Hi theScripts!
I have a problem with my session.
When user login in my site, the session will save the user name and password. In my Login.php I have:
-
session_start();
-
$qr="SELECT*FROM tbllogin WHERE nama='$_POST['nama']' AND password='$_POST['password']' ";
-
$res=mysql_query($qr);
-
$row=mysql_fetch_assoc($res);
-
$num=mysql_num_rows($hasil);
-
-
if($num!=0)
-
-
{
-
$Username="$row[nama]";
-
$Passwd="$row[password]";
-
session_register("Username","Passwd");
-
header ("Location: Home.php");
-
}
-
else
-
{
-
header("Location:LoginFailed.html");
-
}
-
And everything is fine. The session is saved, because I've checked it C:\webserver\Apache2.2\bin\php\datasession (it is the directory where my session.save_path refers to.)
Then, in my Home.php I have:
-
include "ceksesi.php";
-
// bla bla
-
In ceksesi.php I have:
-
<?
-
session_start();
-
if(!session_is_registered(Username) && !session_is_registered(Passwd))
-
{
-
header("location:Login.html");
-
}
-
?>
-
When Logout is pressed, the session is deleted (also, the file in ...\datasession is deleted )
Here is the code of my Logout.php :
-
session_start();
-
session_unregister("Username");
-
session_unregister("Passwd");
-
session_destroy();
-
The problem is, the user can open the Home.php without login. Is there any suggestion? I don't know what's wrong with my ceksesi.php.
Thanks b4...
