Login Script Issues

**Titan85** · 03-29-2007, 08:37 PM

I created a login script that works fine, but for some reason the first time I try to login it simply shows the login page again. Then when I get to the control panel and click on a link it once again returns me to the login page. On the 3rd login it works fine. Here is the login page script:

PHP Code:


<?php



$ip = $_SERVER['REMOTE_ADDR'];



if ($_POST['login']) {

    $user = $_POST['user'];

    $pass = md5($_POST['password']);

    

        $chk_user = mysql_query("SELECT * FROM `clients` WHERE username = '$user'") or die ('Error Getting User Data! <br />' .mysql_error());

        $u = mysql_fetch_array($chk_user);

        $chk = mysql_num_rows($chk_user);

        

            if ($chk < 1) {

                echo '<meta http-equiv="refresh" content="2;URL=../login.php" />

                    The user <b>'.$user.'</b> does not exist!';

            } 

            elseif ($pass !== $u['password']) {

                echo '<meta http-equiv="refresh" content="2;URL=../login.php" />

                    Incorrect password';

            }

            elseif($pass == $u['password']) {        

            

                $user = $_POST['user'];

                $pass = md5($_POST['password']);

                    @session_start();

                        $_SESSION['user'] = $user;

                        $_SESSION['pass'] = $pass;

                        $_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];

                    

                    echo '<meta http-equiv="refresh" content="2;URL=/beta/client_cp" />

                        '.$user.', you are now logged in, redirecting you to the main page...';

            }

}



elseif (!$_POST['login']) {

    ?>

        <div id="login"><b>Please Log In</b>

<!-- Login Form -->

        <form name="login" method="post" action="">

            <table width="230" align="center">

                <tr>

                    <td><b>Username:</b></td>

                    <td><input type="text" name="user" class="input" /></td>

                </tr>

                <tr>

                    <td><b>Password:</b></td>

                    <td><input type="password" name="password" class="input" /></td>

                </tr>

                <tr>

                    <td colspan="2" align="right"><input type="submit" name="login" value="Login" /></td>

                </tr>

            </table>

        </form>

<!-- /Login Form -->

        </div>

    <?

}



?>

This is how I check if logged in:

PHP Code:


@session_start();

    if(empty($_SESSION['user']) || empty($_SESSION['pass']) || $_SESSION['ip'] != $_SERVER['REMOTE_ADDR']) {

    header('Location: ../login.php');

}

Is there any obvious reason for this issue? Thanks for the help

**thetestingsite** · 03-30-2007, 12:55 AM

Try placing session_start() at the very beginning of the code (directly underneath the opening php tag). Also, when you do this, don't forget to take out the line @session_start().

Hope this helps.

**Titan85** · 03-30-2007, 01:34 AM

Originally Posted by thetestingsite

Try placing session_start() at the very beginning of the code (directly underneath the opening php tag). Also, when you do this, don't forget to take out the line @session_start().

Hope this helps.

EDIT
still having issues, see below.

**Titan85** · 03-31-2007, 04:09 PM

Actually, now it has the same problem again. I moved the session_start() and it just makes it loop. It seems that it never sets the session variables. Any ideas? Thanks

Thread: Login Script Issues

Thread Tools

Search Thread

Login Script Issues

Bookmarks

Bookmarks

Posting Permissions