Banner

Sponsor

Login

Welcome Back!
Guest
Guest

Register

Lost your password?

39 users online

PHP Sessions?

PHP Sessions?

Forums » Web Development » Server Side - PHP/MySQL/etc. » PHP Sessions?

Currently viewing this thread: 1 (0 members and 1 guests)

#1
Old Post December 29th, 2003 12:28 PM
digitalerr0r

digitalerr0r

Neverside Newbie
Status: Offline!

PHP Sessions?

i have an administration section on my site which i only want 2 users to have access. With sessions i know you have session start, then at the end you destroy it. would having an MD5 login with sessions. does anyone know where i can get a simple script with sessions so i can put an include at the top of the pages i want to protect?

#2
Old Post December 29th, 2003 02:40 PM
digitalerr0r

digitalerr0r

Neverside Newbie
Status: Offline!

ive found this code but it dosent seem to work :grumpy can anyone see any error's ?

Login.php

PHP:


<html> 
<head><title>Login</title></head> 
<body> 

<form action="LoginAction.php" method="Post"> 
Email Address:<br /> 
<input type="Text" name="psUser" /> 
<br /> 
Password:<br /> 
<input type="password" name="psPassword" /> 
<br /> 
<input type="submit" value="Login" /> 

<input type="hidden" name="psRefer" value="<? echo($refer?>
</form> 

</body> 
</html> 

LoginAction.php

PHP:


<?php
// Check if the information has been filled in 
if($psUser == '' || $psPassword == '') { 

// No login information 
header('Location: Login.php?refer='.urlencode($psRefer)); 

} else { 

// Authenticate user 
$hDB mysql_connect('localhost''root'); 
mysql_select_db('vicecent_v2'$hDB); 

$sQuery 
Select iUser, MD5(UNIX_TIMESTAMP() + iUser + RAND(UNIX_TIMESTAMP())) sGUID 
From adminusers 
Where sUser = '$psUser' 
And sPassword = password('$psPassword')"

$hResult mysql_query($sQuery$hDB); 

if(mysql_num_rows($hResult)) { 

$aResult mysql_fetch_row($hResult); 

// Update the user record 
$sQuery 
Update adminusers 
Set sGUID = '$aResult[1]' 
Where iUser = $aResult[0]"

mysql_query($sQuery$hDB); 

// Set the cookie and redirect 
setcookie("session_id"$aResult[1]); 

if(!$psRefer$psRefer '../main.php'
header('Location: '.$psRefer); 

} else { 

// Not authenticated 
header('Location: Login.php?refer='.urlencode($psRefer)); 



?> 

incSession.php

PHP:


<?php
// Check for a cookie, if none got to login page 
if(!isset($HTTP_COOKIE_VARS['session_id'])) { 
header('Location: Login.php?refer='.urlencode($PHP_SELF.'?'.$HTTP_SERVER_VARS['QUERY_STRING'])); 


// Try to find a match in the database 
$sGUID $HTTP_COOKIE_VARS['session_id']; 
$hDB mysql_connect('localhost''root'); 
mysql_select_db('vicecent_v2'$hDB); 

$sQuery 
Select iUser 
From adminusers 
Where sGUID = '$sGUID'"

$hResult mysql_query($sQuery$hDB); 

if(!mysql_num_rows($hResult)) { 
// No match for guid 
header('Location: Login.php?refer='.urlencode($PHP_SELF.'?'.$HTTP_SERVER_VARS['QUERY_STRING'])); 

?> 

then it says you are meant to inclde this in you pages to protect them...

PHP:


<?php require('incSession.php'); ?>

thanks if anyone can see any errors Shocked

#3
Old Post December 30th, 2003 01:01 PM
matrael

matrael

I'm a programmer with art skills. ...
Status: Offline!

What happens when you try to login? Any PHP errors? MySQL complaints ... ?

___________________

--
Jason Ricketts
jason@dork.cx
http://www.kerneld.org

Quick Jump:

Main Navigation

Site & Graphic Design by Aeon Tan
Developed by Jeremie Pelletier & Scott Roach

NeverAPI generated this page in 0.0094 seconds.