SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    SitePoint Member Induscrede's Avatar
    Join Date
    Mar 2003
    Location
    Tucson, Arizona
    Posts
    0
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    help with sessions and passing variables from one page to another

    I am using the following scripts to make a member login. The login part works fine.I want to design the website so that if a user is trying to access a protected page it kicks them to the login screen with the url they were trying to access and once they login it takes them back to where they were.

    My problem right now is that i cant seem to use sessions correctly to pass my eid from the validate page to the protected page. Also if the user logs in from the login page wioth out going anywhere the current url is blank so after the user logs in nothing happens.I want them to be forwarded to the a page called say... mainmenu.php if they simply login form the login page. How do I go about doing this.
    Any help will be greatly appreciated !!


    Login.php

    <html>
    <head>
    <TITLE>Login</title>
    </head>
    <body bgcolor="#FFFFFF" text="#000000" link="#000000" vlink="#000000">
    <h1>Login</h1>
    <form action="validate.php?current_url=<?php echo $current_url?>" method="post">
    <table align="center" border="1" cellspacing="0" cellpadding="3">
    <tr>
    <td>Username/td>
    <td><input type="text" name="uid" maxlength="40"></td>
    </tr>
    <tr>
    <td>Password/td>
    <td><input type="password" name="pwd" maxlength="50"></td>
    </tr>
    <tr>
    <td colspan="2" align="right"><input type="submit" name="submit" value="Login"></td>
    </tr>
    </table>
    </form>
    </body>
    </html>


    validate.php:


    <?php
    session_start();
    session_register("eid");
    //include database details
    include("connectdb.php");
    if(!isset($current_url))
    {
    $current_url="mainmenu.php";
    }
    if (isset($_POST['submit']))
    {
    // check users have entered the data into fields
    if(!$_POST['uid'] | !$_POST['pwd'])
    {
    die('You did not fill in a required field.');
    }
    //check password and username existances in dbase
    $check_auth = "SELECT employeeID FROM employee WHERE username='$uid' AND password=md5('$pwd')";
    $result = mysql_query($check_auth);
    //check number of rows
    $num = mysql_numrows($result);
    //if row =1 then username details correct
    if ($num ==1)
    {
    $_SESSION["eid"]=mysql_result($result,0,0);
    header ('Location:' . $current_url);
    echo $_SESSION["eid"];//for testing purpose
    exit;
    }
    else
    {
    header ('Location:login.php?current_url=' . $current_url);
    echo"Unsuccessful Login Attempt";
    exit;
    }
    }
    ?>

    A password protected page:

    <?php
    include("accesscontrol.php"); ?>
    <html>
    <head>
    <title> Members-Only Page </title>
    </head>
    <body>
    <p>Welcome, <?=$username?>! You have entered a members-only area
    of the site. </p>
    </body>
    </html>


    The accesscontrol script:

    //check rights with eid
    include("common.php");
    include("connectdb.php");
    $eid=$_SESSION["eid"];
    if(!isset($eid))
    {
    // If no headers are sent, send one
    header ('Location:login.php?current_url=' . $PHP_SELF);
    exit;
    }
    ?>

  2. #2
    pie??? PIE!!!! rsdl's Avatar
    Join Date
    May 2001
    Location
    Vancouver, BC Canada
    Posts
    502
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    you need to have session_start(); at the top of every page.

    e.g.
    PHP Code:
    <?php
    session_start
    ();
    include(
    "accesscontrol.php" ); ?>
    <html>
    <head>
    <title> Members-Only Page </title>
    </head>
    <body>
    <p>Welcome, <?=$username?>! You have entered a members-only area
    of the site. </p>
    </body>
    </html>
    i hope this helps

    -rsdl


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •