0

A newbie here I am having an error with this code. If I logged in with correct username and password the "Sorry please log in" is appearing not the home page :( I am having a hard time to check if the user has log in or not when opening the page. Pls. Help me! Thanks:)

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
        <?php
            //code to check if logged in or not
            include("include/session.php");
            if (!(isset($_SESSION['logged_in']) && $_SESSION['logged_in'] != '')) {
            echo "<center><font face='Verdana' size='2' color=red>
            Sorry, Please login and use this page. </font></center><br/>";
            echo "<center><a href=\"login_form_admin.php\">Click Here to log in</a></center>"; 
            exit;
            }
        ?>
<html xmlns="http://www.w3.org/1999/xhtml">
    <body bgcolor="black" link="#FFFF00" vlink="#FFFC17" alink = "white">
        <?php
            include("include/session.php");
        ?>
        <p>
        <br/>
        <font face = "century gothic" size = "3" color = "#FFFC17"/>
        <?php
        if($session->logged_in){
        echo "&nbsp;&nbsp;&nbsp;Welcome <b>$session->username</b>, you are logged in. <br/>";
        }
        ?>

        <center>
        <a href = "homebody_admin.php">Home</a>&nbsp&nbsp&nbsp
        <a href = "settings_admin.php">Settings</a>&nbsp&nbsp&nbsp
        <?php echo "<a href=\"process.php\">Logout</a>"; ?>
        </center>

    </body>
</html>

Edited by weirdCreature7: to easy to understand

3
Contributors
5
Replies
6
Views
5 Years
Discussion Span
Last Post by diafol
1

i suggest you tidy up your html first. you have mixed up your html and php. try to keep them separate by placing the vast majority of your code above the dtd. you are also using a lot of deprecated html tags like center and fontface. use css to style yoir page it will make it a lot less cluttered. you dont seem to have a session_start at the top of the page. this is esswntial for propogating sessions

Votes + Comments
I did what you say and it is still not working :( but thank you so much for answering my post :)
0

As diafol suggested, make sure you have session_start(); at the top of your page then try changing your first IF statement to:

if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] == ''){

This will check to see if a $_SESSION['logged_in'] variable has not been set OR if it has been set but is blank (slightly more efficient than your current code).
If this doesn't work, please post the code in your session.php page as the error may be while you are setting the session variables.

Edited by Zagga

0

Hello there! it is still no working :) thank you so much Zagga for replying! Here is the code for session.php :)

<?
include("database.php");
include("form.php");

class Session
{
   var $username;            //Username given
   var $userid;              //Random value generated on current login
   var $userlevel;           //The level to which the user pertains
   var $time;                //Time user was last active (page loaded)
   var $logged_in;           //True if user is logged in, false otherwise
   var $userinfo = array();  //The array holding all user info
   var $url;                 //The page url current being viewed
   var $referrer;            //Last recorded site page viewed
   var $ip;                  //Remote IP address  

   function Session(){
      $this->ip = $_SERVER["REMOTE_ADDR"];
      $this->time = time();
      $this->startSession();
   }

   function startSession(){
      global $database;  
      session_start();   

      /* Determine if user is logged in */
      $this->logged_in = $this->checkLogin();

      /* Set referrer page */
      if(isset($_SESSION['url'])){
         $this->referrer = $_SESSION['url'];
      }else{
         $this->referrer = "/";
      }

      /* Set current url */
      $this->url = $_SESSION['url'] = $_SERVER['PHP_SELF'];
   }

   function checkLogin(){
      global $database; 
      /* Check if user has been remembered */
      if(isset($_COOKIE['cookname'])){
         $this->username = $_SESSION['username'] = $_COOKIE['cookname'];
      }

      if(isset($_SESSION['username'])){
         if($database->confirmUserName($_SESSION['username']) != 0){
            unset($_SESSION['username']);
            return false;
         }

         $this->userinfo  = $database->getUserInfo($_SESSION['username']);
         $this->username  = $this->userinfo['username'];
         return true;
      }
      else{
         return false;
      }
   }

   function login($subuser, $subpass, $subremember){
      global $database, $form;  

      /* Checks if this IP address is currently blocked*/   
      $result = $database->confirmIPAddress($this->ip);

      if($result == 1){
         $error_type = "access";
         $form->setError($error_type, "Access denied for ".TIME_PERIOD." minutes");
      } 

      /* Return if form errors exist */
      if($form->num_errors > 0){
         return false;
      }

      $error_type = "attempt";
      /* Username and password error checking */
      if(!$subuser || !$subpass || strlen($subuser = trim($subuser)) == 0){
         $form->setError($error_type, "Username or password not entered");
      }

      if($form->num_errors > 0){
         return false;
      }

      /* Checks that username is in database and password is correct */
      $subuser = stripslashes($subuser);
      $result = $database->confirmUserPass($subuser, $subpass);

      if($result == 1){
         $form->setError($error_type, "Invalid username or password.");
         $database->addLoginAttempt($this->ip);
      }

      if($form->num_errors > 0){
         return false;
      }

      /* Username and password correct, register session variables */
      $this->userinfo  = $database->getUserInfo($subuser);
      $this->username  = $_SESSION['username'] = $this->userinfo['username'];


      /* Null login attempts */
      $database->clearLoginAttempts($this->ip);

      if($subremember){
         setcookie("cookname", $this->username, time()+COOKIE_EXPIRE, COOKIE_PATH);
      }

      /* Login completed successfully */
      return true;
   }

   function logout(){
      global $database;  

      if(isset($_COOKIE['cookname'])){
         setcookie("cookname", "", time()-COOKIE_EXPIRE, COOKIE_PATH);
      }

      unset($_SESSION['username']);

      $this->logged_in = false;

   }
};


/* Initialize session object */
$session = new Session;

/* Initialize form object */
$form = new Form;

?>
This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.