Jump to content

Session problems

blink359

By blink359
in PHP Coding Help

 Share

Recommended Posts

blink359 Regular Member

blink359

Posted
Posted

Hi there i have a login script to access an area which is restricted on my website rather than having 2 logon scripts i want 1 logon script to create one of two sessions this script is what i wrote from a tutorial but the session allows access to both areas which i dont want, can someone please help me change it to work but talk me through it so i can learn from this:

Create Session:

if($count==1 & $row['flight']=="vulcan"){
session_start(vmyusername); 
session_start(vmypassword);  
header("location:vulcan/index.php");
}else if($count==1 & $row['flight']=="valiant"){
session_start(myusernamev); 
session_start(mypasswordv);  
header("location:valiant/index.php");
}else
{
echo "Wrong Username or Password";
}

 

Check login:

<? 
session_start();
if(!session_is_registered(myusernamev)){
header("location:../login.php");
}
?>

//or

<? 
session_start();
if(!session_is_registered(vmyusername)){
header("location:../login.php");
}
?>

Any help will be greatly appriciated

 

Thanks

 

Blink359

Link to comment
Share on other sites
blink359 Regular Member

blink359

Posted
  • Author
Posted

Tried to do it again with different script but i get Parse error: syntax error, unexpected $end in /home/a9855336/public_html/261website/index.php on line 45

from this code

<html>
<head>
<title>Login</title>
</head>
<body>
<form action="index.php" method="post">
Surname:<br><input type="text" name="myusername"><br>
Password:<br><input type="password" name="mypassword"><br>
<input type="submit" name="submit" value="Login">
<input type="hidden" name="code">
</form>
<?php
if(isset($_POST['code']))
{
$host="mysq*******t.com"; // Host name 
$username="a*******t"; // Mysql username 
$password="n******%"; // Mysql password 
$db_name="a********il"; // Database name 

// Connect to server and select databse.
mysql_connect($host, $username, $password);
mysql_select_db($db_name);


// Retrieve username and password from database according to user's input
$login = mysql_query("SELECT * FROM cdtmembers WHERE (username = '" . mysql_real_escape_string($_POST['username']) . "') and (password = '" . mysql_real_escape_string(md5($_POST['password'])) . "')");
$row = mysql_fetch_array($login);
session_start();
// Check username and password match
if (mysql_num_rows($login) == 1 && $row['flight'] =="vulcan") {
if($row['flight'] =="vulcan"){
        $_SESSION['flight'] = $_POST['flight'];
        header('location: vulcan/index.php');
}else if (mysql_num_rows($login) == 1 && $row['flight'] =="valiant") {
if($row['flight'] =="vulcan"){
        $_SESSION['flight'] = $_POST['flight'];
        header('location: valiant/index.php');
}else{
echo "Wrong Username or Password";
}
}
?>
</body>
</html> line 45 i believe :S

 

Also is my check session correcet now?

<?php
session_start();
if (!isset($_SESSION['flight']) && $_SESSION['flight'] !="valiant") {
       header('Location: ../index.php');
}
?><

//or

<?php
session_start();
if (!isset($_SESSION['flight']) && $_SESSION['flight'] !="vulcan") {
       header('Location: ../index.php');
}
?><

Link to comment
Share on other sites
blink359 Regular Member

blink359

Posted
  • Author
Posted

Got a step closer no php error but my headers are the same as last time but not redirecting the user:

<html>
    <head>  
<title></title>
    </head>

<body>
<form action="JNCOlogin.php" method="post">
Surname:<br><input type="text" name="myusername"><br>
Password:<br><input type="password" name="mypassword"><br>
<input type="submit" name="submit" value="Login">
<input type="hidden" name="code">
</form>
<?php
if(isset($_POST['code']))
{
$host="mysql12.000webhost.com"; // Host name 
$username="a9855336_root"; // Mysql username 
$password="n4th4n%"; // Mysql password 
$db_name="a9855336_mail"; // Database name 

// Connect to server and select databse.
mysql_connect($host, $username, $password);
mysql_select_db($db_name);

// username and password sent from form 
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

// encrypt password 
$encrypted_mypassword=md5($mypassword);

$sql="SELECT * FROM cdtmembers WHERE username='$myusername' and password='$encrypted_mypassword'";
$result=mysql_query($sql);
$row = mysql_fetch_array($result);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1 & $row['flight']=="vulcan"){
        $_SESSION['flight'] = $row['flight'];
        header("location:2/index.php");
}else if($count==1 & $row['flight']=="valiant")
        $_SESSION['flight'] = $row['flight'];
        header("location:1/index.php");
}else
{
echo "Wrong Username or Password";
}
}
?>
</body>
</html>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.