Get satared with sessions on a log in!

Chrysanthus

Hi every body

I have a quest that's is starting session to login page and then after to other pagest in the sight thats need tracking of singel users!!

And i have read all the faq but i still don't understand and i wounder i f some one can help me get a start on where i should being with or a exampel osw i see how it looks and how i begin...

where do i start with the functions?
every page thats need verification?

session_start();
session_register('username');
session_register('password');

here is my form for login.

Username:<br>
<input class="inputSidebar" type="text" name="username"<br>

Password:<br>
<input class="inputSidebar" type="password" name="password"><br>

<input class="button" type="submit" name="submit" value="Login">

I used this php sktipt before! and now i wounder if i shoulde keep it to modifi it with session functions....

<?

$username=$POST["username"];
$password=$POST["password"];

include('mysqlcon.php');

$mysqlcon = "select * from reg_info where username = '$username' and password = '$password';";
$result = mysql_query($mysqlcon) or die("Query failed");

if (mysql_num_rows($result) == '1') {

print "<p><center><big><big>Welcome $username Please click <a href=\"index.php\">here to continue to flameline.com</big></big></center></p>";
}
else
{
print "<p><center><big><big>Sorry, incorrect Password $password. or Nickname $username.</big></big></center></p>";
print "<p><center><big>if not a member <a href=\"register.php\">click here to register</big></center></p>";
}

?>

marky2coats

Every page that needs to check weather the user has authenticated must have session_start() otherwise your session varibles will not be available.

Edit this code part of the code to look like this:-

if (mysql_num_rows($result) == '1') {

print "<p><center><big><big>Welcome $username Please click <a href=\"index.php\">here to continue to flameline.com</big></big></center></p>";
$_SESSION["IsLoggedIn"] = true;
}

At the start of each page that needs to check authentication use something like:

session_start();
if (!isset($_SESSION["IsLoggedIn"])) {
echo "You have not logged in"
exit;
}

You can obviously change the above to do whatever you want like redirect the user to the login page.

Also you dont have to register the username and password varibles. You could set $SESSION["username"] and $SESSION["password"] to the forms posted values. (I believe the $_SESSION global var is available in php ver 4.3.0 and upwards but dont quote me on that 🙂 )

Hope this helps

Mark

Chrysanthus

thanks a lot all test it.. 😃

Chrysanthus

Hi again i get an error

when i try this with sessions....

i get this error

Parse error: parse error, unexpected T_EXIT, expecting ',' or ';' in C:\Apache Group\Apache2\htdocs\Flameline\login\index.php on line 5 what that now means i dont know 😕

i have looked at php.net for simular error but do not find any thing! or im making a incorrect search on php.net

here is the test fil code...

<?php
session_start();
if (!isset($_SESSION["username"])) {
echo "You have not logged in"
exit;
}
?>

<center><h1>This page is under construction, if you have any questions whatsoever, sen them here:<br>info@flameline.com</h1></center>

marky2coats

Parse error: parse error, unexpected T_EXIT, expecting ',' or ';'

Well the error says it all really!! look at the code:-

<?php
session_start();
if (!isset($_SESSION["username"])) {
echo "You have not logged in"
exit;
}
?>

This is very basic debugging. PHP is expecting a ";" but didnt find one at the end of line. I'll leave you to find out what line it is 😃

Mark.

Chrysanthus

Hi again

I fixed it i just forgott this ; ahha stupido..

now its this problem

Warning: session_start(): open(/tmp\sess_33a2d721029bef4c1a15db4188832259, O_RDWR) failed: No such file or directory (2) in C:\Apache Group\Apache2\htdocs\Flameline\login\index.php on line 2

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at C:\Apache Group\Apache2\htdocs\Flameline\login\index.php:2) in C:\Apache Group\Apache2\htdocs\Flameline\login\index.php on line 2

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at C:\Apache Group\Apache2\htdocs\Flameline\login\index.php:2) in C:\Apache Group\Apache2\htdocs\Flameline\login\index.php on line 2
You have not logged in
Warning: Unknown(): open(/tmp\sess_33a2d721029bef4c1a15db4188832259, O_RDWR) failed: No such file or directory (2) in Unknown on line 0

Warning: Unknown(): Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0

i read that im suposed to edit php.ini and add the session function or some thing is that correct?

mctwist

Tja, jag hade samma problem som du.
Du måste in i php.ini och ändra "session.save_path" till en mapp där du vill att sessions-filerna ska placeras.
Förresten kör du apache?
Om du gör det, glöm inte att lägga php.ini filen i din apache mapp.
Inte htdocs-mappen utan i installationskatalogen för apache.
Hoppas detta hjälper...

Chrysanthus

japp kör apache 2.0.47 med mysql

php.ini-recommended måste man väll döpa till ini eller?

funkar detta path på

session.save_path = /Apache Group/Apache2/htdocs/Flameline/sessions

PHP.INI i roOten av apache eller i bin?

