Login system - help...

Nosferatum

please be patient, I am a newbie..

I have three categories of members ($memkat).
Each member got their own unike username and password from mysql db
and all belong to one of the three categories of members.
My mission is to get each member to login and be redirected to a
specific page in a specific folder. It should not be possible for
members from memkat10 to access (index-file) in folder memkat20 and
so on.
My faboulus login and redirect page: (which doesn't work..)

<?php
$host="my_host";
$username="";
$password="";
$db_name="member_db";
$tbl_name="members";

// Connection
mysql_connect("$host", "$username", "$password")or die("cannot
connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Post data
$myusername=$_POST['theusername'];
$mypassword=$_POST['thepassword'];

// query and get the memkat
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and
password='$mypassword'" and memkat="$memkat";
$result=mysql_query($sql);

//set session
session_register("myusername");
session_register("mypassword");
session_register("memkat");

if($memkat=="10"){
require("/path/to/folder/here1/index.php");
} elseif($memkat=="20"){
require("/path/to/folder/folder2/index.php");
} elseif($memkat=="30"){
require("/path/to/folder/folder3/index.php");
}
?>

In each of the index files in the member folders I thought about
requesting the session data from the login page at top,

Each index file:

<?php session_start(); ?>
if (($myusername["musername"])) ;
if (($mypassword["mypassword"]));
if (($memkat["memkat"]));

include file(therealindex.php)

?>

Mar 19 '07 #1

Subscribe Post Reply

1259

Ja NE

Nosferatum <Jo*********@gmail.comwrote:

I think you have to start session in login script...

//set session

session_start();

session_register("myusername");
session_register("mypassword");
session_register("memkat");

but as I just started to learn about sessions, we well both have to wait
for someone more expirienced :D

--
Ja NE
http://fotozine.org/?omen=janimir
--

Mar 19 '07 #2

Jerry Stuckle

Nosferatum wrote:

please be patient, I am a newbie..

I have three categories of members ($memkat).
Each member got their own unike username and password from mysql db
and all belong to one of the three categories of members.
My mission is to get each member to login and be redirected to a
specific page in a specific folder. It should not be possible for
members from memkat10 to access (index-file) in folder memkat20 and
so on.
My faboulus login and redirect page: (which doesn't work..)

<?php
$host="my_host";
$username="";
$password="";
$db_name="member_db";
$tbl_name="members";

// Connection
mysql_connect("$host", "$username", "$password")or die("cannot
connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Post data
$myusername=$_POST['theusername'];
$mypassword=$_POST['thepassword'];

// query and get the memkat
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and
password='$mypassword'" and memkat="$memkat";
$result=mysql_query($sql);

//set session
session_register("myusername");
session_register("mypassword");
session_register("memkat");

if($memkat=="10"){
require("/path/to/folder/here1/index.php");
} elseif($memkat=="20"){
require("/path/to/folder/folder2/index.php");
} elseif($memkat=="30"){
require("/path/to/folder/folder3/index.php");
}
?>

In each of the index files in the member folders I thought about
requesting the session data from the login page at top,

Each index file:

<?php session_start(); ?>
if (($myusername["musername"])) ;
if (($mypassword["mypassword"]));
if (($memkat["memkat"]));

include file(therealindex.php)

?>

First of all, you need to call session_start() at the beginning of every
page using sessions (before ANY output - even whitespace). You're not
calling it in your logon page.

Secondly, $_myusername["myusername"] isn't defined in your second page.
If you have display_errors enabled, you will get a warning message
about an uninitialized variable.

Additionally, instead of using session_register, you should use the
$_SESSION array, i.e.

$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword;

etc. (Note: it's not a good idea to store passwords in the session
unless you really need them there).

Then when you want to use them, use

if (isset($_SESSION['myusername']))
$myusername=$_SESSION['myusername']);
else
$myusername = null;

(which can be shortened to:

$myusername=isset($_SESSION('myusername') ? $_SESSION['myusername'] : null;

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
js*******@attglobal.net
==================

Mar 19 '07 #3

satya.prakash.karan

On Mar 19, 2:03 pm, Jerry Stuckle <jstuck...@attglobal.netwrote:

Nosferatum wrote:
please be patient, I am a newbie..

I have three categories of members ($memkat).
Each member got their own unike username and password from mysql db
and all belong to one of the three categories of members.
My mission is to get each member to login and be redirected to a
specific page in a specific folder. It should not be possible for
members from memkat10 to access (index-file) in folder memkat20 and
so on.

My faboulus login and redirect page: (which doesn't work..)

