468,316 Members | 1,480 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 468,316 developers. It's quick & easy.

php login script error

Hey, could you please tell me what is wrong with my login script. I
just started learning php.
CODE:

login.php

<?
session_start();
header("Cache-Control: private");
?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<title>Please Login</title>
</head>
<body>
<form action="script.php" method="get">
<table summary="Login Table">
<tr>
<td>username:</td>
<td><input type="text" name="login"></td>
</tr>
<tr>
<td>password:</td>
<td><input type="password" name="pass"></td>
</tr>
<tr>
<td><input type="submit" value="login"></td>
</tr>
</table>

</body>
</html>

script.php

<?
session_start(); //start session
header("Cache-Control: private");
if (!$_GET["login"] || !$_GET["login"])
{
print<<<END
I'm sorry, but your not logged in or there was an error logging you
in. Please<br>
<a href="login.php">go here</a> to try again. Sorry for any
inconvienince.
END;
}
else
{
//register session variable: 'login' and 'pass'
$_SESSION["login"] = $_GET["login"];
$_SESSION["pass"] = $_GET["pass"];
if ($_SESSION["login"] == "Koolyio" && $_SESSION["pass"] == "wow")
//if credentials are true
{
$_SESSION["access"] = true;
}
else
{
$_SESSION["access"] = false;
}
}
if ($_SESSION["access"] == true)
{
print<<<END
<html>
<script language="JavaScript" type="text/javascript">
<!--
location.href = "main.php";
//-->
</script>
<noscript>Sorry, but your browser doesn't support JavaScript, ergo you
cannot
login</noscript></html>
END;
}
else
{
print<<<END;
I'm sorry, but one or more of the credentials you supplied were
incorrect. Please
try to login again <a href="login.php">here</a>.
END;
?>
logout.php

<?
session_start(); //start session
header("Cache-Control: private");
if ($_SESSION["access"] == true)
{
$_SESSION = array();
session_destroy();
print("<a href=/"login.php/">log in</a>
}
?>
main.php

<?
session_start(); //start session
header("Cache-Control: private");
if ($_SESSION["access"] == true)
{
print<<<END

<html>
<head>
<title>Members Only</title>
</head>
<body>
You have succesfully logged in. You can now <a href="logout.php">log
out</a>
</body>
</html>
END;
}
else
{
print<<<END
Sorry, You have not logged in correctly. Please try again <a
href="login.php">here</a>.
END;
}
?>
Jul 17 '05 #1
3 2598
Hi,

looks great. Does it fulfill any requirements, ie. any error messages
not showing up ;-)

HTH, Jochen

P.S.: What is the error message?

On 21 Apr 2004 19:16:33 -0700, km****@hotmail.com (koolyio) wrote:
Hey, could you please tell me what is wrong with my login script. I
just started learning php.
CODE:

login.php

<?
session_start();
header("Cache-Control: private");
?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<title>Please Login</title>
</head>
<body>
<form action="script.php" method="get">
<table summary="Login Table">
<tr>
<td>username:</td>
<td><input type="text" name="login"></td>
</tr>
<tr>
<td>password:</td>
<td><input type="password" name="pass"></td>
</tr>
<tr>
<td><input type="submit" value="login"></td>
</tr>
</table>

</body>
</html>

script.php

<?
session_start(); //start session
header("Cache-Control: private");
if (!$_GET["login"] || !$_GET["login"])
{
print<<<END
I'm sorry, but your not logged in or there was an error logging you
in. Please<br>
<a href="login.php">go here</a> to try again. Sorry for any
inconvienince.
END;
}
else
{
//register session variable: 'login' and 'pass'
$_SESSION["login"] = $_GET["login"];
$_SESSION["pass"] = $_GET["pass"];
if ($_SESSION["login"] == "Koolyio" && $_SESSION["pass"] == "wow")
//if credentials are true
{
$_SESSION["access"] = true;
}
else
{
$_SESSION["access"] = false;
}
}
if ($_SESSION["access"] == true)
{
print<<<END
<html>
<script language="JavaScript" type="text/javascript">
<!--
location.href = "main.php";
//-->
</script>
<noscript>Sorry, but your browser doesn't support JavaScript, ergo you
cannot
login</noscript></html>
END;
}
else
{
print<<<END;
I'm sorry, but one or more of the credentials you supplied were
incorrect. Please
try to login again <a href="login.php">here</a>.
END;
?>
logout.php

<?
session_start(); //start session
header("Cache-Control: private");
if ($_SESSION["access"] == true)
{
$_SESSION = array();
session_destroy();
print("<a href=/"login.php/">log in</a>
}
?>
main.php

<?
session_start(); //start session
header("Cache-Control: private");
if ($_SESSION["access"] == true)
{
print<<<END

