SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    SitePoint Zealot
    Join Date
    Mar 2007
    Posts
    141
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    User Authentication

    I'm putting together a small user authentication system, but I'm having some trouble. When the form is filled out, and the user hits submit, the page just refreshes. HELP!

    login.php
    Code:
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <link href="style1.css" rel="stylesheet" type="text/css" />
    <title>IBS Intranet</title>
    <script src="SpryAssets/SpryValidationTextField.js" type="text/javascript"></script>
    <link href="SpryAssets/SpryValidationTextField.css" rel="stylesheet" type="text/css" />
    </head>
    
    <body>
    <?php require 'library/config.php'; require 'library/opendb.php'; ?>
    <div id="wrapper">
    	<div id="header">
    		<?php require 'include/header.php'; ?>
        </div> <!-- end of header div -->
        <div id="content">
        	<div id="navbar">
    			<?php require 'include/navbar.php'; ?>
            </div> <!-- end of navbar div -->
            <div id="main">
    			<div id="login">
                <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="login" target="_self">
    		      <h3>Login</h3>
    		      <br />
                  <span id="sprytextfield1">
    		      <label>Username
    		      <input name="username" type="text" id="username" maxlength="45" />
    		      </label>
    		      <span class="textfieldRequiredMsg">A value is required.</span></span>
                  <br />
    		      <br />
                  <span id="sprytextfield2">
                  <label>Password 
                  <input type="password" name="password" id="password" />
                  </label>
                  <span class="textfieldRequiredMsg">A value is required.</span></span>
                  <br />
                  <br />
                  <input name="login" type="submit" value="Login" />
    	          </form>
                  </div> <!-- end of login div -->
              <div id="registergo">
                  <h3>Register</h3>
                  <a href="register.php">Click Here</a>, to register for an IBS intranet account.              </div> <!-- end of registergo div -->
            </div> <!-- end of main div -->
        </div> <!-- end of content div -->
    </div> <!-- end of wrapper div -->
    <?php require 'library/closedb.php'; ?>
    <script type="text/javascript">
    <!--
    var sprytextfield1 = new Spry.Widget.ValidationTextField("sprytextfield1");
    var sprytextfield2 = new Spry.Widget.ValidationTextField("sprytextfield2");
    //-->
    </script>
    </body>
    </html>
    library/config.inc.php
    Code:
    <?php
    session_start();
    
    $errorMessage = '';
    if (isset($_POST['username']) && isset($_POST['password'])) {
       include 'config.php';
       include 'opendb.php';
    
       $username = $_POST['username'];
       $password = $_POST['password'];
    
       // check if the user id and password combination exist in database
       $sql = "SELECT use_username, use_password
               FROM users
               WHERE use_username = '$username'
               AND use_password = PASSWORD('$password')";
    
       $result = mysql_query($sql)
                 or die('Query failed. ' . mysql_error());
    
       if (mysql_num_rows($result) == 1) {
          // the user id and password match,
          // set the session
          $_SESSION['authorized'] = true;
    
          // after login we move to the main page
          header('Location: index.php');
          exit;
       } else {
          $errorMessage = 'Sorry, wrong user id / password';
       }
      }
    
    $username = $_POST['username'];
    $password = $_POST['password'];
    
    define('ADMIN_USER', $row['use_username']);
    define('ADMIN_PASS', $row['use_password']);
    ?>
    library/access.inc.php
    Code:
    <?php
    require_once 'config.inc.php';
    
    session_start();
    
    function loggedIn()
    {
      return isset($_SESSION['authorized']);
    }
    
    // Process login attempt
    if (isset($_POST['username'])) {
      if ($_POST['username'] == ADMIN_USER and
          $_POST['password'] == ADMIN_PASS) {
        $_SESSION['authorized'] = TRUE;
      }
    }
    
    // Process logout
    if (isset($_REQUEST['logout'])) {
      unset($_SESSION['authorized']);
    }
    ?>
    library/secure.inc.php
    Code:
    <?php
    require_once 'access.inc.php';
    if (!loggedIn()) {
      include '../login.php';
      exit;
    }
    ?>
    logout.php
    Code:
    <?php
    // i will keep yelling this
    // DON'T FORGET TO START THE SESSION !!!
    session_start();
    
    // if the user is logged in, unset the session
       if ($_SESSION['authorized'] = TRUE) {
        $_SESSION['authorized'] = FALSE;
    	}
    
    // now that the user is logged out,
    // go to login page
    header('Location: login.php');
    ?>

    Thanks for any help.

  2. #2
    SitePoint Evangelist
    Join Date
    Aug 2005
    Posts
    453
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    PHP Code:
    if (isset($_POST['username']) && isset($_POST['password'])) {
       include 
    'config.php';
       include 
    'opendb.php'
    This code is in your config.php file, it will never be seen....
    Computers and Fire ...
    In the hands of the inexperienced or uneducated,
    the results can be disastrous.
    While the professional can tame, master even conquer.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •