Jump to content
Larry Ullman's Book Forums

Recommended Posts

hello all i am building a small forum website for kids to discuss their school work etc. As this website will be assess by my prospect employer for a job as a entry level web application developer. using part of your script use in chapter 09. But the error am having when i tried to display the username of the user who just login from the session it 's not showing am not getting any error showing but the username just not showing. thanks in advance.

 

here's the login script:

 

<?php // login.php
if (isset($_POST['submitted'])) {
require_once ('includes/login_functions.inc.php');
require_once ('mysqli_connect.php');
list ($check, $data) = check_login($dbc, $_POST['user_name'] , $_POST['user_pass']);
if ($check) { // OK!
 // Set the session data:.
	    session_start();
 $_SESSION['user_id'] = $data['user_id'];
 $_SESSION['user_name'] = $data['user_name'];
 // Store the HTTP_USER_AGENT:
 $_SESSION['agent'] = md5($_SERVER['HTTP_USER_AGENT']);
 // Redirect:
 $url = absolute_url ('loggedin.php');
 header("Location: $url");
 exit();
} else { // Unsuccessful!
 $errors = $data;
}
mysqli_close($dbc);
} // End of the main submit conditional.

include ('includes/login_page.inc.php');
?>

 

here's the loggedin script:

<?php  // loggedin.php
  session_start();
// The user is redirected here from login.php.
// Start the session.
// If no session value is present, redirect the user:
// Also validate the HTTP_USER_AGENT!
if (!isset($_SESSION['agent']) OR ($_SESSION['agent'] != md5($_SERVER['HTTP_USER_AGENT']) )) {
require_once ('includes/login_functions.inc.php');
$url = absolute_url();
header("Location: $url");
exit();
}
$page_title = 'Logged In!';
include ('includes/header.html');
// Print a customized message:
echo "<h1>Logged In!</h1>
<p>You are now logged in, {$_SESSION['user_name']}!</p>
<p><a href=\"logout.php\">Logout</a></p>";

include ('includes/footer.html');
?>

 

here' the login funtion:

function check_login($dbc, $user_name = ' ', $user_pass = ' ') {
$errors = array(); // Initialize error array.
// Validate the email address:
if (empty($user_name)) {
 $errors[] = 'You forgot to enter your username.';
} else {
 $u = mysqli_real_escape_string($dbc, trim($user_name));
}
// Validate the password:
if (empty($user_pass)) {
 $errors[] = 'You forgot to enter your password.';
} else {
 $p = mysqli_real_escape_string($dbc, trim($user_pass));
}
if (empty($errors)) { // If everything's OK.
 // Retrieve the user_id and first_name for that email/password combination:
 $q = "SELECT user_id, user_email FROM users WHERE user_name = '$u' AND user_pass=SHA1('$p')";
 $r = @mysqli_query ($dbc, $q); // Run the query.
 // Check the result:
 if (mysqli_num_rows($r) == 1) {
  // Fetch the record:
  $row = mysqli_fetch_array ($r, MYSQLI_ASSOC);
  // Return true and the record:
  return array(true, $row);
 } else { // Not a match!
  $errors[] = 'The username and password entered do not match those on file.';
 }
} // End of empty($errors) IF.
// Return false and the errors:
return array(false, $errors);
} // End of check_login() function.

 

 

here's the login_page.inc.php:

 

 

<?php   //login_Page.inc.php
$page_title ='Login';
include('includes/header.html');if (!empty($errors)) {
 echo '<h1>Error!</h1><p class="error">The following error(s) occurred:<br />';
  foreach ($errors as $msg) {
 echo " - $msg<br />\n";
  }
echo '</p><p>Please try again. </p>';
}
?>
<h1>Login Page</h1><!-- Start of FORM -->
<form method="post" action="login.php">
<p>Username: <input type="text" name="user_name" size="20" maxlength="80" value=" <?php if (isset($_POST['user_name'])) {echo $_POST['user_name'];} ?> "></p>
<p>Password: <input type="password" name="user_pass" size="20" maxlength="20"></p>
<p><input type="submit" name="submit" value="login"></p>
<input type="hidden" name="submitted" value="TRUE">
</form>
<!-- End of FORM -->
<?php include('includes/footer.html'); ?>

Link to comment
Share on other sites

  • 2 weeks later...
 Share

×
×
  • Create New...