login system help

brentcatoe · Sep 26, 2005

I am creating a login system for my site. I have the mysql database setup and I have the login script working. The problem is though when someone logs it still displays the login form, it is not supposed to. Here is my login script

Code:

<?
$username = $_SESSION[‘uname’];
if (!empty($username)) {
			echo "Welcome You are Logged in as <b>". $_SESSION['username'] ."</b>";
			$logout = "<a href=logout.php>Logout Here!</a>";
}
else { ?>
<form action="checkuser.php" method="post" name="form1">
Username:<br>
<input name="username" type="text" id="username"><br>
Password:<br>
<input name="password" type="password" id="password"><br>
<input type="checkbox" name="rememberme">Remember Me!<br>
<input type="submit" name="Submit" value="Submit"><br>
<? }
if (!empty($username)) {
echo "$logout";
}
else {
echo "<a href=\"join_form.php\">Don't Have an Account?<br>Then Signup!</a></div>";
}
?>

and here is my checkuser.php file

Code:

<?
/* Check User Script */
session_start(); // Start Session
include 'db.php';
// Convert to simple variables
$username = $_POST['username'];
$password = $_POST['password'];
if((!$username) || (!$password)){
echo "Please enter ALL of the information! <br />";
include 'index.php';
exit();
}
// Convert password to md5 hash
$password = md5($password);
// check if the user info validates the db
$sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' AND activated='1'");
$login_check = mysql_num_rows($sql);
if($login_check > 0){
while($row = mysql_fetch_array($sql)){
foreach( $row AS $key => $val ){
$key = stripslashes( $val ); 
}
$query = mysql_query( "SELECT * FROM users WHERE username=$username" );
$result = mysql_fetch_array($query);
// Register some session variables!
session_register('email_address');
$_SESSION['email_address'] = $email_address;
session_register('username');
$_SESSION['username'] = $username;
session_register('level');
$_SESSION['level'] = $result['user_level'];
 
if (isset($_POST['rememberme'])) {
setcookie ("uname", $username, time( ) + 99999999);
setcookie ("email", $email_address, time( ) + 99999999);
setcookie ("userlevel", $result['user_level'], time( ) + 99999999);
}
header("Location: /");
}
} else {
echo "<b>You could not be logged in! Either the username and password do not match or you have not validated your membership through the email we sent you!
Please try again!</b><br>";
session_register('username');
$_SESSION['username'] = "";
setcookie ("uname", $username, time( ) - 1);
include 'index.php/';
}
?>

does anyeone see any problems with that, I am stumped and cannot figure it out?

Thanks

vbchris · Sep 27, 2005

Try using this for the login code.

PHP:

<?
$username = $_SESSION[‘uname’];
if (!empty($username)) {
                        echo "Welcome You are Logged in as <b>". $_SESSION['username'] ."</b>";
                        $logout = "<a href=logout.php>Logout Here!</a>";
} else {
echo "<form action=\"checkuser.php\" method=\"post\" name=\"form1\">
Username:<br>
<input name=\"username\" type=\"text\" id=\"username\"><br>
Password:<br>
<input name=\"password\" type=\"password\" id=\"password\"><br>
<input type=\"checkbox\" name=\"rememberme\">Remember Me!<br>
<input type=\"submit\" name=\"Submit\" value=\"Submit\"><br>\n";
}
if (!empty($username)) {
echo "$logout";
}
else {
echo "<a href=\"join_form.php\">Don't Have an Account?<br>Then Signup!</a></div>";
}
?>

chitwa · Oct 4, 2005

In your login form, you are checking for $_SESSION['uname'] while in checkuser.php, you set $_SESSION['username']. Solution: in your login script, check for $_SESSION['username']

login system help

brentcatoe

New Member

vbchris

New Member

chitwa

New Member

Free Web Hosting

Our Community

Legal