Session for login
I have a login form, when the user input his correct username and password he will go to the machine1 and in the machine1 theres a logout hyperlink. My problem is when the user already logout and he type in the url http://localhost/machine1/machine1.php he can view the machine1 which is wrong because he is already logout. I want is if the user did not login he cannot view the machine1.
All I mean is when the user tried to go in machine1 even he is not already login, instead of locating him in machine1 he will locate to the index.php which is the login form. and when the user is already login he cannot go back to the index.php because he is already login.
I have no idea regarding the code to solve this kind of problem.
here is my index.php or login form:
and here is my code for machine1PHP Code:<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
<style type="text/css">
#form1 h2 strong {
color: #06F;
font-family: "Trebuchet MS", Arial, Helvetica, sans-serif;
}
#form1 p label {
color: #009;
}
</style>
</head>
<body>
<form id="form1" name="form1" method="post" action="">
<h2><strong> LOGIN FORM</strong></h2>
<p>
<label for="username">Username: </label>
<input type="text" name="username" id="username" />
</p>
<p>
<label for="password">Password: </label>
<input type="password" name="password" id="password" />
</p>
<p>
<input type="submit" name="submit" id="submit" value="Submit" />
</p>
<?php
include 'connection.php';
if (isset($_POST['submit'])) {
$username=$_POST['username'];
$password=$_POST['password'];
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string(sha1($password));
mysql_query("UPDATE tbllogin SET password = '$password' WHERE username = '$username'");
$sql="SELECT * FROM tbllogin WHERE username='$username' and password='$password'";
$result=mysql_query($sql);
$count=mysql_num_rows($result);
if($count==1){
header("location:machine1.php");
}
else {
echo "Wrong Username or Password";
}
}
?>
</form>
</body>
</html>
and this my code for my logout:PHP Code:<!DOCTYPE HTML>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Untitled Document</title>
</head>
<body>
<form name="machine1" action="machine1.php" method="post">
<p>
<?php
session_start();
$sort = "ASC";
$data_sort = "Emp_ID";
if(isset($_GET['sorting']))
{
if($_GET['sorting'] == 'ASC'){
$sort = "DESC";
}
else{
$sort = "ASC";
}
}
if (isset($_GET['field_name'])) {
if($_GET['field_name'] == 'Emp_ID'){
$data_sort = "Emp_ID";
}
elseif($_GET['field_name'] == 'Last_Name'){
$data_sort = "Last_Name";
}
elseif($_GET['field_name'] == 'First_Name'){
$data_sort = "First_Name";
}
elseif($_GET['field_name'] == 'Birthday'){
$data_sort = "Birthday";
}
}
?>
<a href="logout.php">Log out</a> </p>
<table border="1">
<tr>
<td><a href="machine1.php?sorting=<?php echo $sort; ?>&field_name=Emp_ID">Emp ID</a></td>
<td><a href="machine1.php?sorting=<?php echo $sort; ?>&field_name=Last_Name">Last Name</a></td>
<td><a href="machine1.php?sorting=<?php echo $sort; ?>&field_name=First_Name">First Name</a></td>
<td><a href="machine1.php?sorting=<?php echo $sort; ?>&field_name=Birthday">Birthday</a></td>
<td>Option</td>
</tr>
<?php
include 'connection.php';
if (isset($_GET['pageno'])) {
$pageno = $_GET['pageno'];
} else {
$pageno = 1;
}
$query = "SELECT count(*) FROM tbl_machine1";
$result = mysql_query($query) or trigger_error("SQL", E_USER_ERROR);
$query_data = mysql_fetch_row($result);
$numrows = $query_data[0];
$rows_per_page = 5;
$lastpage = ceil($numrows/$rows_per_page);
$pageno = (int)$pageno;
if ($pageno > $lastpage) {
$pageno = $lastpage;
}
if ($pageno < 1) {
$pageno = 1;
}
$limit = 'LIMIT ' .($pageno - 1) * $rows_per_page .',' .$rows_per_page;
$query = "SELECT * FROM tbl_machine1 ORDER BY $data_sort $sort $limit";
$result = mysql_query($query) or trigger_error("SQL", E_USER_ERROR);
while($info = mysql_fetch_array( $result ))
{
$emp_id = $info['Emp_ID'];
$lname = $info['Last_Name'];
$fname = $info['First_Name'];
$bday = $info['Birthday'];
$date = date('d-m-Y', strtotime($bday));
?>
<tr>
<td><?php echo $emp_id;?> </td>
<td><?php echo $lname;?> </td>
<td><?php echo $fname;?> </td>
<td><?php echo $date;?> </td>
<td><a href = 'edit.php?id=<?php echo $emp_id; ?>'>Edit</a> <a href='delete.php?id=<?php echo $emp_id; ?>' onClick="return confirm('Are you sure you want to delete?')">Delete</a></td>
</tr>
<?php
}
?>
</table>
<A HREF="javascript:void(0)" onClick="window.open('add.php','welcome','width=300,height=200')">
<input type="button" name="add" value="ADD"> </A>
<?php
if(isset($_GET['sorting']))
{
if($_GET['sorting'] == 'ASC'){
$sort = "ASC";
}
else{
$sort = "DESC";
}
}
if ($pageno == 1) {
echo " FIRST PREV ";
} else {
?>
<a href="machine1.php?pageno=1&field_name=<?php echo $data_sort; ?>&sorting=<?php echo $sort; ?>">FIRST</a>
<?php
$prevpage = $pageno-1;
?>
<a href="machine1.php?pageno=<?php echo $prevpage;?>&field_name=<?php echo $data_sort; ?>&sorting=<?php echo $sort; ?>">PREV</a>
<?php
}
echo " ( Page $pageno of $lastpage ) ";
if ($pageno == $lastpage) {
echo " NEXT LAST ";
} else {
$nextpage = $pageno+1;
?>
<a href="machine1.php?pageno=<?php echo $nextpage; ?>&field_name=<?php echo $data_sort; ?>&sorting=<?php echo $sort; ?>">NEXT</a>
<a href="machine1.php?pageno=<?php echo $lastpage; ?>&field_name=<?php echo $data_sort; ?>&sorting=<?php echo $sort; ?>">LAST</a>
<?php
}
?>
</body>
</html>
I really need to solved it and I hope somebody can help me.PHP Code:<?php
session_start();
session_destroy();
header ("Location: index.php");
?>
Thank you
CSS Codes
Reply With Quote
Bookmarks