Jump to content

Session Problem In Php While Login


Recommended Posts

Hi all,I did something in php. but i am unable to complete the code.I got nothing when i login with username and password.Session makes some probs with this code.. Please check out the code which i am giving here and solve my problem..1) Login Page2) index Page [After Login Succeed it will redirect here]3) Support Files [As far as i know the problem is in user.php]login.php

<?php require_once("../../includes/functions.php");require_once("../../includes/database.php");require_once("../../includes/session.php");require_once("../../includes/user.php");if($session->is_logged_in()){redirect_to("index.php"); }if(isset($_POST['login'])){$username = trim($_POST['username']);$password = trim($_POST['password']);$sql = "SELECT * FROM users WHERE username='{$username}' AND password='{$password}' ";$found_user = user::authenticate($username,$password);if($found_user){$session->login($found_user);redirect_to("index.php");}else{ $message = "username and password does not match..."; }}else{$username="";$password="";}?><html><head><title>Photo Gallery</title><link href="../css/style.css" media="all" rel="stylesheet" type="text/css" /></head><body><div id="header"><h1>Photo Gallery</h1></div><div id="main"><h2 style="text-align:center;">Staff Login</h2><form action="login.php" method="post"><fieldset><table align="center" width="40%"><tr><td>User Name:</td><td><input type="text" name="username" value="<?php echo htmlentities($username);?>" /></td></tr><tr><td>Password:</td><td><input type="password" name="password" value="<?php echo htmlentities($password);?>" /></td></tr><tr><td></td><td > <input type="submit" name="login" value="login"/> </td></tr></table></fieldset></form></div><div id="footer">Copyright<?php echo date("y",time()); ?> </div></body></html><?php if(isset($database)) {$database->mysqlclose(); }?>

2) index.php

<?phprequire_once("../../includes/functions.php");require_once("../../includes/database.php");require_once("../../includes/session.php");require_once("../../includes/user.php");?><html><head><title>Photo Gallery</title><link href="../css/style.css" media="all" rel="stylesheet" type="text/css" /></head><body><div id="header"><h1>Photo Gallery</h1></div><div id="main"><h2>Menu</h2><a href=""></div><div id="footer">Copyright<?php echo date("y",time()); ?> </div></body></html>

3) config1.php

<?phpdefine("DB_SERVER","localhost");define("DB_USER","vairaprakasam");define("DB_PASSWORD","vairam");define("DB_NAME","mvpdb");?>

4) database.php

<?phprequire_once("config1.php");class MYSQLdatabase{private $conn;private $magic_quotes_active;private $real_escape_string_exists; private $select_db;function __construct(){$this->open_connection();$this->magic_quotes_active = get_magic_quotes_gpc();$this->real_escape_string_exists = function_exists("mysql_real_escape_string");}public function open_connection(){$this->conn=mysql_connect(DB_SERVER,DB_USER,DB_PASSWORD);if(!$this->conn){die("conn failllled...FOR CONNECTION".mysql_error());}else{$this->select_db=mysql_select_db(DB_NAME,$this->conn);if(!$this->select_db){die("conn to db failllled...".mysql_error());}}}public function mysqlclose(){if(isset($this->conn)){mysql_close($this->conn);unset($this->conn);}}public function query($sql){$result=mysql_query($sql,$this->conn);$this->confirm_query($result);return $result;}public function confirm_query($check){if(!$check){die("conn failllled... FOR QUERY".mysql_error());}}public function escape_value($value){if($this->real_escape_string_exists){if($this->magic_quotes_active){$value = stripslashes($value);}$value = mysql_real_escape_string($value);}else{if(!$this->magic_quotes_active){$value = addslashes($value);}}}public function fetch_array($result){return mysql_fetch_array($result);}public function affected_rows(){return mysql_affected_rows($this->conn);}public function row_count($count){return mysql_num_rows($count);}}$database=new MYSQLdatabase();$db =& $database;?>

