFFFF;}
 .style2 {
 text-decoration: none;
 }
 </style>
 <script type="text/javascript">
 <!--
 function FP_swapImg() {//v1.0
 var doc=document,args=arguments,elm,n; doc.$imgSwaps=new Array(); for(n=2; n<args.length;
 n+=2) { elm=FP_getObjectByID(args[n]); if(elm) { doc.$imgSwaps[doc.$imgSwaps.length]=elm;
 elm.$src=elm.src; elm.src=args[n+1]; } }
 }
 
 function FP_preloadImgs() {//v1.0
 var d=document,a=arguments; if(!d.FP_imgs) d.FP_imgs=new Array();
 for(var i=0; i<a.length; i++) { d.FP_imgs[i]=new Image; d.FP_imgs[i].src=a[i]; }
 }
 
 function FP_getObjectByID(id,o) {//v1.0
 var c,el,els,f,m,n; if(!o)o=document; if(o.getElementById) el=o.getElementById(id);
 else if(o.layers) c=o.layers; else if(o.all) el=o.all[id]; if(el) return el;
 if(o.id==id || o.name==id) return o; if(o.childNodes) c=o.childNodes; if(c)
 for(n=0; n<c.length; n++) { el=FP_getObjectByID(id,c[n]); if(el) return el; }
 f=o.forms; if(f) for(n=0; n<f.length; n++) { els=f[n].elements;
 for(m=0; m<els.length; m++){ el=FP_getObjectByID(id,els[n]); if(el) return el; } }
 return null;
 }
 // -->
 </script>
 <script type="php"></script>
 </head>
 <body onload="FP_preloadImgs(/*url*/'buttonjoin2.gif')">
 <div id="main-content">
 <img src="images/CAHeader.jpg" alt="Header"/>
 <a href="index2.php">Home</a> <span class="style1">|</span> <? /*if the user is logged in*/ if($_SESSION['logged']==1){ /* show the downloads test page*/?> 
 <a href="members/downloads.php">Downloads</a> <? }else{ /* otherwise show the other one*/?><a href="login.php">Downloads</a><? } ?><span class="style1"> 
 |</span> <a href="weather.php">Weather</a> <span class="style1">|</span>
 <a href="aboutus.php">About Us</a><span class="style1"> |</span>
 <a href="gallery.php">Gallery</a> <span class="style1">|</span>
 <a href="forums.php">Forums</a><span class="style1"> |</span>
 <a href="members/members.php">Members</a><? if($_SESSION['logged']==1){ /* if the user is logged in display member area links*/ ?> 
 <span class="style1">|</span> <a href="members/stinfo.php">Server info &amp; 
 Team speak info</a> 
 <span class="style1">|</span>
 <a href="members/links.php">Links</a> <span class="style1">|</span>
 <a href="members/flightservices.php">Flight Services</a> <span class="style1">|</span>
 <a href="bios/calendar.php">Events Calendar</a><? } ?>
 <br/>
 <img id="ts" src="http://www.tsviewer.com/promotion/dynamic_sig/sig.php/clan160x283_fs/57883.png" width="160" height="283" alt="TS Viewer" />
 <br/>
 
 <img id="welcome" src="images/Welcome.png" alt="Welcome to Chciago Aviation"/>
 <br/>
 
 <a href="register.php">
 <img style="border: 0" id="join" src="images/buttonjoin.gif" height="20" width="100" alt="Join Now!" onmousedown="FP_swapImg(1,0,/*id*/'img1',/*url*/'images/buttonjoin2.gif')" onmouseup="FP_swapImg(0,0,/*id*/'img1',/*url*/'images/buttonjoin.gif')" /></a>
 
 <object id="youtube" type="application/x-shockwave-flash" style="width:425px; height:350px;" data="http://www.youtube.com/v/aoVkSS-xCaE"><param name="movie" value="http://www.youtube.com/v/aoVkSS-xCaE" /><param name="wmode" value="transparent"></param></object>
 
 <p id="p1">Well Let me be the first to say welcome To Chicago Aviation!<br />
 We run a 24/7 Teamspeak server with a server in <acronym title="Flight Simulator X">
 FSX</acronym>. We try to have a different edge than the other servers<br /> and 
 by that we mean, we take care of our members, and help them find a aircraft that 
 they are comfortable in<br /> and we help them get the most out of <acronym title="Flight Simulator X">
 FSX</acronym>. </p>
 
