-
BUT at the moment I am trying to use cookies, please tell me where my problem is.
edit: nevermind, I suppose I'll use Sessions for now.
edit2:
new code:
page insert:
Code:
<?php
session_start();
$_SESSION['password']=$password;
if ($password=="password1") {
print ("logged in. pass: password1
<br>
<br>
<a href=\"phpscripts/logout.php\">Logout</a>");
}
elseif ($password=="password2") {
print ("logged in. pass: password2
<br>
<br>
<a href=\"phpscripts/logout.php\">Logout</a>");
}
elseif ($password=="password3") {
print ("logged in. pass: password3
<br>
<br>
<a href=\"phpscripts/logout.php\">Logout</a>");
}
else {
print ("Login please.
<br>
<br>
Password:
<br>
<form method=\"POST\" action=\"phpscripts/login.php\">
<input class=\"field\" type=\"text\" name=\"password\" size=\"7\">
<br>
<br>
<input onmouseover=\"this.src='images/buttons/loginbutton_mouseon.gif';\" onmouseout=\"this.src='images/buttons/loginbutton_mouseoff.gif';\" type=\"image\" src=\"images/buttons/loginbutton_mouseoff.gif\" alt=\"Login\">
</form>");
}
?>
login.php
Code:
<?php
if(($_POST['password'])=="password1") {
session_start();
$_SESSION['password']='password1';
print("pass1");
}
elseif(($_POST['password'])=="password2") {
setcookie("password", "password2", time()+604800);
print("pass2");
}
elseif(($_POST['password'])=="password3") {
setcookie("password", "password3", time()+604800);
print("pass3");
}
else {
print("no pass");
}
?>
note: yes i know i only converted pass1 to sesions, it was just to test so i didn't change them all.
Any clue as to what I've broken????? I thought everything was correct...
-
I told you that you should sessions, they are more reliable.
But your origanal problem was that you never unset the cookies, you would be logged in forever, just set the cookie blank if you want to log out.
--
Anyways, what's that problem, we can't help if you just say "Its broken"
What's the error, what does not work?
-
My previous post said the error, and no the problem was not that I wasn't un-setting the cookies, they had been cleared then I created a logout, still no effect, finally I changed the code (I remember where I had left out some quotes that were needed) and it suddenly stopped. The problem is that it will not remember me, with cookies or sessions.
-
That script seems ok, but I changed a few things last time I posted. I'll explain why and maybe it will help. This isn't meant to be an attack on your code, but just a way it could be improved some:
PHP Code:
$fp = fopen('flat-file-data.txt','r');
$line = fgets($fp, 1024);
//I don't see any need to fopen/fgets, when you can just use file_get_contents().
//that also avoids any permission errors that would be encountered with fopen.
list ($passwordlvl1, $passwordlvl2, $passwordlvl3) = split ('\|', $line);
//list is fine, but what if there are more listed in the file?
//certainly you don't need to use an external file for 3 passwords
//using split is also a bit weird. explode() doesn't require regex, and "|" would be valid, no need for \|.
if($_SESSION['password']==$passwordlvl1){//password #1
}elseif($_SESSION['password']==$passwordlvl2){//password #2
}elseif($_SESSION['password']==$passwordlvl3){//password #3
}
//ok, this would work.
//however, I would store a "logged in" variable in the session, not the password
//if ($_POST['pass']=='pass1') { $_SESSION['loginlevel'] = 1; }
else
{
header("location: login.php"); //fine, but technically should be a full URL for some reason
}
-
Thank you drj, but can't someone just tell me whats wrong with that one???? Why can't it remember me??
-
His script was easier to correct because I can easily follow the logic.
Here are a couple things to improve:
1. $_SESSION['password']=$password;
That looks backwards to me. $password was never set, so I think you want to get the pass FROM the session, not the other way around. That is probably the biggest issue.
2. You are still using cookies, not session variables for the login.
Place session_start() at the top of the pages. That's it. Then you can save any value to $_SESSION['...'] and it will be available on any other page with session_start() at the top for the duration of your session. So, replace the set_cookie() functions with storing the value to an index of the $_SESSION array.
-
If you read my code, the first one, which I always type in ("password1") IS properly configured for sessions. My problem was the $password thing, I was thinking along the lines of: Get the session data, then turn it into a variable. So I screwed up my order. Thank you alot djr.
Code:
if(($_POST['password'])=="password1") {
session_start();
$_SESSION['password']='password1';
print("pass1");
}
that is the code for login.php, unless I'm mistaken that is correct.
edit: i correct that one thing, my reverse order and now all is perfect, thank you everyone for your help.
-
Seems reasonable, though you might want to do if (isset($_POST['password'])), then check it from there.
-
What difference does it provide? How would I go about sending the user back to the previous page? I tried javascript.go.history(-1); but that doesn't refresh the page, so no luck there. I thought about getting the referring URL, but thats not always correct, or reliable. So whats my best bet? Do I have to send them back to the homepage?