5) functions.php

<?phpfunction strip_zeros_from_date($marked_string=""){$no_zeros = str_replace('*0','',$marked_string);$cleaned_string = str_replace('*','',$no_zeros);return $cleaned_string;}function redirect_to($location = NULL){if($location != NULL){header("location: {$location}");exit;}}function output_message($message){if(!empty($message)){return "<p class=\"message\">{$message}</p>";}else{return "";}}function __autoload($class_name){$class_name = strtolower($class_name);$path = "../../includes/{$class_name}.php";if(file_exists($path)){require_once($path);}else{die("the file{$class_name}.php could not found..");}}?>

6) session.php

<?phpclass session{private $logged_in = false;public $user_id;function __construct(){session_start();$this->check_login();}public  function is_logged_in(){return $this->logged_in;}public function login($user){if($user){$_SESSION['user_id'] = $user->id;$this->user_id =$_SESSION['user_id']; $this->logged_in = true;}}public function logout(){unset($_SESSION['user_id']);unset($this->user_id);$this->logged_in = false;}private function check_login(){if(isset($_SESSION['user_id'])){$this->user_id = $_SESSION['id'];$this->logged_in = true;}else{unset($this->user_id);$this->logged_in = false;}}}$session = new session();?>

7) user.php

<?php require_once("database.php");?><?phpclass user{public $id;public $username;public $password;public $first_name;public $last_name;public static function find_all(){return self::find_by_sql("SELECT * FROM users");}  public static function find_by_id($id=0){global $database;$result_array = self::find_by_sql("SELECT * FROM users WHERE id={$id}");return !empty($result_array)?array_shift($result_array):false;}public static function find_by_sql($sql=""){global $database;$result_set = $database->query($sql);$object_array = array();while($row = $database->fetch_array($result_set)){$object_array[] = self::instantiate($row);}return $object_array;}public function full_name(){if(isset($this->first_name) && isset($this->last_name)){return $this->first_name . " " .$this->last_name;}else{return "";};}public static function authenticate($username="",$password=""){global $database;$username = $database->escape_value($username);$password = $database->escape_value($password );$sql = "SELECT * FROM users WHERE username='{$username}' AND password='{$password}' ";$result_array = self::find_by_sql($sql);return !empty($result_array)?array_shift($result_array):false;}private static function instantiate($record){$object =new user;foreach($record as $attribute=>$value){if($object->has_attribute($attribute)){$object->$attribute = $value;}}return $object;}private function has_attribute($attribute){$object_vars = get_object_vars($this);return array_key_exists($attribute,$object_vars);}}?>

Thanks in advance.. :)

Edited by selvamanikandan
Link to post
Share on other sites

What happens when you run that, are you seeing any error messages or anything? If you're just seeing a blank page, make sure you have error messages enabled. You can add this to any file to enable error messages, it would make sense to add this to one of your include files that everything else includes, but add it near the top of your code:ini_set('display_errors', 1);error_reporting(E_ALL);

Link to post
Share on other sites
What happens when you run that, are you seeing any error messages or anything? If you're just seeing a blank page, make sure you have error messages enabled. You can add this to any file to enable error messages, it would make sense to add this to one of your include files that everything else includes, but add it near the top of your code:ini_set('display_errors', 1);error_reporting(E_ALL);
Hi thanks for ur interest.When i enter the usrname and login then submit. Nothing happens. The page refrehed and remain the same login page.My need is it check with the database and if its correct username and password then redirect to another page.I am searching a whole day for this problem... No improvement... :)
Link to post
Share on other sites

The login form submits to itself:<form action="login.php" method="post">Your login code is either redirecting if the user was found, or it sets a variable called $message.

if($found_user){$session->login($found_user);redirect_to("index.php");}else{ $message = "username and password does not match..."; }

There's nothing on your login form where it prints $message, so my guess is that the user isn't able to be logged in, but the message doesn't get printed anywhere.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...