Jump to content

Session not being set after login.

Russia

By Russia
in PHP Coding Help

 Share

Recommended Posts

Russia Regular Member

Russia

Posted
Posted

Im trying to make sessions work with my script, its finding the user/pass in the database and redirects me to the homepage after but the parts that are supposed to show when the session is set are not showing.

 

My code:

 

<?php
// Login Logic

$username = "";
$err = "";
$err_style = "";
$err_style2= "";

//Checks if there is a login cookie
if(isset($_SESSION['username'])) { 

    //if there is, it logs you in and directes you to the members page
    $_SESSION['username'] = $username;
    $_SESSION['password'] = $password;
    //$username = $_COOKIE['user_id']; 
    //$pass = $_COOKIE['pass_id'];
    $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());$quer++;
    while($info = mysql_fetch_array( $check )) {
        if ($pass != $info['password']) {
        
        }
        else {
            header("Location: index.php");
        }
    }
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

    // SANITISE
    
    $username     = sanitize($_POST['username']);
    $pass        = sanitize($_POST['password']);
    $red        = sanitize($_POST['red']);
    
        // makes sure they filled it in
    if(!$_POST['username']) {
        $err = 'You did not fill in a required section';
        $err_style = "style='border: 1px solid #CC0000'";
        $show_login = 1;
    }
        if(!$_POST['password']) {
        $err = 'You did not fill in a required section';
        $err_style2 = "style='border: 1px solid #CC0000'";
        $show_login = 1;
    }
    // checks it against the database
    
    if (!$err) {
    $check = mysql_query("SELECT * FROM users WHERE username = '".$username."'")or die(mysql_error());$quer++;

    //Gives error if user dosen't exist
    $check2 = mysql_num_rows($check);
    
    if ($check2 == 0) {
        $err = 'User not found - please try again!';
        $err_style = "style='border: 1px solid #CC0000'";
        $show_login = 1;
    }
    
    while($info = mysql_fetch_array( $check )) {
        $info['password'] = stripslashes($info['password']);
        $pass = $pass;

        //gives error if the password is wrong
        if ($pass != $info['password']) {
            $err = 'Incorrect password, please try again.';
            $err_style2= "style='border: 1px solid #B02B2C;'";
            $show_login = 1;
        }
        else { 
        
        session_start();
        $_SESSION['username'] = $username;
        $_SESSION['password'] = $password;    
        
        // if login is ok then we add a cookie 
        //$hour = time() + 3600; 
        //setcookie("user_id", $username, $hour); 
        //setcookie("pass_id", $pass, $hour);    

        //then redirect them to the members area 
        
        if (!$red) {
            header("Location: index.php"); 
        } else {
            header("Location: $red.php"); 
        }
        exit;
        } 
    } 
    
    }
} 

?>

 

And:

 

<?php 
session_start();

//checks cookies to make sure they are logged in 
if(isset($_SESSION['username'])) {
     $_SESSION['username'] = $username;
    $_SESSION['password'] = $password;
    //$username = $_COOKIE['user_id']; 
    //$pass = $_COOKIE['pass_id']; 
    $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); $quer++;
    
    while($info = mysql_fetch_array( $check )) { 
        //if the cookie has the wrong password, they are taken to the login page 
        if ($pass != $info['password']) { 
            header("Location: login.php"); 
        } 

        //otherwise they are shown the admin area    
        else { 
        // Update some info
    
        session_start();
        $_SESSION['username'] = $username;
        $_SESSION['password'] = $password;    
    
    
        //setcookie ("user_id", $_COOKIE['user_id'], time() + 3600 );
        //setcookie ("pass_id", $_COOKIE['pass_id'], time() + 3600 );

        // Get some basic user details, so we can use these later!
        $uname  = $info['username'];
        $uID        = $info['user_id'];
        $email    = $info['email'];
        $loggedin = 1;
        $admin_user    = $info['admin'];
        } 
    } 
}

?>

Link to comment
Share on other sites
Russia Regular Member

Russia

Posted
  • Author
Posted

Okay, I think changed a few things on the first file but it still doesnt work.

 

<?php
// Login Logic

//$username = "";
//$err = "";
//$err_style = "";
//$err_style2= "";
session_start();
//Checks if there is a login cookie
if(isset($_SESSION['username'])) { 

//if there is, it logs you in and directes you to the members page
$_POST['username'] = $_SESSION['username'];
$_POST['password'] = $_SESSION['password'];
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
//$username = $_COOKIE['user_id']; 
//$pass = $_COOKIE['pass_id'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());$quer++;
while($info = mysql_fetch_array( $check )) {
	if ($password != $info['password']) {

	}
	else {
		header("Location: index.php");
	}
}
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

// SANITISE

$username 	= sanitize($_POST['username']);
$password		= sanitize($_POST['password']);
$red		= sanitize($_POST['red']);

	// makes sure they filled it in
if(!$_POST['username']) {
	$err = 'You did not fill in a required section';
	$err_style = "style='border: 1px solid #CC0000'";
	$show_login = 1;
}
	if(!$_POST['password']) {
	$err = 'You did not fill in a required section';
	$err_style2 = "style='border: 1px solid #CC0000'";
	$show_login = 1;
}
// checks it against the database

if (!$err) {
$check = mysql_query("SELECT * FROM users WHERE username = '".$username."'")or die(mysql_error());$quer++;

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);

if ($check2 == 0) {
	$err = 'User not found - please try again!';
	$err_style = "style='border: 1px solid #CC0000'";
	$show_login = 1;
}

while($info = mysql_fetch_array( $check )) {
	$info['password'] = stripslashes($info['password']);
	$password = $password;

	//gives error if the password is wrong
	if ($password != $info['password']) {
		$err = 'Incorrect password, please try again.';
		$err_style2= "style='border: 1px solid #B02B2C;'";
		$show_login = 1;
	}
	else { 

	session_start();
		$_POST['username'] = $_SESSION['username'];
$_POST['password'] = $_SESSION['password'];
	$_SESSION['username'] = $username;
	$_SESSION['password'] = $password;	

	// if login is ok then we add a cookie 
	//$hour = time() + 3600; 
	//setcookie("user_id", $username, $hour); 
	//setcookie("pass_id", $pass, $hour);	

	//then redirect them to the members area 

	if (!$red) {
		header("Location: index.php"); 
	} else {
		header("Location: $red.php"); 
	}
	exit;
	} 
} 

}
} 

?>

Link to comment
Share on other sites
trinaryoc Newbie

trinaryoc

Posted
Posted 

//if there is, it logs you in and directes you to the members page
$_POST['username'] = $_SESSION['username'];
$_POST['password'] = $_SESSION['password'];
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;

 

I'm not following your logic here (top of your script)... after checking ISSET $_SESSION variable you set you $_POST variables to the $_SESSION variables.... ok, weird but ok... then you clear them by equating the $_SESSION to the undefined variables $password and $username? This right here might be your problem, your script would allow the user through to index.php but would have cleared out your $_SESSION variables. Looks like you have the same issue later on in your script as well.

 

Also you only need the one session_start(); at the beginning...

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.