Hiding Text Boxes On Login

[VitaminWater]

Im creating a website in which there are two text boxes displayed in the upper right hand corner of the page asking for a username and password. I am able to make the PHP find the username and password match in the mysql database. However, once they enter in this information i want to hide the text boxes and login button and display, "Welcome, 'username'" in its place.
Any help is appreciated. Thanks.

[Jesdisciple]

When they login, session_start() and store their login data in $_SESSION. On every page (or the include that handles the login form), session_start() and check for the login data; show "Welcome" if it is or the login form if it's not.

See http://www.php.net/manual/en/intro.session.php.

[JasonDFR]

I think this is exactly what you are looking for.

When a user logs in, set

$_SESSION['LOGGED_IN'] = true;
$_SESSION['FIRST_NAME'] = "First_Name";
$_SESSION['LAST_NAME'] = "Last_Name";

Put the code below at the top of your pages or where ever you want the log in form to be. Everything lives inside a <div> .

If the user is logged in, it says Welcome "John User" and displays links to a manage account page and a logout script. If the user is not logged in, it displays two text inputs, one for username, the other for password, and a submit button along with a link to a create account page.

Good Luck!

Code:

<div id="login_small">

	<?php if ($_SESSION['LOGGED_IN'] == true) {

		echo '<ul>';
			echo '<li>Welcome ' . $_SESSION['FIRST_NAME'] . ' ' . $_SESSION['LAST_NAME'] . '</li>';
			echo '<li><a href="/manage.php">Manage</a></li>';
			echo '<li><a href="/logout.php">Logout</a></li>';
		echo '</ul>';

	} else { ?>

	<form id="login" action="/login.php" method="post">

		<label for="username">User Name: <input type="text" id="username" name="username" value="" /></label>

		<label for="pass_word">Password: <input type="password" id="pass_word" name="pass_word" value="" /></label>
				
		<input type="hidden" name="login" value="1" />
				
		<input class="submit" type="submit" name="submit" />

		<p>Not a member? <a href="/register.php">Click here to create an account.</a></p>
		
	</form> <!-- end login -->

	<?php } ?>

</div> <!-- end  login_small -->

[VitaminWater]

Thank you very much for your reply.
Im not very sure how to implement this into my code correctly.
The below is a one of my website pages and as you can see ive put in the login script you've provided in the location i want it to be.

Code:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
 
<html lang="en">
<head>
<title></title>


<link href="css.css" rel="stylesheet" type="text/css">
<style type="text/css">
<!--
.style3 {color: #FFFFFF}
a:link {
	text-decoration: none;
}
a:visited {
	text-decoration: none;
}
a:hover {
	text-decoration: none;
}
a:active {
	text-decoration: none;
}
-->
</style>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script src="Scripts/AC_RunActiveContent.js" type="text/javascript"></script>
</head>
<body>
<div class="wrapper">
<h1></h1>

<div class="nav">
<ul>
  <li><a href="reg.php">Register</a></li>
  <li><a href="index.php">Home</a></li>
  <li><a href="#">Classes</a></li>
  <li><a href="projects.php">Projects</a></li>
  <li><a href="#">Other</a></li>
  <li><a href="contact.php">Contact Me</a></li>
</ul>
<div align="right">
<div id="login_small">

	<?php if ($_SESSION['LOGGED_IN'] == true) {

		echo '<ul>';
			echo '<li>Welcome ' . $_SESSION['FIRST_NAME'] . ' ' . $_SESSION['LAST_NAME'] . '</li>';
			echo '<li><a href="/manage.php">Manage</a></li>';
			echo '<li><a href="/logout.php">Logout</a></li>';
		echo '</ul>';

	} else { ?>

	<form id="login" action="loginauth.php" method="post">

		<label for="username">User Name: <input type="text" id="username" name="username" value="" /></label>

		<label for="pass_word">Password: <input type="password" id="pass_word" name="pass_word" value="" /></label>
				
		<input type="hidden" name="login" value="1" />
				
		<input class="submit" type="submit" name="submit" />

		<p>Not a member? <a href="/register.php">Click here to create an account.</a></p>
		
	</form> <!-- end login -->

	<?php } ?>

</div> <!-- end  login_small -->
</div>
</div>

<div class="main">

<div class="content">
  <table cellspacing="0" cellpadding="0" border="0" height="100%" width="100%">
<tr>
<td height="100%" width="100%" valign="middle" align="center"><embed src="open1.swf" width="500" height="200" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/shockwave/download/index.cgi
?P1_Prod_Version=ShockwaveFlash">
</embed></td>
</tr>
</table>
</noscript></div>


<div class="sidebar">
<h2 class="sidebar style1">
  Latest News    
    <iframe src="latest.html" name="myframe" width="225" height="150" frameborder="0" allowtransparency="true"></iframe>
</h2>
</div> 

<div class="clear"></div>

</div> 

<p class="footer">Brought to you by <span class="style3"><a href="contact.php">Steve</a>.</span></p>

