Jump to content
Sign in to follow this  
Armed Rebel

Some help wtih sessions

Recommended Posts

I'm testing a login system.Registration is perfect.Login is perfect. (The code was given to me, but I understand it, except the session part)Anyway, I need to know how to make a user stay logged in if he goes to an other page. (The whole point of this test, is to have a user register, login and edit their details, which can be viewed. Anyone can register if they wish, but it doesn't do anything apart from being able to log in).How can I do this?Also, how can I have a list that shows users that are logged in?Here is my login code:

{connection}<html><head><title>Login Test Login</title></head><body><form action="" method="post">Username: <input name="username" type="text" maxlength="20" value="<? echo $_POST['username']; ?>" /><br />Password: <input name="password" type="password" maxlength="16" value="<? echo $_POST['password']; ?>" /><br /><input type="checkbox" name="auth_retention" /> Stay Logged In?<br /><input type="submit" value="Login" name="submit" /></form></body></html><?if ($HTTP_POST_VARS['submit']){	$un = $_POST['username'];	$ip = $_SERVER['REMOTE_ADDR'];	$pass = $_POST['password'];	$authretention = $_POST['auth_retention'];		if ($un)	{  if (eregi("&", $un)==1)  {  	echo "<hr><br />DEBUG: request incorrectly received. Username/Password Invalid.";	  	exit;  }    if ($un == "")  {  	echo "<hr><br />DEBUG: request incorrectly received. You must enter a username.";	  	exit;  }    if ($pass == "")  {  	echo "<hr><br />DEBUG: request incorrectly received. You must enter a password.";	  	exit;  }    $sql="SELECT * FROM users WHERE username='$un'";  $result=mysql_query($sql);  $checkres=mysql_num_rows($result);	  if ($checkres == 0)  {  	echo "<hr><br />DEBUG: request incorrectly received. Username doesn't exist! To register, <a href=register.php>click here</a>";	  	exit;  }	}		if ((strlen($un)>20) || (strlen($un)<3))  {  	echo "<hr><br />DEBUG: request incorrectly received. Usernames must be between 3 and 20 characters!";  	exit;  }	if ((strlen($pass)>16) || (strlen($pass)<3))  {  	echo "<hr><br />DEBUG: request incorrectly received. Passwords must be between 3 and 16 characters!";  	exit;  }	else	{  $pass = md5($HTTP_POST_VARS['password']);  echo "<hr><br />DEBUG: request properly received. ATTEMPTING TO LOGIN<br /><br /> UN: " . $un . "<br />PW: " . $pass . " (MD5 HASH) <br />IP: " . $ip . "<br />Tag Date: " . $date;  $sql="SELECT * FROM users WHERE username='$un' AND password='$pass'";  $result=mysql_query($sql);  $checkres=mysql_num_rows($result);    if ($checkres == 0)  {  	echo "<hr><br />DEBUG: request incorrectly received. Username/Password Invalid.";	  }  else  {  while ($myrow=mysql_fetch_array($result))  {  	$_SESSION['username'] = $myrow['username'];  	$_SESSION['password'] = $myrow['password'];  	$_SESSION['uid'] = $myrow['uid'];  	$_SESSION['authver'] = 1;  	  	$cookieauthname = $myrow['username'];  	$cookieauthpass = $myrow['password'];  }    if ($authretention)  {  	setcookie('userpermaauth', $cookieauthname, time() + 60 * 60 * 24 * 30);  	setcookie('passpermaauth', $cookieauthpass, time() + 60 * 60 * 24 * 30);  	ob_end_flush();  }    echo "<hr><br />Authed as: " . $_SESSION['username'] . " Please wait while we forward you...    ";	}}}?>

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...