<?php
$host="my_host";
$username="";
$password="";
$db_name="member_db";
$tbl_name="members";

// Connection
mysql_connect("$host", "$username", "$password")or die("cannot
connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Post data
$myusername=$_POST['theusername'];
$mypassword=$_POST['thepassword'];

// query and get the memkat
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and
password='$mypassword'" and memkat="$memkat";
$result=mysql_query($sql);

//set session
session_register("myusername");
session_register("mypassword");
session_register("memkat");

if($memkat=="10"){
require("/path/to/folder/here1/index.php");
} elseif($memkat=="20"){
require("/path/to/folder/folder2/index.php");
} elseif($memkat=="30"){
require("/path/to/folder/folder3/index.php");
}
?>

In each of the index files in the member folders I thought about
requesting the session data from the login page at top,

Each index file:

<?php session_start(); ?>
if (($myusername["musername"])) ;
if (($mypassword["mypassword"]));
if (($memkat["memkat"]));

include file(therealindex.php)

?>

First of all, you need to call session_start() at the beginning of every
page using sessions (before ANY output - even whitespace). You're not
calling it in your logon page.

Secondly, $_myusername["myusername"] isn't defined in your second page.
If you have display_errors enabled, you will get a warning message
about an uninitialized variable.

Additionally, instead of using session_register, you should use the
$_SESSION array, i.e.

$_SESSION['myusername'] = $myusername;
$_SESSION['mypassword'] = $mypassword;

etc. (Note: it's not a good idea to store passwords in the session
unless you really need them there).

Then when you want to use them, use

if (isset($_SESSION['myusername']))
$myusername=$_SESSION['myusername']);
else
$myusername = null;

(which can be shortened to:

$myusername=isset($_SESSION('myusername') ? $_SESSION['myusername'] : null;

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstuck...@attglobal.net
==================

Jerry is right!

Within index page you have written:

Expand|Select|Wrap|Line Numbers

 
<?php session_start(); ?>

if (($myusername["musername"])) ;

if (($mypassword["mypassword"]));

if (($memkat["memkat"]));
 
include file(therealindex.php)

You want to write:

<?php
session_start();
if ( !empty($_SESSION["musername"]) and !
empty($_SESSION["mypassword"]) and !empty($_SESSION["memkat"])) {
include file(therealindex.php)
}
?>
after implementing Jerry suggestions.

Mar 21 '07 #4

Similar topics

HttpWebRequest and posting login data

by: buran | last post by:

Dear ASP.NET Programmers, How can I post data to an ASP.NET login page and pass authentication? The login page uses forms authentication, users must supply usernames and password and have to...

ASP.NET

by: rrober07 | last post by:

Hello, My Setup is I have a Web Server machine(Devweb01), Database SQL Machine(Devsql01), a Client Machine(local machine) I have configured the SQL machine as follows: 1) Added local Aspnet...

ASP.NET

Urgent - need help with logging anonymous and Active Dir users without login form

by: pv | last post by:

Hi everyone, I need help with following scenario, please: Users are accessing same web server from intranet (users previously authenticated in Active Dir) and from extranet (common public...

ASP.NET

Your login attempt was not successful. Please try again

by: muder | last post by:

I have a standard Login ASP.NET 2.0 control on a login Page, a LoginName and LoginStatus controls on the member's page. once the user login successfully I am redirecting the user to Member.aspx...

.NET Framework

Help trying to login to myspace programatically in vb.net

by: AppleBag | last post by:

I'm having the worst time trying to login to myspace through code. Can someone tell me how to do this? Please try it yourself before replying, only because I have asked this a couple of times in...

.NET Framework

How to turn on java script in a villaon keypad mobile phone

by: Charles Arthur | last post by:

How do i turn on java script on a villaon, callus and itel keypad mobile phone

Java

Migrating Website to Cloud - Emmanuel Katto

by: emmanuelkatto | last post by:

Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel

General

Looking to do Android software development, any suggestions? Is flutter better?

by: nemocccc | last post by:

hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?

General

What is ONU?

by: marktang | last post by:

ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...

General

Changing the language in Windows 10

by: Hystou | last post by:

Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...

Windows Server

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...

C / C++

Maximizing Business Potential: The Nexus of Website Design and Digital Marketing

by: jinu1996 | last post by:

In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...

Online Marketing

AI Job Threat for Devs

by: agi2029 | last post by:

Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...

Career Advice

Access Europe - Using VBA to create a class based on a table - Wed 1 May

by: isladogs | last post by:

The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...

Microsoft Access / VBA