Menu
Community /Pin to ProfileBookmark
@NogDogMay 19.2005 — #For one thing, get rid of the session_register(). It's not needed, and might actually be screwing things up. (See various notes/cautions at www.php.net/session_register .)
Also, the very last else clause in your login script has you setting a $_SESSION value, but you do not have the session running (you do the session_start() if the if condition is true), so it probably doesn't really do anything. (I always put session_start() at the very beginnning of any script that uses sessions.)
Sessions
Hey everyone.
I’m setting up my authentication for my website. I am trying to have it so that users can register, login and then go on to their members page where they will be able to post news, upload school notes, etc. but for some reasons I can’t transfer the variables to continue the session. My PHP is up to date so I’m thinking I just have a stupid, simple problem floating in my code. 😮
[B][I]This is the login code (login.php):
<?php
//Retrieve data from login form.
$Email = $_REQUEST[‘Email’]; //get Email for login
$Password = $
//Strip away harmful tags
$Email=strip_tags($Email);
$Password = strip_tags($Password);
//Replace spaces in variables
$Email=str_replace(” “,””,$Email); //remove spaces from email login
$Password=str_replace(” “,””,$Password); //remove spaces from password login
$Email=str_replace(“%20″,””,$Email); //remove escaped spaces from email login
$Password=str_replace(“%20″,””,$Password); //remove escaped spaces from password login
//Escape other things (ie quotes and apostrophes)
$Email=addslashes($Email);
$Password=addslashes($Password);
//Connect
$conn = mysql_connect(“localhost”, “na032339”, “na032339”);
if (!$conn) {
echo “Unable to connect to DB: ” . mysql_error();
exit;
}
if (!mysql_select_db(“na032339”)) {
echo “Unable to select na032339: ” . mysql_error();
exit;
}
//Encrypt Password to compare to database
$Password=md5($Password);
//Select table entry to compare password to
$sql= “SELECT * FROM Register WHERE Password = ‘”.$Password.”‘ AND Email = ‘”.$Email.”‘ LIMIT 1″;
//Pass information to the mySQL connection
$result= mysql_query($sql);
//If mySQL return a value greater than 0, then there is a match.
if(mysql_num_rows($result)) //function returns true if any matches are found
{
session_start();
$_SESSION[‘Email’] = $Email;
$
Header(“Location: members.php”);
echo “User Logged in.”;
}
Else
{
echo “<font face=’Arial’>User Name/Password Not Found!”;
print “Click <a href=’payments.html’>here</a> to try again</font>”;
$_SESSION[‘Auth’] = “False”;
}
?>
[B][I]This is the start of my members page code (members.php):
<?php
session_start();
session_register(“Email”);
if (!isset($_SESSION[‘Email’]))
{
// User not logged in, redirect to login page
Header(“Location: payments.html”);
}
// Display Member-only stuff
// …
// Display Member information
echo “<p>User ID: ” . $_SESSION[“Email”];
// Display logout link
echo “<p><a href=”logout.php”>Click here to logout!</a></p>”;
?>
If you can help me I’d kiss your feet! haha :rolleyes:
Any help would be great!! ?
Chris
Sign in
to post a comment6 Comments(s) ↴
0
@NogDogMay 19.2005 — #For one thing, get rid of the session_register(). It's not needed, and might actually be screwing things up. (See various notes/cautions at Also, the very last else clause in your login script has you setting a $_SESSION value, but you do not have the session running (you do the session_start() if the if condition is true), so it probably doesn't really do anything. (I always put session_start() at the very beginnning of any script that uses sessions.)