I used the
members
tutorial. Got
most things
working.
Register and
login works
fine. But when
i redirect the
logged in user,
and echo the
$user name the
user is echoed
as guest. What
am i doing
wrong?
This is the
login.php file:
---------------
------------
Code:
<?
ob_start();
//Database conn
$connect =
mysql_connect(
"secret&q
uot;,
"secret&
quot;,
"secret&
quot

;
$select=
mysql_select_db
("1769800
"

;
if(isset($_SESS
ION['username
']) &&
isset($_SESSION
['password'])
) {
//REDIRECT TO
USERS
PROFILE...
header("L
ocation:
admin_main.php
"

;
} //end if
logged in
//IF SUBMIT
BUTTON PRESSED
if(isset($_POST
['submit']))
{
if(!$_POST['us
ername'])
die("Erro
r: You must
enter your
username before
logging
in."

;
if(!$_POST['pa
ssword'])
die("Erro
r: You must
enter your
password before
logging
in."

;
//set cookie
if checked
if(!empty($_POS
T['stay_in'])
) {
$joined
=''.$_POST['
username'].'[
]'.md5($_POST[
'password']).
'';
setcookie('log
in_cookie',
$joined,
2147483647,
'/',
'.mysite');
} //end if
//verify
user...
$get_user =
mysql_query(&q
uot;SELECT *
FROM `members`
WHERE username
=
'".$_POS
T['username']
."' AND
user_password =
'".md5($
_POST['passwor
d'])."'
"

;
$q =
mysql_fetch_obj
ect($get_user);
if(!$q)
die("Logi
n Failure: An
error occured,
please verify
your username
and password
are
correct."<
img
src=http://www.
allsyntax.com/f
orums/images/sm
ilies/wink.gif
border=0>;
//set session
variables
$_SESSION['log
ged_in'] = 1;
$_SESSION['use
rname'] =
$_POST['userna
me'];
$_SESSION['pas
sword'] =
$_POST['passwo
rd'];
session_write_c
lose();
header("L
ocation:
admin_main.php
"

;
} else {
//show login
form
?>
<form
name="log
in"
method="p
ost"
action="&
lt;?
$_SERVER['PHP_
SELF'];
?>">
;
<table>
<tr>
<td>Usern
ame:<input
type="tex
t"
id="usern
ame"
name="use
rname">
;</td>
</tr>
<tr>
<td>Passw
ord:<input
type="pas
sword"
id="passw
ord"
name="pas
sword">
;</td>
</tr>
<tr>
<td>Submi
t: <input
type="sub
mit"
value="Su
bmit"
name="sub
mit"
id="submi
t"><
;/td>
</tr>
<tr>
<td>Remem
ber? <input
type="che
ckbox"
name="sta
y_in[]"
checked="
yes">&
lt;/td>
</tr>
</table>
</form>
<?
}//end else
?>
<?
ob_start();
session_start()
;
$connect =
mysql_connect(
"secret&q
uot;,
"secret&
quot;,
"secret&
quot

;
$select=
mysql_select_db
("databas
e"

;
//check cookie
if
($_SESSION['lo
gged_in'] != 1
&&
isset($_COOKIE[
'login_cookie
'])) {
list($user,
$pass) =
explode('[]',
$_COOKIE['logi
n_cookie']);
$qu =
mysql_query(&q
uot;SELECT
`user_password`
FROM `members`
WHERE
`username` =
'".addsl
ashes($user).&
quot;'"
;
if
(mysql_num_rows
($qu) == 1) {
$passw
=
mysql_fetch_obj
ect($qu);
if
($passw->use
r_password ==
$pass) {
$_SESSION['log
ged_in'] = 1;
$_SESSION['use
rname'] =
$user;
$_SESSION['pas
sword'] =
$pass;
}
}
}
if(!isset($_SES
SION['username
']) &&
!isset($_SESSIO
N['password']
)) {
$_SESSION['log
ged_in'] = 0;
$user =
"Guest&q
uot;;
}
echo($user);
?>