admin login

wortmann · Sep 6, 2013

Hello,

I'm realtively new to PHP but have managed login script and gallery (coppermine).

Now i'm working on an admin page that will only let the administrator create new members.
Got three pages: html start and asking for admin name and pw.
Works all well.
then a php file that checks weather the credentials are correct.
and this is where i go wrong.

I'd like to make sure that when they are correct the administrator is redirected to another page (admin.php)
But it doesn work that way the browser gives me a blank page...

My check.php file is:

<?php
$name=$_POST['name'];
$pass=$_POST['pass'];

if ($name==("admin") & $pass==("login") ) {

  $_SESSION['name']="name";
  $_SESSION['pass']="pass";
  header("admin.php");

  }

else echo 'Something went wrong. Go again';
?>

When the credentials are wrong i do get the message 'Something went wrong. Go again'.

any suggestions?

bradgrafelman · Sep 6, 2013

Two things:

Where do you call [man]session_start/man? This function must be called for each request that uses session data.
"admin.php" is not a valid HTTP header. HTTP headers follow a "Name: Value" pattern, so at the very least you're missing the name of the HTTP header you'd like to send. Furthermore, assuming you meant to send a Location header, you're also missing a full URI as the value (granted, most web browsers seem to understand values that don't conform to the standard).

EDIT: And a third: When posting PHP code, please use the board's [noparse]

..

[/noparse] bbcode tags as they make your code much easier to read and analyze.

wortmann · Sep 6, 2013

Hello,

Thanks for the quick reply.
I'm not sure if i came accross right. The code shown is from the file check.php. so why would i use html code?

Here are the three files:
admin_login.html
check.php
admin.php

here are the codes:
admin_login.html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Add Contact - Administration</title>
</head>

<body>
<form action="check.php" method="post">
<table width="261" border="0" align="center" cellpadding="10" cellspacing="10">
<tr>
<td width="74">Name: <input name="name" type="text" /></td>
<td width="117"> </td>
</tr>
<tr>
<td>Password: <input name="pass" type="text" /></td>
<td><input name="submit" type="submit" value="Login" /></td>
</tr>
</table>
</form>
</body>
</html>

the check.php
<?php
$name=$POST['name'];
$pass=$POST['pass'];

if ($name==("admin") & $pass==("login") ) {

$SESSION['name']="name";
$SESSION['pass']="pass";
header("admin.php");

}

else echo 'Something went wrong. Go again';

?>

admin.php
<?php
session_start();
if(!$_SESSION('pass')) {

echo 'good';
}

?>

<p>this is the admin page</p>

</body>
</html>

when the session passes I sould then add new fields instead of echo 'good' but i just did this so i can test it.

I got it from youtube: https://www.youtube.com/watch?v=HeavBljJppE

bradgrafelman · Sep 6, 2013

Who ever said anything about "html code" ?

wortmann · Sep 6, 2013

sorry, i was talking to someone here and wrote this down. see it as if i never said it.

wortmann · Sep 6, 2013

i think the check.php is working since it now does redirect me to the admin.php page.
changed the header to location:admin.php and it seems to work.

I do get an error on line three:
if(!$_SESSION('pass')) {
i've changed it back as in the youtube video sample.
if(!session_is_registered('pass')) {

but both give me the same error:
Fatal error: Call to undefined function session_is_registered() in C:\xampp\htdocs\website\admin.php on line 3

wortmann · Sep 6, 2013

got it sorted it all came down to suing old php language.
if ( isset( $_SESSION['user'] ) ){}
instead of
if(!session_is_registered('pass')) {

admin login

Wwortmann

Bbradgrafelman

Wwortmann

Bbradgrafelman

Wwortmann

Wwortmann

Wwortmann