0

How to maintain a set session for multiple pages only if a user is logged in?

Need help as quick as possible
Thank you

3
Contributors
7
Replies
8
Views
5 Years
Discussion Span
Last Post by dany12
0

Probably I hve not explained very well I have my login with my $_Session['user']; that works fine until I enter my add_or edit form in admin panel .So my question is how to keep this $_Session['user'];for all my admin actions?

1

On top of page you need to add session_start().
After that function if you have set any session i.e. $_SESSION['username'] = 'john';you can get it's value on second page by echo $_SESSION['username']; , but make sure on second page you have included sesson_start() function on top of page.

0

Although you save the username in the session, it's often easier to just save the user id number (from DB) after successful login. This means that you can access other related tables easily. Also the user_id field is usually indexed as a primary key and often indexed in other related tables. So should be faster. Not that important though.

As vib states, you need to use session_start() in all your pages or you could lose the session data.

0

I have used session_start() in al my pages but some odd reason it goes blank on another page that is related to admin actions I will post my code

<!--@login html document with php
@param error-->
<?php include_once('scripts/login-scripts.php');?>

<!DOCTYPE html>
<html>

    <head>
        <meta charset="UTF-8">
        <link rel="stylesheet" type="text/css" href="css/custom.css"/>   
        <script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js"></script>

    </head>

    <body>

        <div id="mainWrapper">

           <?php if(isset($error)){ echo '<div id="errors">'.$error. '</div>';}?><!--errors end here-->   



            <div id="loginform">

                <h2>Login Area</h2>

                <form method="post" action="login.php" >

                    <div class="form-elements">
                        <br/>
                        <label for="username">Username</label>
                        <input type="text" name="username" placeholder="Enter your username"/>

                    </div>

                    <div class="form-elements">

                        <label for="password">Password</label>
                        <input type="password" name="password" placeholder="Enter your password"/>

                    </div> 

                    <div class="form-elements">

                        <button name="logintoadminpanel">Login</button>
                        <button name="reset">Reset</button>

                    </div> 

                    <!--end of form-elements-->
                </form>    

            </div>

        </div><!-- main div wrapper-->

    </body>

</html> 



<?php


//@login script using thelogin.php as an include
//@param $username $passord $error $sql $num_rows $rows $name $access_level

            session_start();

                if(isset($_POST['logintoadminpanel']))
                {

            include_once 'connection.php';    

            $username = $_POST['name'];

            $password = $_POST['pass'];

                if(empty($username)||empty($password)){

                $error = 'Please fill the required fields';
                }

                else

                {

                    $username = strip_tags($username);
                    $password = strip_tags($password);

                    $username = mysql_real_escape_string($username);
                    $password = mysql_real_escape_string($password);
                    $salt='2db95';  
                    $password = md5($password).$salt;

                    $sql = mysql_query("SELECT * FROM login WHERE username ='$username' && password='$password' LIMIT 1") or die(mysql_error());

                    $num_rows=  mysql_num_rows($sql);

                    if ($num_rows==1)
                    {

                    $rows=  mysql_fetch_array($sql);

                    extract($rows);

                    $_SESSION[username]=$name;

                    $_SESSION[level]=$access_level;

                        if(isset($_SESSION[username]))
                        {
                        $update= mysql_query("UPDATE login SET Date = now()") or die(mysql_error());
                        header("location:index.php");

                        }


                    }

                         else
                         {

                            $error ='Invalid Credentials';  

                         }
                }

        }



?>

<?php

//@connection config
//@param  $dbhost $dbuser $dbpass $dbname



    $dbhost ='localhost';
    $dbuser='root';
    $dbpass='';
    $dbname='admin';

    $conn = mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error());
    mysql_select_db($dbname,$conn) or die(mysql_error());



?>

<?php

session_start();
if(!isset($_SESSION['username'])){
header("loaction:login.php")

}
else{

//stay on this page 
//this continues with html admin panel

}

?>


<?php



<?php
//add products page
//this is my problem session is not working here
session_start();
if(!isset($_SESSION['username'])){
header("loaction:login.php")

}
else{

//stay on this page 
//this continues with html admin panel

}

?>

Thank you in advance

0

you have included sesson_start() function on top of page

Read post properly.. This function call must be on top of php page. No other code ot HTML should be before function. Always make pratice to write PHP code on upper part of HTML and not below.

0

I don't see where I have that mistake that you are talking about all my session_start is on top of any function in <?php?> tags modify my example so that I can understand where I have made a mistake.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.