0
<?php
session_start(); # start up the session
$host="localhost"; // Host name 
$db_username="root"; // Mysql username 
$db_password=""; // Mysql password 
$db_name="shop"; // Database name 
$tbl_name="users"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$db_username", "$db_password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$username=@$_POST['username']; 
$psswd=@$_POST['password']; 
$password = md5(trim($psswd));

// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$sql="SELECT * FROM users WHERE username='$username' and password='$password'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $username and $password, table row must be 1 row
if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
$_SESSION['logged_in'] = true;
header("location:login_success.php");
}
else 
{
header("location:registration.php");
}

?>

ok,i have this login.php script but i want to create some parts of my web to be availabale only for logged users i've tried with $_SESSION[logged_in]=false; but it doesnt work

Edited by phphelp123

4
Contributors
6
Replies
7
Views
4 Years
Discussion Span
Last Post by Zagga
1

To ensure only logged-in users enter a particular page, add this code to the top of the page.

<?php
session_start();
if (!isset($_SESSION['logged_in']) || ($_SESSION['logged_in'] == false)){
    header("location:your_login_page.php");
    exit();
}
?>

You say you tried this and it didn't work. Could you be a bit more specific please?
Did you get any error messages?
What happened that wasn't supposed to?
What didn't happen that was supposed to?

Edited by Zagga

0

thanks a lot a tried this but i forgot to put session start() on the top of the code. Now its work.

0

i'm new in PHP but this is my last question how to display the name of the logged user i tried with this one but it shows me an error that username is undefined index

<?php echo $_SESSION['username']?>

And should i connect to my database and table and then ,to put this code on the place where i like .

1

In order for you to be able to access data at $_SESSION['username'], you have to have assigned data to there previously. It worked for $_SESSION['loggedin'] because you assigned a value to it on line 33. To store the username, you can add this after line 33:

$_SESSION['username'] = $username;
1

As EvolutionFallen said but also don't forget you need to put session_start() at the top of ALL pages that set, change or display $_SESSION variables.

<?php
session_start();
echo $_SESSION['username'];
?>

You don't need to connect to the database when you display session variables. The username probably comes from a database so you may need connect to retrieve it before you can set it as a session variable.

Edited by Zagga

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.