0

Well what this code is supposed to do is create a session when you log in successfully. Then direct you to the member page. Which it does ok. Then when you click logout it destroys the session. My code should, if you are not logged in and go to the member page redirect you, but it doesn't. And then if you are logged in and you go to the index page it should redirect you to the member page! But it doesn't. What is wrong with my code?

Index.php:

<?php
session_start();
	if(session_is_registered(myusername)){
			header("Location: member.php");
			}

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta content="en-us" http-equiv="Content-Language" />
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
<title>Image Upload - The Image Uploading And Sharing Solution</title>
<link href="styles/style.css" rel="stylesheet" type="text/css" />
</head>

<body>

<div id="wrapper">
	<img alt="Image Upload" height="196" src="images/logo.png" style="float: left" width="500" />
	


	<form method="post" action="checklogin.php" class="loginform">
			<br />
			<br />	
		<table style="width: 30px">
			<tr>
				<td><label id="username1">Username:</label></td>
				<td><input name="Username" type="text" class="textbox" /></td>
			</tr>
			<tr>
				<td><label id="password1">Password:</label></td>
				<td><input name="Password" type="password" class="textbox" /></td>
			</tr>
			<tr>
				<td><input name="login" type="submit" value="Login" class="button" /></td>
				<td><input name="reset" type="reset" value="Reset Fields" class="button"; /></td>
			</tr>
			<tr>
				<td><a href="register.php">Register</a></td>
				<td></td>
			</tr>


		</table>
		
		
			</form>
					
			

	</div>

</body>

</html>

checklogin.php:

<?php
ob_start();

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<link href="styles/style.css" rel="stylesheet" type="text/css" />
</head>

<body>

<div id="wrapper">
<img alt="Image Upload" height="196" src="images/logo.png" style="float: left" width="500" />
<div id="message">
<?php
ob_start();
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="imageupload"; // Database name
$tbl_name="user"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword
$myusername=$_POST['Username'];
$mypassword=$_POST['Password'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$mypassword = md5($mypassword);

$sql="SELECT * FROM $tbl_name WHERE Username='$myusername' and Password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"


session_register("myusername");
session_register("mypassword");
header("Location: member.php");
}
else {
echo '<p class="error">Wrong Username or Password</p>
<p><a href="index.php">Click Here</a> to go back to the login page</p>
';
}

ob_end_flush();
?>
</div>





</div>

</body>

</html>

Logout.php:

<?php
session_start();
session_destroy();
header("Location:index.php");

?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type" />
<title>Logging Out</title>
</head>

<body>

</body>

</html>

member.php:

<?
session_start();
if(!session_is_registered(myusername)){
header("Location: index.php");
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<link href="styles/style.css" rel="stylesheet" type="text/css" />
</head>

<body>

<div id="wrapper">
	<img alt="Image Upload" height="196" src="images/logo.png" style="float: left" width="500" />
	<div id="message">
	<a href="logout.php">Log Out</a>
	
	</div>
	</div>

</body>

</html>

register.php:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<link href="styles/style.css" rel="stylesheet" type="text/css" />
</head>

<body>

<div id="wrapper">
	<img alt="Image Upload" height="196" src="images/logo.png" style="float: left" width="500" />
	<form method="post" action="registeraction.php" class="loginform">
			<br />
			<br />	
		<table style="width: 30px">
			<tr>
				<td><label id="username1">Username:</label></td>
				<td><input name="Username" type="text" class="textbox" /></td>
			</tr>
			<tr>
				<td><label id="password1">Password:</label></td>
				<td><input name="Password" type="password" class="textbox" /></td>
			</tr>
			<tr>
				<td>
				<label id="Label1">E-Mail</label></td>
				<td><input name="email" type="text" class="textbox" /></td>
			</tr>
			<tr>
				<td>
				<input name="login" type="submit" value="Register" class="button"  /></td>
				<td><input name="reset" type="reset" value="Reset Fields" class="button" /></td>
			</tr>
			<?php
			  require_once('recaptchalib.php');
  				$publickey = "6Le-h8ASAAAAALUsh9idavbib8WMRF7juhY1KxKf "; // you got this from the signup page
  				echo recaptcha_get_html($publickey);
			
			?>

			
			
		</table>
		
		
			</form>

	</div>

</body>

</html>

registeraction.php:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<link href="styles/style.css" rel="stylesheet" type="text/css" />
</head>

<body>

<div id="wrapper">
<img alt="Image Upload" height="196" src="images/logo.png" style="float: left" width="500" />
<div id="message">
 <?php
  require_once('recaptchalib.php');
  $privatekey = "	6Le-h8ASAAAAAIODueI4b17cBrmYiMQQyO6qTcXa ";
  $resp = recaptcha_check_answer ($privatekey,
                                $_SERVER["REMOTE_ADDR"],
                                $_POST["recaptcha_challenge_field"],
                                $_POST["recaptcha_response_field"]);
                                $username = $_POST['Username'];
                                $password = $_POST['Password'];
                                $email = $_POST['email'];

  if (!$resp->is_valid) {
    // What happens when the CAPTCHA was entered incorrectly
    die ("<p class='error'>The reCAPTCHA wasn't entered correctly. Go back and try it again.</p>");
  } else {
  $con = mysql_connect("localhost","root","");
  if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

  
  if(isset($username,$password,$email)) {
  $username = stripslashes($username);
   $password = stripslashes($password);
    $email = stripslashes($email);
    $username = mysql_real_escape_string($username);
        $password = mysql_real_escape_string($password);

    $email = mysql_real_escape_string($email);

  

mysql_select_db("imageupload", $con);
$usernametaken = mysql_query("SELECT * FROM `user` WHERE Username = '".$username."'");
$result = mysql_num_rows($usernametaken);
if($result == 0) {
    mysql_query("INSERT INTO `imageupload`.`user` (`id` ,`Username` ,`Password` ,`email`)VALUES (NULL , '".$username."','".md5($password)."','".$email."')");
    mysql_close($con);
  echo 'Registration was successful! You may now <a href="index.php">login</a>.';
  }
  else {
  echo "Username already taken";
  
  }
  }
  else {
  echo "Please enter a username, password, and email";
  
  
  }
  
  
  
  }
  
  ?>

</div>
</div> 

</body>

</html>

Thanks for any help in advanced!

Edited by AndrewSD: n/a

2
Contributors
1
Reply
2
Views
6 Years
Discussion Span
Last Post by madCoder
0

Are you coding for a server that only has PHP 4.x or lower. Use of function like session_register() have been deprecated in favor of using the $_SESSION super-global.

Also, add a die() statement after your redirects. This prevents php from continuing to execute the script after the header is sent. I've encountered problems with recent versions of Internet explorer when using relative URLs in a location header (redirect.) Try it with fully qualified URLs if you are having this problem in IE 8 or 9.

Edited by madCoder: Added details about redirection.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.