Armed Rebel Posted January 8, 2006 Share Posted January 8, 2006 I'm testing a login system.Registration is perfect.Login is perfect. (The code was given to me, but I understand it, except the session part)Anyway, I need to know how to make a user stay logged in if he goes to an other page. (The whole point of this test, is to have a user register, login and edit their details, which can be viewed. Anyone can register if they wish, but it doesn't do anything apart from being able to log in).How can I do this?Also, how can I have a list that shows users that are logged in?Here is my login code: {connection}<html><head><title>Login Test Login</title></head><body><form action="" method="post">Username: <input name="username" type="text" maxlength="20" value="<? echo $_POST['username']; ?>" /><br />Password: <input name="password" type="password" maxlength="16" value="<? echo $_POST['password']; ?>" /><br /><input type="checkbox" name="auth_retention" /> Stay Logged In?<br /><input type="submit" value="Login" name="submit" /></form></body></html><?if ($HTTP_POST_VARS['submit']){ $un = $_POST['username']; $ip = $_SERVER['REMOTE_ADDR']; $pass = $_POST['password']; $authretention = $_POST['auth_retention']; if ($un) { if (eregi("&", $un)==1) { echo "<hr><br />DEBUG: request incorrectly received. Username/Password Invalid."; exit; } if ($un == "") { echo "<hr><br />DEBUG: request incorrectly received. You must enter a username."; exit; } if ($pass == "") { echo "<hr><br />DEBUG: request incorrectly received. You must enter a password."; exit; } $sql="SELECT * FROM users WHERE username='$un'"; $result=mysql_query($sql); $checkres=mysql_num_rows($result); if ($checkres == 0) { echo "<hr><br />DEBUG: request incorrectly received. Username doesn't exist! To register, <a href=register.php>click here</a>"; exit; } } if ((strlen($un)>20) || (strlen($un)<3)) { echo "<hr><br />DEBUG: request incorrectly received. Usernames must be between 3 and 20 characters!"; exit; } if ((strlen($pass)>16) || (strlen($pass)<3)) { echo "<hr><br />DEBUG: request incorrectly received. Passwords must be between 3 and 16 characters!"; exit; } else { $pass = md5($HTTP_POST_VARS['password']); echo "<hr><br />DEBUG: request properly received. ATTEMPTING TO LOGIN<br /><br /> UN: " . $un . "<br />PW: " . $pass . " (MD5 HASH) <br />IP: " . $ip . "<br />Tag Date: " . $date; $sql="SELECT * FROM users WHERE username='$un' AND password='$pass'"; $result=mysql_query($sql); $checkres=mysql_num_rows($result); if ($checkres == 0) { echo "<hr><br />DEBUG: request incorrectly received. Username/Password Invalid."; } else { while ($myrow=mysql_fetch_array($result)) { $_SESSION['username'] = $myrow['username']; $_SESSION['password'] = $myrow['password']; $_SESSION['uid'] = $myrow['uid']; $_SESSION['authver'] = 1; $cookieauthname = $myrow['username']; $cookieauthpass = $myrow['password']; } if ($authretention) { setcookie('userpermaauth', $cookieauthname, time() + 60 * 60 * 24 * 30); setcookie('passpermaauth', $cookieauthpass, time() + 60 * 60 * 24 * 30); ob_end_flush(); } echo "<hr><br />Authed as: " . $_SESSION['username'] . " Please wait while we forward you... "; }}}?> Link to comment Share on other sites More sharing options...
Armed Rebel Posted January 8, 2006 Author Share Posted January 8, 2006 Anyone? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now