[Problem]
The problem is that I've got A login script (using php sessions) and everything works, except when I go to this one page the script says I'm logged out etc... in perticular addasomething.php
If you want to see for youself a demo is at www.mikestermedia.com/youth.curtisbaptist.org/workstation/login.php
The pass is meyaomix and the user is mrfluffy.
[why am I doing this]
because I need a working login script (actually a whole admin system) that is easily customisable and also easy for me to understand and I've found nothing on the net....
If you have a better way of doing it please tell me
[the scripts]
common.php
<?php
session_start();
session_register("sessiondata");
?>
checklogin.php
<?php
echo "<HTML>\n";
echo "<HEAD>\n";
echo "<TITLE>Youth Workstation";
echo "</TITLE>\n";
echo "</HEAD>\n";
echo "<BODY>\n";
echo "<CENTER>Youth Workstation</CENTER>\n";
echo "<BR><BR>\n";
echo "<CENTER>\n";
echo "<TABLE BORDER=5 BORDERCOLOR=\"0000FF\" CELLPADDING=2 ";
echo "CELLSPACING=5 >\n";
echo "<TR>\n";
echo "<TD><A HREF=\"login.php\">Login</A></TD>\n";
echo "</TD>\n";
echo "<TD><A HREF=\"login.php?action=logout\">Logout</A></TD>\n";
echo "<TD><A HREF=\"addadevotion2.php\">Add a devotion</A></TD>\n";
echo "</TR>\n";
echo "</TABLE>\n";
echo "</CENTER>\n";
echo " <TR>\n";
echo "<BR><BR>\n";
//Retrieve input variables from HTTP get or post
$userinfo = strtolower($REQUEST_METHOD) == 'get'
? $HTTP_GET_VARS : $HTTP_POST_VARS;
$loggedin = TRUE;
//If no username in sessiondata or form data then they are not
//logged in and are not trying to
if ($userinfo[in_username] == NULL && empty($sessiondata[username]))
{
echo "<CENTER>\n";
echo "<BR><BR><BR>\n";
echo "You are not logged in\n";
echo "<BR>\n";
echo "<A HREF=\"login.php\">Click Here To Log In</A>\n";
echo "</CENTER>\n";
$loggedin = FALSE;
}
//If they are logging in, set the session data
else if (empty($sessiondata[username]))
{
$sessiondata[username] = $userinfo[in_username];
$sessiondata[password] = $userinfo[in_password];
}
//If their connection fails, ask them to try logging in again
if ($userinfo[in_username] != "mrfluffy" && $userinfo[in_password] != "meyaomix")
{
echo "<CENTER>\n";
echo "<BR><BR><BR>\n";
echo "Incorrect Login Credintials\n";
echo "<BR>\n";
echo "<A HREF=\"login.php\">Click here to try again</A>\n";
echo "</CENTER>\n";
$loggedin = FALSE;
}
?>
dbMonitor
<?php
include ('common.php');
include ('checklogin.php');
if ($loggedin == TRUE)
{
echo "<CENTER>\n";
echo "You are logged in!\n";
echo "</CENTER>\n";
}
?>
login.php
<?php
session_start();
session_register("sessiondata");
$sessiondata[username] = NULL;
//Retrieve input variables from HTTP get or post
$userinfo = strtolower($REQUEST_METHOD) == 'get'
? $HTTP_GET_VARS : $HTTP_POST_VARS;
if ($userinfo[action] == 'logout')
{
echo "<CENTER>\n";
echo "<BR><BR><BR>\n";
echo "You have been logged out\n";
echo "<BR><BR><BR>\n";
echo "<A HREF=\"login.php\">Click Here To Log ";
echo "In Again</A>\n";
echo "</CENTER>\n";
}
else
{
echo "<!doctype html public \"";
echo "-//W3C//DTD HTML 4.0 //EN\">\n";
echo "<HTML>\n";
echo "<HEAD>";
echo "<TITLE>Youth Workstation - Login</TITLE>";
echo "</HEAD>\n";
echo "<CENTER>\n";
echo "<BODY>\n";
echo "Youth Workstation - Login\n";
echo "<BR><BR><BR>\n";
echo "<FORM ACTION=\"dbMonitor.php\"\n";
echo "METHOD=\"POST\">\n";
echo "<TABLE CELLSPACING=5 CELLPADDING=5 BORDER=3 ";
echo "BORDERCOLOR=\"0000FF\" >\n";
echo "<TR><TD>\n";
echo "Username</TD><TD><INPUT TYPE=\"TEXT\" NAME=\"";
echo "in_username\" SIZE=\"30\" MAXLENGTH=\"16\" ";
echo "SELECTED=TRUE><BR>\n";
echo "</TD></TR>\n";
echo "<TR><TD>\n";
echo "Password</TD><TD><input type=\"password\" name=\"";
echo "in_password\" SIZE=\"30\"><BR>\n";
echo "</TD></TR>\n";
echo "</TABLE>\n";
echo "<BR><BR>\n";
echo "<INPUT TYPE=\"SUBMIT\" VALUE=\"Login\">\n";
echo "   \n";
echo "<INPUT TYPE=\"RESET\" VALUE=\"Reset\">\n";
echo "</FORM>\n";
echo "</CENTER>\n";
echo "</BODY>\n";
echo "</HTML>\n";
}
?>
addadevotion2.php
<?php
include ('checklogin.php');
if ($loggedin == TRUE) {
$DB_SERVER = "xxxx";
$DB_USER = "xxxxx";
$DB_PASS = "xxxx";
$DB_NAME = "xxxxxxx";
$db = mysql_connect($DB_SERVER, $DB_USER, $DB_PASS);
mysql_select_db($DB_NAME);
if ($submit) {
// process form
$db = mysql_connect($DB_SERVER, $DB_USER, $DB_PASS);
mysql_select_db($DB_NAME);
$result = mysql_query("SELECT * FROM quotes",$db);
$sql = "INSERT INTO quotes (quote,author) VALUES ('$quote','$author')";
$result = mysql_query($sql);
echo "Thanks dude! Your Stuff has been entered.\n";
}
else{
// display form
echo "<h1>Add a Devotion to the Devotions Database</h1>";
echo "<br><form method='post' action='addadevotion2.php'>";
echo "Devotion:<br><input type='Text' name='quote'><br>";
echo "Author<br><input type='Text' name='author'><br>";
echo "<input type='Submit' name='submit' value='Add the Stuff'>";
echo "</form>";
} // end if
}
?>
I'm lost! Please help!
