I'm having a little trouble with this. I want the user to be logged in to access certan sites.
This is how I did it:
1. The user logs in on index.php
2. The user is taken to process_login.php where the user is either logged in or informed of an incorrect username/password.
If the login info was good, the following happens:
session_start();
header("Cache-control: private");
$_SESSION['name'] = $userName;
echo "You have succesfully logged in as <b>" . $_SESSION['name'] . "</b><br /><a href=http://www.htmlforums.com/archive/index.php/\"news.php\">Click here</a> to procede to the administration panel.";
3. So, the user is taken to news.php where it checks whether the user is logged on by checking the 'name' session variable. (I'm not sure if this is the right approach of doing this.)
session_start();
header("Cache-control: private");
if(!$_SESSION['name']) {
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\n\n";
echo "<html>\n\n<head>\n\n\t<title>Error - You Are Not Logged In</title>\n";
echo "\t<link rel=\"stylesheet\" type=\"text/css\" href=http://www.htmlforums.com/archive/index.php/\"admin.css\" />\n";
echo "\t<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\" />\n";
echo "\t<meta http-equiv=\"Refresh\" content=\"4;url=/phptest/\" />\n\n</head>\n\n<body>\n\n";
echo "\t<p>You are NOT logged in.</p>\n";
echo "\t<p>You will shortly be redirected to the <a href=http://www.htmlforums.com/archive/index.php/\"/phptest/\">login page</a>.</p>";
echo "\n\n</body>\n</html>";
exit;
}(after the preceding is all the html code that would normally show up if the user is logged in)
This is what happens:
I log in succesfully, continue to the news.php page, and am informed I am not logged in. I return to index.php and try again. I succesfully log in, I click to continue to news.php, and it let's me through succesfully.
Any idea why this is working like so? Needing two logins? I'm fairly new to PHP, so bear with me if it's something obvious I've missed.
You may try the login here:
<!-- m --><a class="postlink" href="http://www.brokenlands.com/phptest/">http://www.brokenlands.com/phptest/</a><!-- m -->
username: guest
password: letmeintry to use such a construction:
if(!isset($_SESSION["name"])) ...where is $userName coming from??
if it is from a form then it should look like this
$_SESSION['name'] = $_POST['userName'];This is a n00by question but what is a session?a session is created by the brwoser and may or may not live on the server. each session is stored with a ID (sessin ID) tha tis only noticed by your browser, unless somebody hacked you and got the session id. when yuo close your browser the session gets destoyed.I was grabbing the username before that... which was part of my error.
I've got it figured out now, I wasn't doing the session_start(); at the very top of the page in process_login.php, but in an if statement somewhere near the end of the page. So the session wasn't actually starting until I visited the news.php page, which did have session_start(); at the top...
Thanks for the help!
This is how I did it:
1. The user logs in on index.php
2. The user is taken to process_login.php where the user is either logged in or informed of an incorrect username/password.
If the login info was good, the following happens:
session_start();
header("Cache-control: private");
$_SESSION['name'] = $userName;
echo "You have succesfully logged in as <b>" . $_SESSION['name'] . "</b><br /><a href=http://www.htmlforums.com/archive/index.php/\"news.php\">Click here</a> to procede to the administration panel.";
3. So, the user is taken to news.php where it checks whether the user is logged on by checking the 'name' session variable. (I'm not sure if this is the right approach of doing this.)
session_start();
header("Cache-control: private");
if(!$_SESSION['name']) {
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\n\n";
echo "<html>\n\n<head>\n\n\t<title>Error - You Are Not Logged In</title>\n";
echo "\t<link rel=\"stylesheet\" type=\"text/css\" href=http://www.htmlforums.com/archive/index.php/\"admin.css\" />\n";
echo "\t<meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\" />\n";
echo "\t<meta http-equiv=\"Refresh\" content=\"4;url=/phptest/\" />\n\n</head>\n\n<body>\n\n";
echo "\t<p>You are NOT logged in.</p>\n";
echo "\t<p>You will shortly be redirected to the <a href=http://www.htmlforums.com/archive/index.php/\"/phptest/\">login page</a>.</p>";
echo "\n\n</body>\n</html>";
exit;
}(after the preceding is all the html code that would normally show up if the user is logged in)
This is what happens:
I log in succesfully, continue to the news.php page, and am informed I am not logged in. I return to index.php and try again. I succesfully log in, I click to continue to news.php, and it let's me through succesfully.
Any idea why this is working like so? Needing two logins? I'm fairly new to PHP, so bear with me if it's something obvious I've missed.
You may try the login here:
<!-- m --><a class="postlink" href="http://www.brokenlands.com/phptest/">http://www.brokenlands.com/phptest/</a><!-- m -->
username: guest
password: letmeintry to use such a construction:
if(!isset($_SESSION["name"])) ...where is $userName coming from??
if it is from a form then it should look like this
$_SESSION['name'] = $_POST['userName'];This is a n00by question but what is a session?a session is created by the brwoser and may or may not live on the server. each session is stored with a ID (sessin ID) tha tis only noticed by your browser, unless somebody hacked you and got the session id. when yuo close your browser the session gets destoyed.I was grabbing the username before that... which was part of my error.
I've got it figured out now, I wasn't doing the session_start(); at the very top of the page in process_login.php, but in an if statement somewhere near the end of the page. So the session wasn't actually starting until I visited the news.php page, which did have session_start(); at the top...
Thanks for the help!