My guess is that the session ID is changing. Try adding the session ID to
the end of the URL and see if the output matches. If not, you know where the
problem lies.
e.g. header( "Location: url/page.php?SessionIDViaQuery=".session_id() );
Okay, so its harder on your page as your login script is on the same page as
your output. In my system the form directs to the login page, which then
redirects the user onwards depending on the output.
login.php
Form Submits to
members/newuserlogin.php
IF Successful Login
redirects to
members/index.php
IF Unsuccessful Login
redirects to
login.php?error=X
where X is a pre-defined error number (e.g. 1 = bad
username/pass, 2 = suspended)
Good luck
Stephen
----- Original Message -----
From: "Kieran Hall" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, December 04, 2002 3:12 PM
Subject: [PHP-WIN] user system using sessions and cookies?
> Hi,
>
> I am coding a community site and am, (once again) experimenting with a
> user system.
>
> Currently I have a user class that checks the user's username and
> password with the database and returns them to a login script (with the
> password md5 encoded). The login script then registers these (password
> and username) variables using session_register().
>
> My aim is to keep the user logged in indefinitely, until they logout;
> using the appropriate function.
>
> During my experimentation, I have tried session_set_cookie_params() - to
> no avail. I then reverted to saving the username, password and session
> id in a cookie and then checking for these, like so:
>
> <?PHP
> session_start();
> //get all the extra files needed for every page.
> include('dbinfo.inc');
> include('database.class.php');
> include('user.class.php');
> //login check
> if(IsSet($_COOKIE['cookie_username']) &&
> IsSet($_COOKIE['cookie_password'])){
>
> $localuser = new userclass();
> $localuser->setup($dbserver,$dbuser,$dbpass,$dbname);
> $localuser->connect();
> $username = $_COOKIE['cookie_username'];
> $password = $_COOKIE['cookie_password'];
> $localuser->check_user($username, $password);// check function
>
> if($localuser->check){// returned true from the user class if username
> and md5 hash match with those in the database
> $s_id = $_COOKIE['cookie_session'];
> session_id($s_id);
> session_register('username');
> session_register('password');
> $login = true;
> }
> else{
> $login = false;
> }
> }
> else{
> $login = false;
> }
> ?>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
>
> <html>
> <head>
> <title>test login</title>
> </head>
>
> <body>
> <?PHP
> $username = $_SESSION['username'];
> $password = $_SESSION['password'];
> echo"<b>Login</b> = $login <br>";
> echo"<b>Username:</b> $username <br>";
> echo"<b>Password:</b> $password <br>";
> echo"<b>Session ID:</b>";
> print(session_id());
> ?>
>
> The above code gives the following:
>
> Login = 1
> Username:
> Password:
> Session ID:95a607dc349f91b2a08c8533538b8694
>
> Clearly, the login returns true and the session id has been used, but
> the password and username have not been registered. I have been playing
> around with this for a while now, and am a little stuck.
>
> Any help would be brilliant.
>
> Thanks in advance.
>
> ********************************************************************
> Kieran Hall
>
>
>
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
