I'm trying to setup a really really basic user authentication scheme for a website. It's been going smoothly so far, but I'm running into issues relating to SESSION.
This is what I have working:
[B]PHP is parsed successfully
SQL Database permissions are working as they should
I can run queries on the mySQL database - and get data
[/B]
Here's my issue:
[B]Once you've logged in successfully, if you go back to index.php, you are NOT redirected to select.php. The session variable isn't echoed either. It seems it won't save the session on index.php, but it asks me to "resend" whenever I try to reload login.php.
[/B]
If I need to better describe my issue, just ask. Sauce below.
[I]index.php
[/I][CODE]
<?php
session_start();
include 'login.php';
if( isset($_SESSION['user']) )
{
header ("Location: select.php"); // Fix
}
?>
<html>
<head>
<title>Login</title>
</head>
<body>
<h2>Login Here</h2>
<form action="login.php" method="post">
<fieldset>
<p>
<label for="name">Username</label>
<input type="text" id="name" name="username" value="" maxlength="30" />
</p>
<p>
<label for="password">Password</label>
<input type="text" id="password" name="passwd" value="" maxlength="30" />
</p>
<p>
<input type="submit" value="Login" />
</p>
</fieldset>
</form>
<h1><?php echo $_SESSION['user']; ?></h1>
</body>
</html>
[/CODE]
[I]login.php[/I]
[CODE]
<?php
session_start();
require 'database_connection.php';
$form_username = $_POST['username'];
$form_password = $_POST['passwd'];
//echo $form_username . " " . $form_password;
$stmt = "SELECT * FROM users WHERE passwd = '$form_password'";
$result = $conn->query($stmt);
if ($result->num_rows > 0)
{
$_SESSION['user'] = $form_username;
//header ("Location: select.php"); //FIX
echo $_SESSION['user'];
}
$conn->close();
?>
[/CODE]
[I]database_connection.php
[/I][CODE]
<?php
session_start();
$db_servername = "localhost";
$db_username = "root";
$db_name = "trainingauth";
// Create connection
$conn = new mysqli($db_servername, $db_username, "", $db_name);
// Check connection
if ($conn->connect_error) {
die("Connection failed: " . $conn->connect_error);
}
?>
[/CODE]
You can only start a session once "per webpage," not any more than that. If you're unsure if you've already started a session, use this:
[code]if (session_status() == PHP_SESSION_NONE) {
session_start();
}[/code]
Source with alternate usage for earlier PHP versions: [url]http://stackoverflow.com/a/18542272[/url]
So if I start a session on the index.php page, I shouldn't have session_start() in login.php? is that what you're saying?
[QUOTE=Corewarp3;48673353]So if I start a session on the index.php page, I shouldn't have session_start() in login.php? is that what you're saying?[/QUOTE]
Basically, yes.
Although it'd be a good idea to use the code I previously mentioned as your login.php and database_connection.php file may be included/required in a file where session hasn't been started yet (where it'd be required to be started for your program to work).
I tested it on my local server and it worked (although I cut out the MySQL part since I don't have the login info). Do you have the source for select.php? That could be redirecting back to index.php.
Conclusion:
Code was fine, but server configuration is fucky in regards to PHP Sessions.
Decided to use cookies instead and now it works. Will provide code if there's interest, but otherwise my problem is solved!
There's also this: [url]http://www.php-login.net/[/url]
It would have saved you a bit of time and headache from re inventing the wheel, but if you wanted to learn to do it by scratch for experience I don't blame you.
[QUOTE=brianosaur;48729008]There's also this: [url]http://www.php-login.net/[/url]
It would have saved you a bit of time and headache from re inventing the wheel, but if you wanted to learn to do it by scratch for experience I don't blame you.[/QUOTE]
Thanks a bunch. But I just needed something simple, and I'm going to do webdev for school very soon, so I thought I might as well. Thanks again though!
Sorry, you need to Log In to post a reply to this thread.
