Ok i could log in, but then i wrote a logout.php and a loggedin.php and also changed my header to show a log out button, but it seems to throw me to my home page when ever i try to login, i have cookie accepted but it dont seem to change anything
LOGIN.PHP
<?PHP
if(isset($_POST['submit'])) {
require_once ('./connect.php');
function escape_data ($data) {
global $connection;
if(ini_get('magc_quotes_gpc')) {
$data = stripslashes($data);
}
return mysql_real_escape_string($data, $connection);
}
$message = NULL;
if(empty($_POST['username'])) {
$u = FALSE;
$message .= '<p>You forgot to enter your username!</p>';
} else {
$u = escape_data($_POST['username']);
}
if(empty($_POST['password'])) {
$p = FALSE;
$message .= '<p>You forgot to enter your password!</p>';
} else {
$p = escape_data($_POST['password']);
}
if($u && $p) {
$query = "SELECT username, name FROM tester WHERE username='$u' AND password=PASSWORD('$p')";
$result = @mysql_query ($query);
$row = mysql_fetch_array ($result, MYSQL_NUM);
if($row) {
session_start();
$_SESSION['name'] = $row[1];
$_SESSION['username'] = $row[0];
header ("location: [url]http://[/url]" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/loggedin.php");
exit();
} else {
$message = '<p>The username and password entered do not match those on file.</p>';
}
mysql_close();
} else {
$message .= '<p>Please try again.</p>';
}
}
include ('./header1.inc');
if (isset($message)) {
echo '<font color="red">', $message, '</font>';
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table border="1" cellpadding="4" align="center" rules="none" frame="box" bordercolor="black">
<tr>
<th rowspan="3" bgcolor="black"><font color="white" face="sans-serif" size="2">If you are not<br> registered click here <a href=register.php><br>register</a></font></th>
<td><font face="sans-serif">Username</font></td> <td><INPUT type="text" name="username" size="20" maxlength="40" value="<?php if(isset($_POST['username'])) echo $_POST['username']; ?>"></td>
</tr>
<tr>
<td><font face="sans-serif">Password</font></td> <td><INPUT type="password" name="password" size="20" maxlength="40"></td>
</tr>
</table>
<div align="center"><input type="submit" name="submit" value="Login" />
</div>
<?PHP
include ('./footer1.inc');
?>
LOGGEDIN.PHP
<?php
session_start();
if(!isset($_SESSION['name'])) {
header ("Location: [url]http://[/url]" .
$_SERVER['HTTP_HOST'] .
dirname($_SERVER['PHP_SELF']) .
"/index.php");
exit();
}
include('./header1.inc');
echo "<p>You are now logged in,
{$_SESSION['name']}!</p>";
include('./footer1.inc');
?>
LOGOUT.PHP
<?php
start_session()
if(!isset($_SESSION['name'])) {
header ("Location: [url]http://[/url]" .
$_SERVER['HTTP_HOST'] .
dirname($_SERVER['PHP_SELF']) .
"/index.php");
exit();
} else {
$_SESSION = array();
session_destroy();
setcookie('PHPSESSID', '', time()-300, '/', '', o);
}
include('./header1.inc');
echo "<p>You are now logged out.</p>";
include('./footer1.inc');
?>
HEADER.INC
<?php
session_start();
if(!isset($_SESSION['name'])) {
header ("Location: [url]http://[/url]" .
$_SERVER['HTTP_HOST'] .
dirname($_SERVER['PHP_SELF']) .
"/index.php");
exit();
}
include('./header1.inc');
echo "<p>You are now logged in,
{$_SESSION['name']}!</p>";
include('./footer1.inc');
?>
