SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    SitePoint Member
    Join Date
    Jan 2011
    Posts
    25
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Basic login script creating loop!

    Hi,

    I am trying to get this script (Free Light PHP Script - Free PHP Registration Login System) working, and I seem to be stuck in an endless loop.

    Basically, you are meant to put this at the top of pages you want to protect:

    Code:
    <?php
    
    session_start();
    
    if($_SESSION['isLoged'] != 'yes' || $_SESSION['userName'] == NULL)
    {
        header("Location: login.php");exit();
    }
    ?>
    This loads the log-in box. But even when you enter the correct password and get directed to the initial "secure" page, you are simply presented with the login box again.

    Basically, despite "logging in", the session doesn't seem to actually start, and the login box will simply keep appearing. I am logging in, and the username and password is recognized, but the session doesn't seem to start. So, even after logging in, any page with the above code in it remains inaccessible.

    I really know next to nothing about php, so really have no way of working this out.

  2. #2
    SitePoint Zealot Cute Tink's Avatar
    Join Date
    Apr 2009
    Posts
    152
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Post the script of the login.php page. There must be something missing on the page. It could be the script isn't setting the right session variables, but we won't know until we see the script.

  3. #3
    SitePoint Member
    Join Date
    Jan 2011
    Posts
    25
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    From login.php


    PHP Code:
    <?php
    /*
    This script was downloaded at:
    LightPHPScripts.com
    Please support us by visiting
    out website and letting people
    know of it.
    Produced under: LGPL
    */

    /* Start session */
    if($startSession == TRUE){ session_start();}

    /* Config file */
    include('config.php');

    /* Check for submition */
    if($_POST['submitID'] == 1){
        
        
    /* Connect to database */
        
    if($connectDatabase == TRUE){$action=TRUE;include('connect.php');}
            
        
    /* sanitize and check info */
        
    $userName mysql_real_escape_string($_POST['userName'],$dbc);
        
    $password mysql_real_escape_string($_POST['password'],$dbc);
        
        if(
    $userName == NULL) { $message 'Please enter username.';}
        if(
    $message == NULL && $password == NULL){ $message 'Please enter password.';}
        
        if(
    $message == NULL)
        {                
            
    $userQuery mysql_fetch_row(mysql_query("SELECT COUNT(*) FROM " $tableName .
            
    " WHERE `" $userNameField "`='$userName' AND `" $userPasswordField "`='$password'"));        
            
            
    /* If usercount is more than 0 -> ok */
            
    if($userQuery[0] > 0){
                
    /* Disconnect from database */
                
    if($connectDatabase == TRUE){$action=FALSE;include('connect.php');}
        
                
    $_SESSION['isLoged'] = 'yes';
                
    $_SESSION['userName'] = $userName;
                
                
    /* add cookies ?*/
                /* expire in 1 hour */
                
    if($useCookies == TRUE)
                {
                    
    setcookie("isLoged"'yes'time()+logedInFor"/"".$domainName"1);
                    
    setcookie("userName"$userNametime()+logedInFor"/"".$domainName"1);
                }

                
    /* Redirect to login page */
                
    header("Location: $loginPage");
                exit();
            } else {
                
    $message 'Invalid username and/or password!';
            }
        }
        
    /* Disconnect from database */
        
    if($connectDatabase == TRUE){$action=FALSE;include('connect.php');}
    }
    ?>
    <!--
    /*
    This script was downloaded at:
    LightPHPScripts.com
    Please support us by visiting
    out website and letting people
    know of it.
    Produced under: LGPL
    */
    -->
    <?php

    /* Display error messages */
    if($message != NULL){?>
    <table width="100%"  border="0" cellpadding="3" cellspacing="0" bgcolor="#FFCCCC">
      <tr>
        <td><div align="center"><strong><font color="#FF0000"><?=$message;?></font></strong></div></td>
      </tr>
    </table>
    <?php ?>
    <form action="<? echo $_SERVER['PHP_SELF'];?>" method="post" name="login" id="login" style="display:inline;">
      <table width="100%" border="1" align="center" cellpadding="5" cellspacing="0" bordercolor="#99CC33">
        <tr bgcolor="#99CC99"> 
          <td colspan="2"><div align="center"><strong>Please log in:</strong></div></td>
        </tr>
        <tr> 
          <td width="47%"><strong>Username:</strong></td>
          <td width="53%"><input name="userName" type="text" id="userName"></td>
        </tr>
        <tr> 
          <td><strong>Password:</strong></td>
          <td><input name="password" type="password" id="password"></td>
        </tr>
        <tr> 
          <td colspan="2"><div align="center"><font face="Georgia, Times New Roman, Times, serif"><strong>
              <input name="Submit" type="submit" id="Submit" value="Sign-In">
              <input name="submitID" type="hidden" id="submitID" value="1">
    </strong></font> </div></td>
        </tr>
        <tr>
          <td colspan="2"><div align="right"><a href="http://lightphpscripts.com" target="_blank"><font size="1">Powered by LPS</font></a></div></td>
        </tr>
      </table>
    </form>
    Last edited by SpacePhoenix; May 10, 2011 at 23:01. Reason: placed php tags around the php code

  4. #4
    SitePoint Zealot Cute Tink's Avatar
    Join Date
    Apr 2009
    Posts
    152
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I see that the correct session variables should be getting set. However, I have a couple of concerns. First of all, this line is in there three times and is guaranteed to run twice:

    if($connectDatabase == TRUE){$action=TRUE;include('connect.php');}

    Trying to include the same page more than once is going to generate an error.

    After seeing it, I wonder if your page is generating an error and you aren't seeing it. Try adding this to the top of the page and see what happens:

    PHP Code:
    error_reporting( -);
    ini_set('display_errors'1); 
    This should force the page to tell you of any errors.

    Also, are you sure that $startSession is in fact set to TRUE? If not, sessions won't get started and those variables will never be set.

  5. #5
    SitePoint Zealot Cute Tink's Avatar
    Join Date
    Apr 2009
    Posts
    152
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Cute Tink View Post
    First of all, this line is in there three times and is guaranteed to run twice:

    if($connectDatabase == TRUE){$action=TRUE;include('connect.php');}

    Trying to include the same page more than once is going to generate an error.
    Correction: disregard this question.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •