Love your site.
Everything is
running great
and I've read
your tutorial 3
times.
I searched the
forum to learn
how to secure
pages, so you
have to be
logged in to
view the site.
I can't get it
to work.
When I login
and get
directed to the
secure page,
the secure page
tells me I need
to be logged
in.
(I had it
working the
other night
perfectly! When
I was closing
out of my
program, I
clicked Save
All files. I
must have
changed
something,
because it
doesn't work
now)
Login-
Code:
<?
ob_start();
require_once($_
SERVER['DOCUMEN
T_ROOT'].'/db_c
onnect.php');
if(isset($_SESS
ION['username']
) &&
isset($_SESSION
['password']))
{
//REDIRECT TO
USERS
PROFILE...
header("Lo
cation:
http://www.5th-
ave.org");
} //end if
logged in
//IF SUBMIT
BUTTON
PRESSED
if(isset($_POST
['submit']))
{
if(!$_POST['use
rname'])
die("Error
: You must
enter your
username before
logging
in.");
if(!$_POST['pas
sword'])
die("Error
: You must
enter your
password before
logging
in.");
//set cookie
if checked
if(!empty($_POS
T['stay_in']))
{
$joined
=''.$_POST['use
rname'].'[]'.md
5($_POST['passw
ord']).'';
setcookie('logi
n_cookie',
$joined,
2147483647,
'/',
'.www.5th-ave.o
rg');
} //end
if
//verify
user...
$get_user =
mysql_query(&qu
ot;SELECT *
FROM `members`
WHERE username
=
'".$_POST[
'username'].&qu
ot;' AND
user_password =
'".md5($_P
OST['password']
)."'"
);
$q =
mysql_fetch_obj
ect($get_user);
if(!$q)
die("Login
Failure: An
error occured,
please verify
your username
and password
are
correct.")
;
//set session
variables
$_SESSION['logg
ed_in'] = 1;
$_SESSION['user
name'] =
$_POST['usernam
e'];
$_SESSION['pass
word'] =
$_POST['passwor
d'];
session_write_c
lose();
header("Lo
cation:
http://www.5th-
ave.org/Page1.p
hp");
} else {
//show login
form
?>
<form
name="logi
n"
method="po
st"
action="&l
t;?
$_SERVER['PHP_S
ELF'];
?>">
<br><b
r><br>
<br><b
r><br>
<br><b
r><br>
<br><b
r><br>
<table
align="cen
ter">
<tr>
<td>Usern
ame:<input
type="text
"
id="userna
me"
name="user
name">&
lt;/td>
</tr>
<tr>
<td>Passw
ord:<input
type="pass
word"
id="passwo
rd"
name="pass
word">&
lt;/td>
</tr>
<tr>
<td>Submi
t: <input
type="subm
it"
value="Sub
mit"
name="subm
it"
id="submit
"></
td>
</tr>
<tr>
<td>Remem
ber? <input
type="chec
kbox"
name="stay
_in[]"
checked="y
es"><
;/td>
</tr>
</table><
br />
</form>
<?
}//end else
?>
Page that needs
to be
secured-
Code:
<?
ob_start();
include('Secure
.php');
?>
<link
rel="style
sheet"
type="text
/css"
href="styl
e.css"/>
;
<div
id="WELCOM
E"><
/div>
<table
width="400
"
height="10
0"
align="cen
ter">&l
t;td
width="400
"
height="10
0"><
/td></tab
le>
<table
width="400
"
height="20
0"
align="cen
ter">
<tr><t
d
class="row
0"
width="400
"
height="50
"
align="cen
ter">
Welcome, Thank
You for Joining
<br>
-Management<
/tr>
<tr><t
d
class="row
0"
width="400
"
height="50
"
align="cen
ter">
UPDATE</tr&g
t;
<tr><t
d
class="row
0"
width="400
"
height="50
"
align="cen
ter">
UPDATE</tr&g
t;
<tr><t
d
class="row
0"
width="400
"
height="50
"
align="cen
ter">
UPDATE</tr&g
t;
</table><
/div>
My
include('Secure
.php'); page
for all my
secure
pages-
Code:
<?
ob_start();
session_start(
);
require_once($_
SERVER['DOCUMEN
T_ROOT'].'/db_c
onnect.php');
if($_SESSION['
logged_in'] ==
0) die('You
must be logged
in to view this
page.');
//check
cookie
if
($_SESSION['log
ged_in'] != 1
&&
isset($_COOKIE[
'login_cookie']
)) {
list($user,
$pass) =
explode('[]',
$_COOKIE['login
_cookie']);
$qu =
mysql_query(&qu
ot;SELECT
`user_password`
FROM `members`
WHERE
`username` =
'".addslas
hes($user).&quo
t;'");
if
(mysql_num_rows
($qu) == 1)
{
$passw
=
mysql_fetch_obj
ect($qu);
if
($passw->use
r_password ==
$pass) {
$_SESSION['logg
ed_in'] = 1;
$_SESSION['user
name'] =
$user;
$_SESSION['pass
word'] =
$pass;
}
}
}
?>
Coding is
simply CST...
Combining $hit
Together. We
make different
$hit to run in
unison
correctly. |
