Help with user session

srarcade

I have chalked up a simple login page from examples but it dosn't seem to want to work. The page comes up, but I can't get any value from $dt which prevents the login script from functioning.

<?php
session_start();
if(!$login) {
?>

<form action="login.php?dt=1" method=POST>
Username: <input type="text" name="username"> <br>
Password: <input type="password" name="thepass"> <br>
<input type="submit" value="login">
</form>

<?php
}
else if($dt==1) {

mysql_connect("localhost");
mysql_select_db("music");

$user = mysql_query("SELECT * FROM users WHERE user_name='".$username."' LIMIT 1");

if(mysql_num_rows($user) > 0) {
$user2 = mysql_fetch_array($user);

if($user2["password"] == crypt($thepass)) {
$loggedin = 1;

session_register($loggedin);

echo "You are now logged in. <a href=\"page1.php\">page1.php</a> <br> \n";
}
else { echo "Bad password."; }
}
else { echo "Username not found. <br> \n"; }
}
?>

ultraslacker

You may have register_globals off which is the default on php >= 4.1 Check php.ini

http://www.php.net/release_4_1_0.php

srarcade

Ok, i turned on the register_globals in php.ini but it dosn't seem to be working. Here is part of my code that won't register for instance:
if($u_name == $username)
{
if($u_pass == $thepass)
{
$loggedin = 1;
session_register('loggedin');

  			echo "You are now logged in.<br>";
		echo "Loggedin is set to: ".$_SESSION['loggedin']."<br>"; 
		echo "<br><a href=\"page1.php\">Test</a><br>";
	}
	else
	{
		echo "Bad password.<br>";
	}
} 
else 
{ 	
	echo "Bad User Name."; 
} [/SIZE]

I use a test by 'echo "Loggedin is set to : ".$SESSION['loggedin']."<br>";' but each time it stays empty which makes me think that the $SESSION array isnt on still or something. Any ideas?

anthill

I have a login code that works fine, dunno if your prob is setting up PHP wrong or not, but my code is this:

<?php 
session_start(); 
if(!$login) { 
?> 

<form action="login.php?dt=1" method=POST> 
Username: <input type="text" name="username"> <br> 
Password: <input type="password" name="thepass"> <br> 
<input type="submit" value="login"> 
</form> 

<?php 
} 
else if($dt==1) { 

  $username = $HTTP_POST_VARS['username'];
  $password = $HTTP_POST_VARS['thepass'];

  $db = mysql_connect("localhost","username","password");

  mysql_select_db("database",$db);

  $query = mysql_query("SELECT * FROM members WHERE username='$username' AND password='$password'");

  $login_check = mysql_num_rows($query);

  if($login_check > 0)
       {
           while($user = mysql_fetch_array($query))
           {       

           session_register('member_id');
           $_SESSION['member_id'] = $user['member_id'];

          header("location: next.php");

           }
       }
 else
       {
           echo "login failed";
       }
}
?>

next.php


<?
session_start();
if(!session_is_registered("member_id"))
{
 header("Location: login.php");
}

$member = $_SESSION['member_id'];

echo $member;

?>

only difference is the crypt bit, but the session registers fine.

Ant

srarcade

Ok, to be sure, i tried the exact script you gave me and its still doing the same thing which means I probably have php.ini setup wrong.

I have turned on global variables, thats about it. What else would I need to do in order for session variables to register? (I am using apache on windows xp.)

This is my last hurdle to overcome. If I can get this login stuff to work, it would really make my day :-)