allowing users to log into my website

am 22.12.2007 06:57:32 von halamazoo

I'm trying to create the necessary framework to allow users to log
into my website. I have already created the backend using a MySQL
database. The part that I'm hung up on is being able to pass the
username from one page to the next. I've been reading about sessions,
and I can get them to work if I embed the SID into the URL, but I
really dislike that method. I've read that cookies can be used
instead, but I cannot get these to work. I've been changing values
like session.use_only_cookies = 1, session.save_handler = files,
session.save_path = "C:\Temp", etc. but none of them are helping. I
can see the files being created in C:\Temp, and they are populated
with the username that I'm assigning to $_SESSION['username'], but
it's not available on the next page. I'm running Apache 2 and PHP
5.2.5 on a Windows XP SP2 Home machine. Any ideas?

session_start();

include("UserFunctions.php");

$mode = "";
$username = "";
$password = "";

if (!isset($_POST['mode']))
{
unset($mode);
}
else
{
echo "setting mode to ".$_POST['mode']."
\n";
$mode = $_POST['mode'];
}

if (!isset($_POST['username']))
{
unset($username);
}
else
{
//echo "setting username to ".$_POST['username']."
\n";
$username = $_POST['username'];
}

if (!isset($_POST['password']))
{
unset($password);
}
else
{
//echo "setting password to ".$_POST['password']."
\n";
$password = $_POST['password'];
}

if (!isset($mode))
{
if (!isset($_SESSION['username']))
{
echo "session user = ".$_SESSION['username']."
\n";
echo "

";
}
else
{
$firstname = getFirstName($_SESSION['username']);
echo "Welcome, ".$firstname.".";
}
}
else if (strcmp($mode,'confirm') == 0)
{
if (!isset($username) || !isset($password) || strcmp($username,"") ==
0 || strcmp($password,"") == 0)
{
echo "Please provide a username and password.
\n";
}
else
{
if (!confirmLogin($username, $password))
{
echo "Username and/or password is invalid.
\n";
}
else
{
//openSession($username);
$_SESSION['username'] = $username;
//echo "session username = ".$_SESSION['username']."
\n";
//echo "
\n";
//header("Location: main.php");
header("Location: login2.php");
}
}
}

?>

Re: allowing users to log into my website

am 28.12.2007 03:32:54 von Jerry Stuckle

halamazoo wrote:
> I'm trying to create the necessary framework to allow users to log
> into my website. I have already created the backend using a MySQL
> database. The part that I'm hung up on is being able to pass the
> username from one page to the next. I've been reading about sessions,
> and I can get them to work if I embed the SID into the URL, but I
> really dislike that method. I've read that cookies can be used
> instead, but I cannot get these to work. I've been changing values
> like session.use_only_cookies = 1, session.save_handler = files,
> session.save_path = "C:\Temp", etc. but none of them are helping. I
> can see the files being created in C:\Temp, and they are populated
> with the username that I'm assigning to $_SESSION['username'], but
> it's not available on the next page. I'm running Apache 2 and PHP
> 5.2.5 on a Windows XP SP2 Home machine. Any ideas?
>

First thing - edit your php.ini file to enable error reporting for all
errors and display the errors:

error_reporting=E_ALL
display_errors=on

(leave the second one off in a production environment).

See what errors you get.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex@attglobal.net
==================

Username:
Password:
TD>"; echo "