<html>
<head>
<title>Members Only</title>
</head>
<body>
You have succesfully logged in. You can now <a href="logout.php">log
out</a>
</body>
</html>
END;
}
else
{
print<<<END
Sorry, You have not logged in correctly. Please try again <a
href="login.php">here</a>.
END;
}
?>


--
Jochen Daum - Cabletalk Group Ltd.
PHP DB Edit Toolkit -- PHP scripts for building
database editing interfaces.
http://sourceforge.net/projects/phpdbedittk/
Jul 17 '05 #2
I noticed that Message-ID:
<59*************************@posting.google.com> from koolyio contained
the following:
if (!$_GET["login"] || !$_GET["login"]) if (!$_GET["login"] || !$_GET["pass"])
{
print<<<END
I'm sorry, but your not logged in or there was an error logging you you're
in. Please<br>
<a href="login.php">go here</a> to try again. Sorry for any
inconvienince.

inconvenience

Got fed up after this because I don't know what I'm looking for.

--
Geoff Berrow (put thecat out to email)
It's only Usenet, no one dies.
My opinions, not the committee's, mine.
Simple RFDs http://www.ckdog.co.uk/rfdmaker/
Jul 17 '05 #3

"koolyio" <km****@hotmail.com> wrote in message
news:59*************************@posting.google.co m...
Hey, could you please tell me what is wrong with my login script. I
just started learning php.
CODE:

login.php

<?
session_start();
header("Cache-Control: private");
?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<title>Please Login</title>
</head>
<body>
<form action="script.php" method="get">
<table summary="Login Table">
<tr>
<td>username:</td>
<td><input type="text" name="login"></td>
</tr>
<tr>
<td>password:</td>
<td><input type="password" name="pass"></td>
</tr>
<tr>
<td><input type="submit" value="login"></td>
</tr>
</table>

</body>
</html>

script.php

<?
session_start(); //start session
header("Cache-Control: private");
if (!$_GET["login"] || !$_GET["login"])
{
print<<<END
I'm sorry, but your not logged in or there was an error logging you
"you're".
in. Please<br>
<a href="login.php">go here</a> to try again. Sorry for any
inconvienince.
END;
}
else
{
//register session variable: 'login' and 'pass'
$_SESSION["login"] = $_GET["login"];
$_SESSION["pass"] = $_GET["pass"];
if ($_SESSION["login"] == "Koolyio" && $_SESSION["pass"] == "wow")
I'm hoping that, one day, this goes to a database or something with md5()'d
passwords. 8)
//if credentials are true
{
$_SESSION["access"] = true;
}
else
{
$_SESSION["access"] = false;
}
}
if ($_SESSION["access"] == true)
{
print<<<END
<html>
<script language="JavaScript" type="text/javascript">
<!--
location.href = "main.php";
//-->
</script>
<noscript>Sorry, but your browser doesn't support JavaScript, ergo you
cannot
login</noscript></html>
END;
}
else
{
print<<<END;
Semicolon is wrong here - heredoc not only doesn't require them, it breaks
it. But you know that, because you got it right elsewhere.
I'm sorry, but one or more of the credentials you supplied were
incorrect. Please
try to login again <a href="login.php">here</a>.
END;
Missing } here.
?>
logout.php

<?
session_start(); //start session
header("Cache-Control: private");
if ($_SESSION["access"] == true)
{
$_SESSION = array();
session_destroy();
print("<a href=/"login.php/">log in</a>
Aside from the lack of a closing quote, bracket and semi-colon, /" is wrong,
use \" to escape double quotes. Better still, put your quoted string in
single quotes and use the unescaped version (since you don't have any
variable substitution in there).
}
?>
main.php

<?
session_start(); //start session
header("Cache-Control: private");
if ($_SESSION["access"] == true)
{
print<<<END

<html>
<head>
<title>Members Only</title>
</head>
<body>
You have succesfully logged in. You can now <a href="logout.php">log
out</a>
</body>
</html>
END;
}
else
{
print<<<END
Sorry, You have not logged in correctly. Please try again <a
href="login.php">here</a>.
END;
}
?>


See embedded comments. I'm sure there's more than I found, but I got it
working at least.

For forms, use method="POST" unless you want your username and password of
your failed attempts appearing in your browser's address history. Then use
$_POST instead of $_GET (or better yet, $_REQUEST).

Otherwise, nice first attempt, and I'm pleased you produced a simple example
(no functions or classes, globals that aren't superglobals, databases, etc)
to reduce the problem set.

Garp
Jul 17 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

13 posts views Thread by knot2afrayed | last post: by
5 posts views Thread by Kivak Wolf | last post: by
3 posts views Thread by bull1099 | last post: by
reply views Thread by kang jia | last post: by
3 posts views Thread by harsh9892991141 | last post: by
1 post views Thread by howard w | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.