[Resolved] session: user authentication, is he logged in?

Dax

Hi, i made some pages for my login management system and most of them work:

signup (registers user to database and sends verification email)
activate (special activation thing for the randomly generated password, when user opens this page which is a randomly generated link with userID and password, the'r account becomes active)
login (username, password, goto login_success)
login_success(3 links, after success: change pass, logout, memberpage)
change-pass(changes the randomly generated password to a user requested one) ---THIS DOESNT WORK---
memberpage (checks to see if the user is logged in, and i am trying to make it say, Hi $_session['name'] , you are logged in!)---THIS DOESNT WORK EEITHER---

what i wanna know is, (change password isnt important for now)
i need someone to give me a code which checks for authentication, it has to be a session and it should tell me "name" and "username" and "email" and password, i already registered those in a session, in the login page, and then it goes to login_success, and checks if the sessions are there, it works until there but i dunno how to make the code for memberpage, which will check to see if the user has logged in, if so, displays a msg ($msg) but if the person isnt logged in (else) it should go to login page....

thx for your time, greatly appreciated 😃 please help 😕

Dax

I made a code, but im not sure it will work, i want to add this to memberpage.php, on the top and then add a <? echo "$msg"; ?> in the place i want.

<? 
session_start();

if(!session_is_registered('name')){ 
        echo "Sorry, but you were not logged in, please login:";
        include 'show_login.html'; 
} else {
        $msg = "<i>Member ". $_SESSION['name'] ." you are now logged in</i><br><small><a href='logout.php'>Logout</a><br><a href='Changepw.html'>Change Passwprd</a><br><a href='lost_pw.html'>Lost Password?</a></small>"; 
}
?>

dalecosp

Here's my strategy on one site:

verify.php:

<?php
if ($members=="true") {
   if (!$_SESSION['auth_user']) {
      header("Location: login.php");
   }
}
?>

Then, on restricted pages:

<?php
$members="true";
include 'verify.php';
?>

Dax

It doesn't work your way, or even if i put Session_Start(); at beggining, heres what i put ontop of memberpage:

<?
session_start();
$members="true"; 
include 'verify.php'; 
?> 
//rest of the page...
<html>



<head>

and heres verify.php

<? 
if ($members=="true") { 
   if (!$_SESSION['username']) { 
      header("Location: show_login.html"); 
   } 
} 
?>

i tried it without the session_start() but it doesnt work, it just goes to show_login.html

dalecosp

So, what's the value of the variable?

I note that you were using 'name' rather than 'username' in the previous example ... did you update everything to reflect this?

Dax

i dont know, there is username there is email there is password and there is name

so it doesnt matter i think... but either way it doesnt work, when i login, it says success, and then i click memberpage and it looks like the session is gone, please help!!!!

dalecosp

Are sessions working at all?

<?php
//page1.php
session_start();
$_SESSION['foo']="Works!";
echo "<a href=\"page2.php\">Click here</a>";
?>

<?php
//page2.php
session_start();
echo $_SESSION['foo'];
?>

Dax

Ok i fixed the problem, cookies are enabled, plus sessions work cuz the validation and register parts of my website work, well anyway, i changed it to like this

in login_success.php:

<?
session_start();
$_SESSION['members']="yes";
//(rest of script)
?>

and then in the restricted pages (memberspage):

<?
include 'verify.php'
?>

and finally in the verify page:

<? 
session_start();
if ($members != "yes") { 
      echo "Sorry, your username and password hasn't been registered, this would mean that cookies aren't enabled in your browser or that you haven't been logged on.";
      include 'show_login.html';
      exit(); 
} else {
$_SESSION['members'];
}
?>

THANKS FOR YOUR TIME, I SOLVED IT, THIS THREAD IS RESOLVED