Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    Regular Coder
    Join Date
    Jun 2008
    Posts
    682
    Thanks
    114
    Thanked 2 Times in 2 Posts

    Login Form Trouble

    As of right now any user who knows the link to my admin panel can go to it directly. What I want to do is see if the the user is logged in (session exists). And if they are not logged in meaning no session exists then to kick them back to the login.php script.

    However on my login page after I log in its as if with the top code goes right back to it for some reason? Any fixes?

    index.php (admin page)
    PHP Code:
    <?php

    session_start
    (); // Access the existing session

    // Include the variables page
    include ('inc/variables.php');

    // If no session is present, redirect the user:
    if(!isset($SESSION['id'])) {
        
    header("Location: login.php");
        exit();
    }

    ?>
    login.php
    PHP Code:
    <?php

    if (isset($_POST['submitted'])) {
        
        require_once (
    'inc/login_functions.php');
        require_once (
    'inc/dbconfig.php');
        list (
    $check$data) = check_login($dbc$_POST['username'], $_POST['password']);
        
        if (
    $check) { // OK!
        
        // Set the session data:.
        
    session_start();
        
    $_SESSION['id'] = $data['id'];
        
    $_SESSION['firstname'] = $data['firstname'];
        
        
    // Store the HTTP_USER_AGENT:
        
    $SESSION['agent'] = md5($_SERVER['HTTP_USER_AGENT']);
        
        
    // Redirect:
        
    $url absolute_url ('loggedin.php');
        
    header("Location: $url");
        exit();
        
        }else {
        
    // Unsuccessful!
        
    $errors $data;
        }
        
        
    mysqli_close($dbc);
        
    // End of the main submit conditional.

    include ('inc/login_page.php')

    ?>
    login_page.php
    PHP Code:
    <?php

    // This page prints any errors associated with logging in and creates the login, including the form.

    // Prints any error messages, if they exists:
    if (!empty($errors)) {
        echo 
    '<h1>Error!</h1>
        <p class="error">The following error(s) occured:<br />'
    ;
        foreach (
    $errors as $msg) {
            echo 
    " - $msg<br />\n";
        }
        echo 
    '</p><p>Please try again.</p>';
    }

    // Display the form:
    ?>

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <meta name="description" content="Caracole" />
    <title>E-Fed Manager</title>
    <link HREF="favicon.ico" type="image/x-icon" rel="icon" />
    <link HREF="favicon.ico" type="image/x-icon" rel="shortcut icon" />
    <link rel="stylesheet" type="text/css" href="css/tripoli.simple.css" media="screen, projection, print" />
    <link rel="stylesheet" type="text/css" href="css/base.css" media="screen, projection, print" />
    <link rel="stylesheet" type="text/css" href="css/layout.css" media="screen, projection, print" />
    <link rel="stylesheet" type="text/css" href="css/style.css" media="screen, projection, print" />
    <link rel="stylesheet" type="text/css" href="css/theme.css" media="screen, projection, print" />
    <link rel="stylesheet" type="text/css" href="css/icons.css" media="screen, projection, print" />
    <script type="text/javascript" SRC="http://ajax.googleapis.com/ajax/libs/jquery/1.3.2/jquery.min.js"></script>
    <script type="text/javascript">
        //<![CDATA[
        document.write('<link rel="stylesheet" type="text/css" href="css/js/js.css" media="screen, projection, print" />');
        //]]>

    $(document).ready(function(){

        $(".close").click(function(){
            $(this).parents(".message").hide("puff");
        });
        
    });    


    </script>
    <!--[if IE]>
            <link rel="stylesheet" type="text/css" href="css/ie/ie.css" media="screen, projection, print" />
        <![endif]-->
         <!--[if lt IE 7]>
        <script src="js/DD_belatedPNG_0.0.7a-min.js" type="text/javascript"></script>
        <script>

            DD_belatedPNG.fix(' #header, h1, h1 a, .close, .field,.paginate .current, .icon, .required-icon');

        </script>
          <link rel="stylesheet" href="css/ie/ie6.css" type="text/css" media="screen, projection"/>
        <![endif]-->
    </head>
    <body>
        <!-- Content -->
        <div id="login" class="content">    
            <div class="roundedBorders login-box">
                <!-- Title -->
                <div id="title" class="b2">
                    <h2>Log In</h2>
                    <!-- TitleActions -->
                    <div id="titleActions">
                        <div class="actionBlock">
                        <a href="#">Forgot your password ?</a>
                        </div>
                    </div>
                    <!-- /TitleActions -->
                </div>
                <!-- Title -->
        
                <!-- Inner Content -->
                <div id="innerContent">
                    <form action="login.php" method="post">
                        <div class="field">
                            <label for="username">Username</label>
                            <input type="text" class="text" id="username" name="username" />
                        </div>
                        <div class="field">
                            <label for="password">Password</label>
                            <input type="password" class="text" id="password" name="password"/>
                        </div>
                        <div class="clearfix login-submit">
                            <span class="fleft">
                                <input type="checkbox" name="remember-me" id="remember-me" />
                                <label for="remember-me">Remember me</label>
                            </span>
                            <span class="fright">
                                <button class="button" type="submit" name="submit"><strong>Log In</strong></button>
                            </span>
                        </div>
                        <input type="hidden" value="TRUE" name="submitted" />
                    </form>
                </div>
                <!-- /Inner Content -->
                <div class="bBottom"><div></div></div>
            </div>
        </div>

    </body>
    </html>

  • #2
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,093
    Thanks
    11
    Thanked 101 Times in 99 Posts
    you need to call session_start() on every page you wish to use sessions... including login.php ... not sure if that's your problem but needs to be there anyway
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •