hi couple of issues with my logon script that could do with some expert help 🙂
1) i want to put a script on my members page so that you have to be logged in to see it. i came up with the following. However i only ever get the echo messages
<?php
ob_start();
session_start();
// if (!isset($_SESSION["logged_in"]))
// {
// include "template.php";
// echo "<h2>You are required to Log in to view this page</h2><br><br>";
// echo "<h2>Please use the Links at the top right hand corner of the image</h2><br><br>";
// exit;
// }
include "template.php" ;
?>
2) i created a member area that i thought would show a login, logout and forgot password link if i wasn't logged in and echo the name of the member would was logged in. however i never get the logged on name part ,or the logout option.
[code=php] <div class="member-area">
<?php
if ($_SESSION['logged_in']) {
?>
<!--- start 'member-area' --->
<ul>
<li style="font-weight:bold"><?php echo $_SESSION['fullname']?></li>
<li><a href="customer_logout.php" rel="nofollow">Logout</a> »</li>
</ul>
<?php
}
else {
?> <!--- start 'member-area' --->
<ul>
<li><a href="customer_login.php" rel="nofollow">Log in</a> »</li>
<li><a href="customer_create.php" rel="nofollow">Register</a> »</li>
<li><a href="password_get.php" rel="nofollow">Forgotten password?</a> »</li>
</ul>
<?php
}
?>
</div> <!--- end 'member-area' --->[/code]
i tried to see what results were being returned using
<?php
session_start();
echo "<pre>";
var_dump($_SESSION);
echo "</pre>";
?>
And got nothing in the array.
thought that meant i was not getting looged in but then cannot see why an error isn't thrown up.
Any ideas guys ?
Full code here:
LOGIN PAGE.
<?php
ob_start();
# Load the template
include "template.php";
# If a username and password has been provided, attempt to log the user into the site
if (isset($_POST['Username']) && isset($_POST['Password'])) {
$username = $_POST['Username'];
$password = $_POST['Password'];
# Query the database to see if the username and password supplied match
$sql = "SELECT CONCAT(FirstName, ' ',LastName) AS Name
FROM user
WHERE UserName = '$username' AND Password = PASSWORD('$password')";
$result = mysql_query($sql) or die('Query failed. ' . mysql_error());
# If there is 1 row returned, then the user and password matched
# We can therefore mark the user as logged in
if (mysql_num_rows($result) == 1) {
// Set the session variable to show the user is logged in
$_SESSION['logged_in'] = true;
// Store the user's username in a session variable so it can be used when they submit bookings
$_SESSION['username'] = $username;
$row = mysql_fetch_array($result, MYSQL_NUM);
$_SESSION['fullname'] = $row[0];
header('Location:members.php');
exit;
}
else {
# Login failed. Reprint the login form with the following errors message
$Errors = array();
$Errors[] = "Login Failed: Incorrect username or password";
login_form($Errors);
}
}
else {
# When no username/password provided display the login form
login_form(array());
}
function login_form($Errors) {
# Function to generate the 'Log in' page
?>
<!--- ***START LOGIN PAGE*** --->
<div id="aimhigh_content_wrapper"> <!--- start 'aimhigh_content_wrapper' --->
<div id="aimhigh_content"> <!--- start 'aimhigh_content' --->
<div id="content_panel_centre"> <!--- start 'content_panel_centre' --->
<div id="column_w800"> <!--- start 'column_w800' --->
<div class="header_01">Log in to Cosford FC Website</div>
<div id="content_panel_login_left"> <!--- start 'content_panel_login_left' --->
<div class="header_02_shop"><strong class="red">Log in</strong></div>
<div id="login_panel_noborder"> <!--- start login_panel_noborder --->
<?php
if (count($Errors)) {
/* red box placed around missing 'required' fields */
echo "<div style='border:1px solid red;padding:5px;margin:5px;padding-left:18px'>";
foreach ($Errors as $Error) {
echo "<li>$Error";
}
echo "</div>";
}
?>
<form name="login" method="POST"> <!--- start Login Form --->
<table class="LoginTable"> <!--- start Login Table --->
<tr>
<th>Username:</th>
<td><input type="text" name="Username" tabindex=1 size="34px" value="<?php echo $Username ?>">
<br><a href="username_get.php">Forgotten Username?</a></td>
</tr>
<tr>
<th>Password:</th>
<td><input type="password" name="Password" tabindex=2 size="34px" value="<?php echo $Password ?>">
<br><a href="password_get.php">Forgotten Password?</a></td>
</tr>
</table> <!--- end Login Table --->
<br>
<p align="center"><input type="submit" value="Login" tabindex=3></p><br>
</form> <!--- end Login Form --->
</div> <!--- end login_panel_noborder --->
</div> <!--- end 'content_panel_login_left' --->
<div id="content_panel_login_right"> <!--- start 'content_panel_login_right' --->
<div class="header_02_shop"><strong class="red">Register</strong></div>
<div id="register_panel_noborder"> <!--- start login_panel_noborder --->
<ul class="list_with_icon">
<div class="header_05"> <!--- start header_05 --->
<li>Vote for your player of the season</li><br>
<li>Check the club Calendar for training and games</li><br>
<li>Join our Mailing list to keep abreast of club developments</li><br>
</ul>
</div> <!--- end login_panel_noborder --->
<p align="center"><input type="button" value="Register Now" onClick="parent.location='customer_create.php'"></p><br>
</div> <!--- end 'content_panel_login_right' --->
</div> <!--- end 'column_w800' --->
</div> <!--- end 'content_panel_centre' --->
<div class="cleaner"></div>
</div> <!--- end 'aimhigh_content' --->
<div class="cleaner"></div> <!--- end 'aimhigh_content_wrapper' --->
</div>
<script>
document.login.Username.focus();
</script>
<!--- ***END LOGIN PAGE*** --->
<?php
}
print_footer();
?>
