SitePoint Sponsor

User Tag List

Results 1 to 10 of 10
  1. #1
    SitePoint Enthusiast
    Join Date
    Nov 2006
    Posts
    39
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Login script problems

    I have created a login page where once the user has logged in it should take them to the next page of an admin area.

    This works fine but the problem is that I don't want users to be able to view the other pages of the admin without logging in first. I understand that this has to be done with sessions, so what I have on my index page of the admin is the following code:

    PHP Code:
    <?php



    if($_POST['username'] == "xxxx" && $_POST['password'] == "xxxx"
    {
    header(
    "Location: admin_description.php");
     
    $_SESSION['user']= "xxxx";



    } else if(
    $_POST['username'] != "xxxx" && $_POST['password'] != "xxxx" && isset($_POST['username'])) 
     {
    echo (
    "Password and/or Username is incorrect");

    }
    ?>
    and then my login form:

    HTML Code:
    <form action="<?php $_SERVER['PHP_SELF'] ?>" method="post">
    Username: <input type="text" name="username" /><br />
    Password: <input type="password" name="password" /><br />
    <input type="submit" name="submit" value="Login" /><br />
    </form>
    This redirects me to admin_description.php.

    Now if a user hasn't entered their username / password I want the page to redirect them to index.php in order to force them to login.

    So in admin_description.php I have added an include:
    PHP Code:
    include 'sessions.php'
    and the sessions.php has in it the following code:

    PHP Code:
    <?php  
    if (isset($_SESSION['xxxx']) )
    {
     
    $sessionuser $_SESSION['xxxx'];
     
    }
    else
    {
    redirect ('index.php');
    }
    ?>
    But this doesn't seem to work because when I directly type in the URL then I can still access the page.
    Also the redirect that I have written doesn't work as i'm getting an error and i'm not sure how to fix this.

  2. #2
    SitePoint Wizard cmuench's Avatar
    Join Date
    Jul 2005
    Location
    At my computer
    Posts
    2,251
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    At the top of every page that you don't want regular people to go to stick the following in.
    PHP Code:
    <?php
    session_start
    ();
    if (!ISSET(
    $_SESSION['user'])) {
    header (Locationindex.php);
    }

  3. #3
    SitePoint Enthusiast
    Join Date
    Nov 2006
    Posts
    39
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'm getting the following error: Parse error: parse error, unexpected ':' in admin_description.php on line 5

    line 5 is: header (Location: index.php);

  4. #4
    SitePoint Enthusiast
    Join Date
    Nov 2006
    Posts
    39
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Actually I managed to fix that error by adding this instead:

    header ("Location: index.php");

    But now even when I do login to index.php correctly i'm still redirected back to it.

  5. #5
    SitePoint Wizard cmuench's Avatar
    Join Date
    Jul 2005
    Location
    At my computer
    Posts
    2,251
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    At the top of your index.php right after your opening php tags put session_start();

  6. #6
    SitePoint Enthusiast
    Join Date
    Nov 2006
    Posts
    39
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Still doesn't work.....

    PHP Code:
    <?php
    session_start
    ();
    if(
    $_POST['username'] == "xxxx" && $_POST['password'] == "xxxx"
    {
    header("Location: admin_description.php");
     
    $_SESSION['user']= "xxxx";


    } else if(
    $_POST['username'] != "xxxx" && $_POST['password'] != "xxxx" && isset($_POST['username'])) 
     {
    echo (
    "Password and/or Username is incorrect");

    }
    ?>

  7. #7
    SitePoint Wizard cmuench's Avatar
    Join Date
    Jul 2005
    Location
    At my computer
    Posts
    2,251
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Of course it doesn't work. You are assiging the session variable after you call the header/ flip it around you'll be good to go.

  8. #8
    SitePoint Enthusiast
    Join Date
    Nov 2006
    Posts
    39
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I flipped it around and still have the same problem.

    So now i have this at the beginning of my index.php:

    PHP Code:
    <?php
    session_start
    ();
    if(
    $_POST['username'] == "xxxx" && $_POST['password'] == "xxxx"
    {
     
    $_SESSION['user']= "xxxx";
     
    header("Location: admin_description.php");
    } else if(
    $_POST['username'] != "xxxx" && $_POST['password'] != "xxxx" && isset($_POST['username'])) 
     {
    echo (
    "Password and/or Username is incorrect");
    }
    ?>
    and this at the beginning of admin_description.php:

    PHP Code:
    <?php
    session_start
    ();
    if (!ISSET(
    $_SESSION['xxxx'])) {
    header ("Location: index.php"); } 
    ?>
    Sorry if this is something stupid but I can't seem to understand where i'm going wrong

  9. #9
    SitePoint Wizard silver trophy
    Join Date
    Mar 2006
    Posts
    6,132
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    edited.

    where did you set a variable named $_SESSION['xxx']

    i think you meant $_SESSION['user']

  10. #10
    SitePoint Enthusiast
    Join Date
    Nov 2006
    Posts
    39
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    thats it!!! Thank you so much for all your help
    I know i was doing something stupidly wrong hehe

    one problem down 5 more to go


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •