rhodarose
05-06-2011, 08:04 AM
I have a login form, when the user input his correct username and password he will go to the machine1 and in the machine1 theres a logout hyperlink. My problem is when the user already logout and he type in the url http://localhost/machine1/machine1.php he can view the machine1 which is wrong because he is already logout. I want is if the user did not login he cannot view the machine1.
All I mean is when the user tried to go in machine1 even he is not already login, instead of locating him in machine1 he will locate to the index.php which is the login form. and when the user is already login he cannot go back to the index.php because he is already login.
I have no idea regarding the code to solve this kind of problem.
here is my index.php or login form:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
#form1 h2 strong {
color: #06F;
font-family: "Trebuchet MS", Arial, Helvetica, sans-serif;
}
#form1 p label {
color: #009;
}
</style>
</head>
<body>
<form id="form1" name="form1" method="post" action="">
<h2><strong> LOGIN FORM</strong></h2>
<p>
<label for="username">Username: </label>
<input type="text" name="username" id="username" />
</p>
<p>
<label for="password">Password: </label>
<input type="password" name="password" id="password" />
</p>
<p>
<input type="submit" name="submit" id="submit" value="Submit" />
</p>
<?php
include 'connection.php';
if (isset($_POST['submit'])) {
$username=$_POST['username'];
$password=$_POST['password'];
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string(sha1($password));
mysql_query("UPDATE tbllogin SET password = '$password' WHERE username = '$username'");
$sql="SELECT * FROM tbllogin WHERE username='$username' and password='$password'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1){
header("location:machine1.php");
}
else {
echo "Wrong Username or Password";
}
}
?>
</form>
</body>
</html>
and here is my code for machine1
<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Untitled Document</title>
</head>
<body>
<form name="machine1" action="machine1.php" method="post">
<p>
<?php
session_start();
$sort = "ASC";
$data_sort = "Emp_ID";
if(isset($_GET['sorting']))
{
if($_GET['sorting'] == 'ASC'){
$sort = "DESC";
}
else{
$sort = "ASC";
}
}
if (isset($_GET['field_name'])) {
if($_GET['field_name'] == 'Emp_ID'){
$data_sort = "Emp_ID";
}
elseif($_GET['field_name'] == 'Last_Name'){
$data_sort = "Last_Name";
}
elseif($_GET['field_name'] == 'First_Name'){
$data_sort = "First_Name";
}
elseif($_GET['field_name'] == 'Birthday'){
$data_sort = "Birthday";
}
}
?>
<a href="logout.php">Log out</a> </p>
<table border="1">
<tr>
<td><a href="machine1.php?sorting=<?php echo $sort; ?>&field_name=Emp_ID">Emp ID</a></td>
<td><a href="machine1.php?sorting=<?php echo $sort; ?>&field_name=Last_Name">Last Name</a></td>
<td><a href="machine1.php?sorting=<?php echo $sort; ?>&field_name=First_Name">First Name</a></td>
<td><a href="machine1.php?sorting=<?php echo $sort; ?>&field_name=Birthday">Birthday</a></td>
<td>Option</td>
</tr>
<?php
include 'connection.php';
if (isset($_GET['pageno'])) {
$pageno = $_GET['pageno'];
} else {
$pageno = 1;
}
$query = "SELECT count(*) FROM tbl_machine1";
$result = mysql_query($query) or trigger_error("SQL", E_USER_ERROR);
$query_data = mysql_fetch_row($result);
$numrows = $query_data[0];
$rows_per_page = 5;
$lastpage = ceil($numrows/$rows_per_page);
$pageno = (int)$pageno;
if ($pageno > $lastpage) {
$pageno = $lastpage;
}
if ($pageno < 1) {
$pageno = 1;
}
$limit = 'LIMIT ' .($pageno - 1) * $rows_per_page .',' .$rows_per_page;
$query = "SELECT * FROM tbl_machine1 ORDER BY $data_sort $sort $limit";
$result = mysql_query($query) or trigger_error("SQL", E_USER_ERROR);
while($info = mysql_fetch_array( $result ))
{
$emp_id = $info['Emp_ID'];
$lname = $info['Last_Name'];
$fname = $info['First_Name'];
$bday = $info['Birthday'];
$date = date('d-m-Y', strtotime($bday));
?>
<tr>
<td><?php echo $emp_id;?> </td>
<td><?php echo $lname;?> </td>
<td><?php echo $fname;?> </td>
<td><?php echo $date;?> </td>
<td><a href = 'edit.php?id=<?php echo $emp_id; ?>'>Edit</a> <a href='delete.php?id=<?php echo $emp_id; ?>' onClick="return confirm('Are you sure you want to delete?')">Delete</a></td>
</tr>
<?php
}
?>
</table>
<A HREF="javascript:void(0)" onClick="window.open('add.php','welcome','width=300,height=200')">
<input type="button" name="add" value="ADD"> </A>
<?php
if(isset($_GET['sorting']))
{
if($_GET['sorting'] == 'ASC'){
$sort = "ASC";
}
else{
$sort = "DESC";
}
}
if ($pageno == 1) {
echo " FIRST PREV ";
} else {
?>
<a href="machine1.php?pageno=1&field_name=<?php echo $data_sort; ?>&sorting=<?php echo $sort; ?>">FIRST</a>
<?php
$prevpage = $pageno-1;
?>
<a href="machine1.php?pageno=<?php echo $prevpage;?>&field_name=<?php echo $data_sort; ?>&sorting=<?php echo $sort; ?>">PREV</a>
<?php
}
echo " ( Page $pageno of $lastpage ) ";
if ($pageno == $lastpage) {
echo " NEXT LAST ";
} else {
$nextpage = $pageno+1;
?>
<a href="machine1.php?pageno=<?php echo $nextpage; ?>&field_name=<?php echo $data_sort; ?>&sorting=<?php echo $sort; ?>">NEXT</a>
<a href="machine1.php?pageno=<?php echo $lastpage; ?>&field_name=<?php echo $data_sort; ?>&sorting=<?php echo $sort; ?>">LAST</a>
<?php
}
?>
</body>
</html>
and this my code for my logout:
<?php
session_start();
session_destroy();
header ("Location: index.php");
?>
I really need to solved it and I hope somebody can help me.
Thank you
All I mean is when the user tried to go in machine1 even he is not already login, instead of locating him in machine1 he will locate to the index.php which is the login form. and when the user is already login he cannot go back to the index.php because he is already login.
I have no idea regarding the code to solve this kind of problem.
here is my index.php or login form:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
#form1 h2 strong {
color: #06F;
font-family: "Trebuchet MS", Arial, Helvetica, sans-serif;
}
#form1 p label {
color: #009;
}
</style>
</head>
<body>
<form id="form1" name="form1" method="post" action="">
<h2><strong> LOGIN FORM</strong></h2>
<p>
<label for="username">Username: </label>
<input type="text" name="username" id="username" />
</p>
<p>
<label for="password">Password: </label>
<input type="password" name="password" id="password" />
</p>
<p>
<input type="submit" name="submit" id="submit" value="Submit" />
</p>
<?php
include 'connection.php';
if (isset($_POST['submit'])) {
$username=$_POST['username'];
$password=$_POST['password'];
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string(sha1($password));
mysql_query("UPDATE tbllogin SET password = '$password' WHERE username = '$username'");
$sql="SELECT * FROM tbllogin WHERE username='$username' and password='$password'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1){
header("location:machine1.php");
}
else {
echo "Wrong Username or Password";
}
}
?>
</form>
</body>
</html>
and here is my code for machine1
<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Untitled Document</title>
</head>
<body>
<form name="machine1" action="machine1.php" method="post">
<p>
<?php
session_start();
$sort = "ASC";
$data_sort = "Emp_ID";
if(isset($_GET['sorting']))
{
if($_GET['sorting'] == 'ASC'){
$sort = "DESC";
}
else{
$sort = "ASC";
}
}
if (isset($_GET['field_name'])) {
if($_GET['field_name'] == 'Emp_ID'){
$data_sort = "Emp_ID";
}
elseif($_GET['field_name'] == 'Last_Name'){
$data_sort = "Last_Name";
}
elseif($_GET['field_name'] == 'First_Name'){
$data_sort = "First_Name";
}
elseif($_GET['field_name'] == 'Birthday'){
$data_sort = "Birthday";
}
}
?>
<a href="logout.php">Log out</a> </p>
<table border="1">
<tr>
<td><a href="machine1.php?sorting=<?php echo $sort; ?>&field_name=Emp_ID">Emp ID</a></td>
<td><a href="machine1.php?sorting=<?php echo $sort; ?>&field_name=Last_Name">Last Name</a></td>
<td><a href="machine1.php?sorting=<?php echo $sort; ?>&field_name=First_Name">First Name</a></td>
<td><a href="machine1.php?sorting=<?php echo $sort; ?>&field_name=Birthday">Birthday</a></td>
<td>Option</td>
</tr>
<?php
include 'connection.php';
if (isset($_GET['pageno'])) {
$pageno = $_GET['pageno'];
} else {
$pageno = 1;
}
$query = "SELECT count(*) FROM tbl_machine1";
$result = mysql_query($query) or trigger_error("SQL", E_USER_ERROR);
$query_data = mysql_fetch_row($result);
$numrows = $query_data[0];
$rows_per_page = 5;
$lastpage = ceil($numrows/$rows_per_page);
$pageno = (int)$pageno;
if ($pageno > $lastpage) {
$pageno = $lastpage;
}
if ($pageno < 1) {
$pageno = 1;
}
$limit = 'LIMIT ' .($pageno - 1) * $rows_per_page .',' .$rows_per_page;
$query = "SELECT * FROM tbl_machine1 ORDER BY $data_sort $sort $limit";
$result = mysql_query($query) or trigger_error("SQL", E_USER_ERROR);
while($info = mysql_fetch_array( $result ))
{
$emp_id = $info['Emp_ID'];
$lname = $info['Last_Name'];
$fname = $info['First_Name'];
$bday = $info['Birthday'];
$date = date('d-m-Y', strtotime($bday));
?>
<tr>
<td><?php echo $emp_id;?> </td>
<td><?php echo $lname;?> </td>
<td><?php echo $fname;?> </td>
<td><?php echo $date;?> </td>
<td><a href = 'edit.php?id=<?php echo $emp_id; ?>'>Edit</a> <a href='delete.php?id=<?php echo $emp_id; ?>' onClick="return confirm('Are you sure you want to delete?')">Delete</a></td>
</tr>
<?php
}
?>
</table>
<A HREF="javascript:void(0)" onClick="window.open('add.php','welcome','width=300,height=200')">
<input type="button" name="add" value="ADD"> </A>
<?php
if(isset($_GET['sorting']))
{
if($_GET['sorting'] == 'ASC'){
$sort = "ASC";
}
else{
$sort = "DESC";
}
}
if ($pageno == 1) {
echo " FIRST PREV ";
} else {
?>
<a href="machine1.php?pageno=1&field_name=<?php echo $data_sort; ?>&sorting=<?php echo $sort; ?>">FIRST</a>
<?php
$prevpage = $pageno-1;
?>
<a href="machine1.php?pageno=<?php echo $prevpage;?>&field_name=<?php echo $data_sort; ?>&sorting=<?php echo $sort; ?>">PREV</a>
<?php
}
echo " ( Page $pageno of $lastpage ) ";
if ($pageno == $lastpage) {
echo " NEXT LAST ";
} else {
$nextpage = $pageno+1;
?>
<a href="machine1.php?pageno=<?php echo $nextpage; ?>&field_name=<?php echo $data_sort; ?>&sorting=<?php echo $sort; ?>">NEXT</a>
<a href="machine1.php?pageno=<?php echo $lastpage; ?>&field_name=<?php echo $data_sort; ?>&sorting=<?php echo $sort; ?>">LAST</a>
<?php
}
?>
</body>
</html>
and this my code for my logout:
<?php
session_start();
session_destroy();
header ("Location: index.php");
?>
I really need to solved it and I hope somebody can help me.
Thank you