 
 <p>We don't do the regular same place day in and out. We go around the world to 
 see the stunning beauty of <acronym title="Flight Simulator X">FSX</acronym><br /> 
 and to challenge our selves and have fun doing it! We host a <abbr title="Air Traffic Control">
 ATC</abbr> session once in a while but we try to be different<br /> but if you 
 want more <abbr title="Air Traffic Control">ATC</abbr> tell us in the forums and 
 we will set it up for you. This is done for you to enjoy this and not only us.</p>
 
 <p>If you would like to become a member of Chicago Aviation please register with 
 the website and become a member of the forums.<br /> 

 Also there are perks of becoming a member like a weekly newsletter that is made 
 by our very own Director of <abbr title="Virtual Airline">VA</abbr> <abbr title="Operations">
 Ops</abbr> <br /> 
 with the help of our real world pilot for <abbr title="United Airlines">UAL</abbr>, 
 downloadable fleet, and much much more!  </p>
 
 <p id="contact">If you have any questions or comments e-mail us at:<br />
 
 <a href="mailto:[email protected]?subject=Website">
 [email protected]</a></p>
 <p id="contact2">
 <img src="images/Star_Alliance_Virtual.jpg" alt="Star Allicane" />
 <br/>
 Click <a href="mail">
 Here</a>
 to log into your Chicago Aviation E-mail account.
 </p>
 <p id="bottom_links">
 <a href="index2.php">Home</a><a href="index2.php" class="style2"><span> | </span></a>
 <a href="register.php">Join Us</a><a href="register.php" class="style2"> | </a>
 <a href="contact.php">Contact Us</a><a href="contact.php" class="style2"> | </a>
 <a href="termsofuse.php">Terms of Use</a>
 </p>
 
 <p id="copyright">&#169; Chicago Aviation <br />United Virtual Airlines CA is a 
 Virtual Airline for Flight Simulation. The United Air Lines Logos and Trademark 
 on this site remain the property of United Air Lines, Inc. The Chicago Aviation 
 Logos and Trademark on this site remain the property of Chicago Aviation. No 
 part of this Website Design or Layout may be reproduced or transmitted in any 
 form or by any other means, electronic, mechanical (including photocopying, 
 recording) or by any information storage and retrieval system, without the 
 express permission of Chicago Aviation. 2007-2008 All rights reserved &#174;</p>
 </div>
 
 <p id="css_valid">
 <a href="http://validator.w3.org/check?uri=referer"><img
 src="http://www.w3.org/Icons/valid-xhtml10"
 alt="Valid XHTML 1.0 Strict" height="31" width="88" /></a>
 
 
  <a href="http://jigsaw.w3.org/css-validator/check/referer">
   <img style="border:0;width:88px;height:31px"
   src="http://jigsaw.w3.org/css-validator/images/vcss"
   alt="Valid CSS!" />
  </a>
 <a href="http://www.vatsim.net/"><img alt="Vatsim Spin logo" src="http://www.united-virtual.com/images/pagemaster/VATSIM_2.gif"/></a>
 </p>
 <!-- Copyright Tom Brodowski 2007-2008 for Chicago Avition.  All Rights Resvered-->
 </body>
 </html>
 [/code]

@criterion9Jul 22.2009 — #You are setting the session var as

[code=php]
 $_SESSION['logged']=TRUE;
 [/code]

and checking it with:

[code=php]
 if($_SESSION['logged']==1)
 [/code]

@UAL225authorJul 22.2009 — #so check it as true or change true to 1? I guess it doesnt matter? And where is setting of the session True and checking it as 1 because I cant seem to find where that is in the code since I am pretty new. But thanks for the fix, I hope!

@UAL225authorJul 22.2009 — #You are setting the session var as

[code=php]
 $_SESSION['logged']=TRUE;
 [/code]

and checking it with:

[code=php]
 if($_SESSION['logged']==1)
 [/code]

[/QUOTE]

Hey criterion9 where is that in the code so I can change it. Sorry for such a noob qustion but I cant see it. Can you show me?

@criterion9Jul 22.2009 — #You are setting it before you redirect. You are checking it in several places in index2.php.

@UAL225authorJul 22.2009 — #kk got it thanks for your help!

Also in #PHP _↴

PHP MVC Application wihout Frame Work redirecting url Switching language

Success!

Help @UAL225 spread the word by sharing this article on Twitter...

Tweet This

[RESOLVED] Login Script help

51 Comments(s) _↴

Also in #PHP _↴

Success!

Social

Version

[RESOLVED] Login Script help

51 Comments(s) ↴

Also in #PHP ↴

Success!

The web is an endless sea of information. Don't miss the boat... Subscribe!

Social

Version

51 Comments(s) _↴

Also in #PHP _↴