</div> 
</body>
</html>

After they click Login, they are redirected to loginauth.php which looks like this:

Code:

<?php

include("config.php"); 

// connect to the mysql server
$link = mysql_connect($server, $db_user, $db_pass)
or die ("Could not connect to mysql because ".mysql_error());

// select the database
mysql_select_db($database)
or die ("Could not select database because ".mysql_error());

//encrypt
$encrypted_password = md5($_POST['password']);

$match = "select id from $table where username = '".$_POST['username']."'
and password = '".$encrypted_password."';"; 

$qry = mysql_query($match)
or die ("Could not match data because ".mysql_error());
$num_rows = mysql_num_rows($qry); 

if ($num_rows <= 0) { 
echo "Sorry, there is no username $username with the specified password.<br>";?>
<p>
  <?php
echo "Please Wait...";
exit; 
} else {

setcookie("loggedin", "TRUE", time()+(3600 * 24));
setcookie("mysite_username", "$username");
 ?>

<center>
<?php
echo "Welcome";
?>

</center>

  <?php
}
?>

How do i successfully implement your section of code to work well with what i have so far?
Thank you very much.

[JasonDFR]

You should be using a session for this and not cookies.

You'll need to place

Code:

<?php session_start(); ?>

at the top of each of your pages where you will want to use information about the user, such as whether or not the user is logged in.

In your log in script, put the following code after you have determined that it is ok to log the user in.

Code:

$_SESSION['LOGGED_IN'] = true;
$_SESSION['USER_NAME'] = "$username";

Then change the code I previously posted to have $_SESSION['USER_NAME'] where the $_SESSION['FIRST_NAME'] ane LAST_NAME are at.

Make sure you have session_start(); at the top of all your pages though or php won't be able to use the information you stored in the $_SESSION[''] varaibles.

Good luck!

Jason

[VitaminWater]

I keep getting the same errors when i try to run the script.

Code:

Notice: Undefined index: username in /u21/www/final2/index.php on line 49

Notice: Undefined index: password in /u21/www/final2/index.php on line 49

Notice: Undefined index: LOGGED_IN in /u21/scsu/c/chaputs1/www/final2/index.php on line 44

Obviously this is because of the fact the variables arent defined until later.

Code:

<?php if ($_SESSION['LOGGED_IN'] == true) {

		echo '<ul>';
			echo '<li>Welcome ' . $_SESSION['username'] . ' ' . $_SESSION['password'] . '</li>';
			echo '<li><a href="/manage.php">Manage</a></li>';
			echo '<li><a href="/logout.php">Logout</a></li>';
		echo '</ul>';

	} else { ?>

	<form id="login" action="loginauth.php" method="post">

		<label for="username">User Name: <input type="text" id="username" name="username" value="" /></label>

		<label for="password">Password: 
		<input type="password" id="password" name="password" value="" />
		</label>
				
		<input type="hidden" name="login" value="1" />
				
		<input class="submit" type="submit" name="submit" />

		<p>Not a member? <a href="/register.php">Click here to create an account.</a></p>
		
	</form> 
	<!-- end login -->

	&cent;<?php } ?>

I am not sure the correct way to declare these variables. I believe loginauth.php is correct but just for the sake ill post the code below.

Code:

if ($num_rows <= 0) { 
echo "Sorry, there is no username $username with the specified password.<br>";?>
<p>
  <?php
echo "Please Wait...";

exit; 
} else {

setcookie("loggedin", "TRUE", time()+(3600 * 24));
setcookie("mysite_username", "$username");
 ?>

<center>
<?php
echo "Welcome";
$_SESSION['LOGGED_IN'] = true;
$_SESSION['USER_NAME'] = "$username";


header( 'Location: /index.php' ) ;

?>

</center>

  <?php
}
?>

Thank you very much for your help.

[JasonDFR]

Find the following in your code and add the blue parts.

Code:

} else {

$_SESSION['LOGGED_IN'] = true;
$_SESSION['USER_NAME'] = $username;

setcookie("loggedin", "TRUE", time()+(3600 * 24));
setcookie("mysite_username", "$username");
 ?>

And change this line of code inside the "<div id="login_small">":

Code:

echo '<li>Welcome ' . $_SESSION['username'] . ' ' . $_SESSION['password'] . '</li>';

To this:

Code:

echo '<li>Welcome ' . $_SESSION['USER_NAME'] . '</li>';

You must set:

Code:

$_SESSION['LOGGED_IN'] = true;
$_SESSION['USER_NAME'] = "$username";

Right after you have done the username, password check and validated the user as "LOGGED_IN"

Hope you get it working!

JasonD

[VitaminWater]

Thank you very much for your help, it works great!

[VitaminWater]

Actually, now that i have this section of code working. How do i set it up so that i can block a certain page (say projects.php) from being viewed unless the user is logged in?
Thanks again

[rangana]

On projects.php check for the session:

PHP Code:

if ($_SESSION['LOGGED_IN']!==true) // If "logged_in" session not set
    header('Location:index.php'); // Redirect to index