0

Hi, This is my version of a user script.

panel.php (Logged in Page)

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<?

session_start();
if(!session_is_registered(myusername)){
header("location:index.php");
}
?>

<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>C&amp;C-Relived Control Panel</title>
</head>

<body>
<span style="color:  #FFF">Login Successful</span>
<form name="form1" method="post" action="logout.php">
<input type="submit" name="Submit" value="Log Out">
</form>
If you can see this page then you have sucessfully logged in<br /><br />
</body>
</body>
</html>

ligin-check.php

<?php
$host="****"; // Host name
$username="****"; // Mysql username
$password="****"; // Mysql password
$db_name="****"; // Database name
$tbl_name="****"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:panel.php");
}
else {
echo "<strong>Wrong Username or Password</strong>";
}
?>

Now, i want to add a "welcome (logged in name), you are logged in"

Any Ideas?

2
Contributors
5
Replies
6
Views
5 Years
Discussion Span
Last Post by Zagga
0

Hi Commando112,

You already have the username stored as a session variable so you can just echo "Welcome " . $_SESSION['myusername']; You may want to remove the extra </body> tag on line 22 of panel.php. You are also using a few deprecated session functions so you may want to update them.

0

Hi again,

You can set session variables with $_SESSION['myusername'] == "Commando112"; instead of session_register("myusername"); You can check if a variable is (not) set with if(!isset($_SESSION['myusername'])){ instead of if(!session_is_registered(myusername)){

0

So doe it matter if i keep using deprecated code? like will it be unsupported in the future?

0

Hi,

It's unsupported from PHP5.3 (I think) so it's possible for the feature to be removed from future versions of PHP. It's always best to roll with the flow :)

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.