Go4Expert

Go4Expert (http://www.go4expert.com/)
-   PHP (http://www.go4expert.com/forumdisplay.php?f=26)
-   -   Login and Logout with cookie and session error (http://www.go4expert.com/showthread.php?t=26769)

ifrostpresents 23Sep2011 17:44
Login and Logout with cookie and session error
 
index
PHP Code:
<?php
ob_start();
session_start();

require_once ("functions.php");

if (checkLoggedin())
    echo "<H1>You are already logged in - <A href = \"login.php?do=logout\">logout</A></h1>";
else
    echo "<H1>You are not logged in - <A href = \"login.php\">login</A></h1></h1>";
?>
functions

PHP Code:
<?php
include("connection.php");
function createsessions($username,$password)
{
    //Add additional member to Session array as per requirement
    session_register();

    $_SESSION["gdusername"] = $username;
    $_SESSION["gdpassword"] = md5($password);
    
    if(isset($_POST['remme']))
    {
        //Add additional member to cookie array as per requirement
        setcookie("gdusername"$_SESSION['gdusername'], time()+60*60*24*100"/");
        setcookie("gdpassword"$_SESSION['gdpassword'], time()+60*60*24*100"/");
        return;
    }
}

function clearsessionscookies()
{
    unset($_SESSION['gdusername']);
    unset($_SESSION['gdpassword']);
    
    session_unset();    
    session_destroy(); 

    setcookie ("gdusername""",time()-60*60*24*100"/");
    setcookie ("gdpassword""",time()-60*60*24*100"/");
}

function confirmUser($username,$password)
{


$sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password' and accounttype='$accounttype'";

$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $username and $password, table row must be 1 row

if($count==1){
include("correct.php");
}
    else{
include("incorrect.php");
}
}

function checkLoggedin()
{
    if(isset($_SESSION['gdusername']) AND isset($_SESSION['gdpassword']))
        return true;
    elseif(isset($_COOKIE['gdusername']) && isset($_COOKIE['gdpassword']))
    {
        if(confirmUser($_COOKIE['gdusername'],$_COOKIE['gdpassword']))
        {
            createsessions($_COOKIE['gdusername'],$_COOKIE['gdpassword']);
            return true;
        }
        else
        {
            clearsessionscookies();
            return false;
        }
    }
    else
        return false;
}
?>
connection

PHP Code:
<?php
$host="localhost"// Host name
$dbusername=""// Mysql username
$dbpassword=""// Mysql password
$db_name="test"// Database name
$tbl_name="members"// Table name
mysql_connect("$host""$dbusername""$dbpassword")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

?>
login

PHP Code:
<?php

ob_start();
session_start();
include("connection.php");
require_once ("functions.php");

$returnurl urlencode(isset($_GET["returnurl"])?$_GET["returnurl"]:"");
if($returnurl == "")
    $returnurl urlencode(isset($_POST["returnurl"])?$_POST["returnurl"]:"");

$do = isset($_GET["do"])?$_GET["do"]:"";

$do strtolower($do);

switch($do)
{
case "":
    if (checkLoggedin())
    {
        echo "<H1>You are already logged in - <A href = \"login.php?do=logout\">logout</A></h1>";
    }
    else
    {
        ?>
        <form NAME="login1" ACTION="login.php?do=login" METHOD="POST" ONSUBMIT="return aValidator();">
        <input TYPE="hidden" name="returnurl" value="<?$returnurl?>">
        <TABLE cellspacing="3">
        <TR>
            <TD>Username:</TD>
            <TD><input TYPE="TEXT" NAME="username"></TD>
            <TD>Password:</TD>
            <TD><input TYPE="PASSWORD" NAME="password"></TD>
        </TR>
        <TR>
            <TD colspan="4" ALIGN="center"><input TYPE="CHECKBOX" NAME="remme">&nbsp;Remember me for the next time I visit</TD>
        </TR>
        <TR>
            <TD ALIGN="CENTER" COLSPAN="4"><input TYPE="SUBMIT" name="submit" value="Login"></TD>
        </TR>
        </form>
        </TABLE>
    <?
    }
    break;
case "login":




    $username = isset($_POST['username'])?$_POST['username']:"";
    $password = isset($_POST['password'])?$_POST['password']:"";

    if ($username=="" or $password=="" )
    {
        echo "<h1>Username or password is blank</h1>";
        clearsessionscookies();
        header("location: login.php?returnurl=$returnurl");
    }
    else
    {
        if(confirmuser($username,md5($password))) // As pointed out by asgard2005
        {
            createsessions($username,$password);
            if ($returnurl<>"")
                header("location: $returnurl");
            else
            {
                header("Location: index.php");
            }
        }
        else
        {
            echo "<h1>Invalid Username and/Or password</h1>";
            clearsessionscookies();
            header("location: login.php?returnurl=$returnurl");
        }
    }
    break;
case "logout":
    clearsessionscookies();
    header("location: index.php");
    break;
}
?>
I need your help guys :embarasse
I'm having a problem with my login. I dont encounter any error but I cant login :embarasse
Please help me :happy:
Thank you :nice:


All times are GMT +5.5. The time now is 20:30.