Chrysanthus

De funkar nu men hur gör jag nu sessione validerar inte mig...

mctwist

pardon my english men va menas med att validera?
vad är det som inte fungerar?

Chrysanthus

i mean that the session do not validate the user to the session or how do i't to function..!

mctwist

okey, ja fattar fortfarande inte va validera betyder, men jag kan försöka hjälpa dig...
här är en inloggningssession jag skapade för några dar sedan.
den består av 3 filer.
första filen, är egentligen inget annat än ett formulär för att logga in. den kollar även om det finns några befintliga sessioner och förstör dom i sådant fall...
andra filen kollar i en databas om användaren finns. finns inte användaren uppmanas man att gå tillbaka till inloggningssidan.
* tredje filen förstör sessionen, dvs. tar bort den från mappen där alla sessioner lagras...

fil no1.

<?
if($_SESSION['logstatus']){
session_destroy();
}
?>
<html>
<body>
<form action="inloggad.php" method="post">
Login:
<br>
<input type="password" name="login">
<br>
<input type="submit" value="logga in">
</form>
</body>
</html>

fil no2.

<?
$conn_id=odbc_connect("loginfo","","");
$login=$POST['login'];
$sql="SELECT login FROM users WHERE login='$login'";
$result=odbc_exec($conn_id,$sql);
if(odbc_fetch_row($result)){
session_start();
$SESSION['inloggad'] = $login;
echo "Välkommen $login";
?>
<form action="utloggad.php" method="post">
<input type="hidden" name="namn" value="<?=$login?>">
<input type="submit" value="logga ut">
</form>
<?
}
else{
echo "felaktig login";
?>
<br>
<a href="loggain.php">Försök igen</a>
<?
}
?>

fil no3.

<?
session_start();
if($SESSION['inloggad']){
echo "Tack för ditt besök " .$POST['namn']. ", välkommen åter!";
session_destroy();
?>
<a href="loggain.php">
Logga in
</a>
<?
}
else{
echo "du är ej inloggad";
?>
<a href="loggain.php">
Logga in
</a>
<?
}
?>

surfa in på http://donken.sytes.net så kan du se hur det fungerar...
testa att bara skriva in vadsomhelst i login-rutan
testa att gå in på gästboken utan att logga in först...
testa att logga in med användarnamn "arne" och sedan gå in i gästboken...
jag håller fortfarande på att experimentera mycket med dessa sidor, men jag har kommit en liten bit på väg i alla fall...

Chrysanthus

validate = validering verifiering av användare typ...

I'm gonna test the code and try to configure it two work to min code....

skriver i eng för att andra ska dra nytta av de....

tack för idérna ska testa de nu

mctwist

Oh one more thing.
The code for the guestpage is:

session_start();
if($_SESSION['inloggad']){
echo "Inloggad";

if(isset($_POST['skicka'])){
	lagg_till();
}

visa_databas();

?>
<html>
<body>
<br><br>
<form method="post">
Namn:
<br>
<input type="text" name="namn">
<br>
Inlägg:
<br>
<textarea name="inlagg"></textarea>
<br><br>
<input type="submit" value="skicka inlagg" name="skicka">
</form>
</body>
</html>
<?

}

else{
echo "Var vänlig logga in tack!<br>";
?><a href="sida.htm">Tebax</a><?
}

function visa_databas(){
$conn_id=odbc_connect("minsida","","");
$sql="SELECT * FROM meddelanden ORDER BY datum DESC";
$result=odbc_exec($conn_id,$sql);
odbc_result_all($result);
odbc_close;
}

function lagg_till(){
$conn_id=odbc_connect("minsida","","");
$namn=$POST['namn'];
$inlagg=$POST['inlagg'];
$datum=date("Y-m-d H:i:s");
$sql="INSERT INTO meddelanden (namn,inlagg,datum) VALUES ('$namn','$inlagg','$datum')";
odbc_exec($conn_id,$sql);
odbc_close;
}

Chrysanthus

what kind db are you useing?

sow how what is your quest?

i have't checkt you code jet but to day i will i must do fix it to fit in to mysql....

and i wounder why you nut put the sessions fil into a db insted of a folder?

is't it better? you have more thing under control?

mctwist

I am using a simple acess-db.
To be honest, I didn't know you could put session-files into db. 😃 I am really new at this, haven't programmed anything before. So I'm just trying my way forward, playing around with the code to see and learn what works and what doesn't. I don't know what is good or bad with the code I wrote in the thread, I just now it works 😉

/Erik

Chrysanthus

ok why not make some thing useful insted...?? me and my budy are working on a sight...

and wee allsow wanna learn

about the db thing im not sow hi on but i know that it can be dun....

You icq? så kan man snacka svenska .... man kan hjälpa varandra!

mctwist

yepp, u should find me on ICQ: 112990155

Chrysanthus

fixar de efter dans tränningen idag!!