0

i can not understand why is showing "Wrong Username or password" even i dont click the button always is there and dissapearing after user enter true username and password.

if($count == 1) {
    session_register("myusername");
    session_register("mypassword");
    session_start();
if(session_is_registered(myusername)){
    echo "<a id='user_login_info'><br>Welcome <font color='#00FF00'>$user</font></a>";
    echo "<a id='user_login_info'><br>Username and Password Accepted</a>";
}
} else {
    echo "<a id='user_login_info'><br>Wrong Username or Password!</a>";
}

Thanks :)

2
Contributors
5
Replies
27
Views
3 Years
Discussion Span
Last Post by cereal
0

Doesnt work even with the quotes, BTW yeah i have readed something about that and what should i use instead of that method ?
EDITED Also want to ask how to i make to disapear the form when the user will login so just to say "Welcome $user" i have this:

<script>
    function asd(a)
    {
        document.getElementById("login_position").style.display="none";
    }
</script>

but the problem is i dont know where to place it to work.

Edited by Stefan_1

0

Use the $_SESSION array instead:

At the top of the script place session_start(), then define the variables you want to save to session, for example:

<?php

    session_start();

    $_SESSION['username'] = 'Stefan';

    echo $_SESSION['username'];

Regarding the form, I cannot help much on the javascript side, but you have to be sure the logged user cannot submit to the login script, not only that the form is visible or not. This means you have to filter the requests to the script, you could place this in top:

<?php

    session_start();

    if(array_key_exists('username', $_SESSION))
    {
        $_SESSION['error_flashdata'] = 'Already logged';
        header('Location: /');
    }

Then if you want, you can apply a session variable to send and display error messages in the landing page, in this case as you see in the header(), the redirect points to the homepage:

<?php

    session_start();
    $error = false;

    if(array_key_exists('error_flashdata', $_SESSION))
    {
        $error = $_SESSION['error_flashdata'];
        unset($_SESSION['error_flashdata']);
    }

    echo $error;
0

I have solved that with the login system:

login.php

<?php
    function CheckCookieLogin() {
    $username = $_COOKIE['username'];
    if (!empty($username)) {
        $sql = "SELECT * FROM `users` WHERE `login_session`='$username'";
        $_SESSION['user_is_logged_in'] = 1;
        $_SESSION['cookie'] = $username;

        setcookie("username",$username,time()+3600*24*365,'/','.secretchatsk.host56.com');
        echo "<script> document.getElementById('login_position').style.display='none';</script>";
    }
}

    if(!isset($_SESSION['cookie']) && empty($_SESSION['user_is_logged_in'])) {
        CheckCookieLogin();
    }
?>

<?php
    if($count == 1) {
    session_register("myusername");
    session_register("mypassword");
    session_start();
        if(session_is_registered('myusername')) {
        echo "<script> document.getElementById('login_position').style.display='none';</script>";
        echo "<a id='user_login_info'><br>Welcome <font color='#00FF00'>$user</font></a>";
        echo "<a id='user_login_info'><br>Username and Password Accepted</a>";
        $_SESSION['user_is_logged_in'] = 1;
        $cookiehash = md5(sha1(username . user_ip));
        setcookie("username",$cookiehash,time()+3600*24*365,'/','.secretchatsk.host56.com');
        $sql = "UPDATE `users` SET `login_session`='$cookiehash' WHERE `Username`='$uid'";
        }
    }
?>

index.html

<?php
    require('login.php');
    CheckCookieLogin();
    //include('login.php');
?>

But i can't get that with the functions... :/

Edited by Stefan_1

0

Ok. Maybe I'm missing something, but from what I see, I think your script should not work, because it needs some specific conditions. For example: register_globals is on? The documentation of session_register() says:

If your script uses session_register(), it will not work in environments where the PHP directive register_globals is disabled.

As of PHP 4.2.0, the default value for the PHP directive register_globals is off. The PHP community discourages developers from relying on this directive, and encourages the use of other means, such as the superglobals.

And:

Caution
If you are using $_SESSION (or $HTTP_SESSION_VARS), do not use session_register(), session_is_registered(), and session_unregister().

Reference: http://www.php.net/manual/en/function.session-register.php

Your intent is to make the first part (up to line 17) work with the second (after line 19)? If yes, remove session_register() and the others, as suggested by the documentation and use $_SESSION to make it work.

You should, also, get some errors because session_start() is declared only at line 23 while it should be in the first line of the script.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.