Hi I am having problems with authenticating session. I moved this over from a different site where I was testing it and didn't change anything but now it doesn't seem to be working. The site connects to the MySQL data base and if the info is wrong it says so. However if the info is right it takes me back to the previous page, but without the session being authenticated, and so the logged in menu doesn't appear. I am not sure what I am doing wrong. Here is the session start code from login page if login info is correct if($match==1) { $_SESSION['authenticated']==true; $_SESSION['username']=$_POST['username']; $_SESSION['password']=$_POST['password']; $url = 'index.php'; // default page for if(isset($_SESSION['url'])) { $url = strip_tags($_SESSION['url']); unset($_SESSION['url']); } Code (markup): And here is the part that should check to see if a user is logged in: if(isset($_SESSION['authenticated'])) { include 'usermenu.php'; } else {echo 'You are not currently logged in <br> <a href="\site/login.php\">Log In</a>'; } Code (markup): Thanks for any help.
I hope you have a <?php session_start(); ?> PHP: at the beginning of the pages where you want to use a session. If yes, good Ok, found your error This $_SESSION['authenticated']==true; PHP: is wrong. It should be like this $_SESSION['authenticated'] = true; PHP: now $_SESSION['authenticated'] has true as value
Hi, thanks, I did have just = but changed it and forgot to change back. I have tried all this and it still doesn't work. However I have narrowed it down a little. If I open up usermenu.php then I do appear to be logged in, so I think it is something to do with the include, any ideas?
Here is the full code, really struggling Here is the login page: <?php $SELF=basename(__FILE__); $msg=''; if(isset($_POST['username']) && !empty($_POST['username']) && isset($_POST['password']) && !empty($_POST['password'])) { $link = mysql_connect('', '', '') or die('Could not connect: ' . mysql_error()); mysql_select_db('') or die(mysql_error()); $username = mysql_real_escape_string($_POST['username']); $password = mysql_real_escape_string($_POST['password']); $sql="SELECT `active` FROM `users` WHERE `username`='".$username."' AND `password`='".$password."'"; $search = mysql_query($sql) or die(mysql_error()); $match = mysql_num_rows($search); } if($match==1) { $_SESSION['authenticated'] = true ; $_SESSION['username']=$_POST['username']; $_SESSION['password']=$_POST['password']; $url = 'index.php'; // default page for if(isset($_SESSION['url'])) { $url = strip_tags($_SESSION['url']); unset($_SESSION['url']); } if (isset($_POST['rememberme'])) { /* Set cookie to last 1 year */ setcookie('username', $_POST['username'], time()+60*60*24*365, 'www.web.com'); setcookie('password', $_POST['password'], time()+60*60*24*365, 'www.web.com'); } else { setcookie('username', $_POST['username'], false, 'www.web.com'); setcookie('password', $_POST['password'], false, 'www.web.com'); } header("Location: http://web.com/$url"); exit; } else { $msg='<p>Login Failed! Please make sure that you enter the correct details and that you have activated your account.</p>'; } ?> <html> <body> <h1>Login Form</h1> <?php if(!empty($msg)) { echo $msg; } ?> <p>Please enter your name and password to login</p> <!-- start sign up form --> <form action="<?php echo $SELF; ?>" method="post"> <div> <label for="name">Name:</label> <input type="text" name="username" value="" /> </div> <div> <label for="password">Password:</label> <input type="password" name="password" value="" /> </div> Remember Me: <input type="checkbox" name="rememberme" value="1"><br> <div><input type="submit" class="submit_button" value="Login" /></div> </form> <a href="http://www.web.com/forgot.php">Forgot Password?</a><br> <a href="http://www.web.com/register.php">Register here</a> </body> </html> Code (markup): Here is an example of another page: <?php session_start(); if(isset($_SESSION['authenticated'])) { include 'usermenu.php'; } else {echo 'You are not currently logged in <br> <a href="\web.com/login.php\">Log In</a>'; } ?> <html> <body> </body> </html> Code (markup): I have no idea what is going on so any help would be appreciated
I don't have much time right now, so just some general suggestions. Add some more echo or die functions to narrow it more down. After every step make a check if it works (else die with error) so you can see how far you get.
You are not using session_start() on the first page, only on the second - if your host/php configuration doesn't have session.auto_start set to true, then you will need to add that to the top of every page that requires use of the sessions.
every page you use a session variable on MUST start with the opening session_start(); just inside the <?php tag