Go4Expert

Go4Expert (http://www.go4expert.com/)
-   PHP (http://www.go4expert.com/forums/php/)
-   -   Login and Logout with cookie and session error (http://www.go4expert.com/forums/login-logout-cookie-session-error-t26769/)

ifrostpresents 23Sep2011 17:44

Login and Logout with cookie and session error
 
index
PHP Code:

<?php
ob_start
();
session_start();

require_once (
"functions.php");

if (
checkLoggedin())
    echo 
"<H1>You are already logged in - <A href = \"login.php?do=logout\">logout</A></h1>";
else
    echo 
"<H1>You are not logged in - <A href = \"login.php\">login</A></h1></h1>";
?>

functions

PHP Code:

<?php
include("connection.php");
function 
createsessions($username,$password)
{
    
//Add additional member to Session array as per requirement
    
session_register();

    
$_SESSION["gdusername"] = $username;
    
$_SESSION["gdpassword"] = md5($password);
    
    if(isset(
$_POST['remme']))
    {
        
//Add additional member to cookie array as per requirement
        
setcookie("gdusername"$_SESSION['gdusername'], time()+60*60*24*100"/");
        
setcookie("gdpassword"$_SESSION['gdpassword'], time()+60*60*24*100"/");
        return;
    }
}

function 
clearsessionscookies()
{
    unset(
$_SESSION['gdusername']);
    unset(
$_SESSION['gdpassword']);
    
    
session_unset();    
    
session_destroy(); 

    
setcookie ("gdusername""",time()-60*60*24*100"/");
    
setcookie ("gdpassword""",time()-60*60*24*100"/");
}

function 
confirmUser($username,$password)
{


$sql="SELECT * FROM $tbl_name WHERE username='$username' and password='$password' and accounttype='$accounttype'";

$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $username and $password, table row must be 1 row

if($count==1){
include(
"correct.php");
}
    else{
include(
"incorrect.php");
}
}

function 
checkLoggedin()
{
    if(isset(
$_SESSION['gdusername']) AND isset($_SESSION['gdpassword']))
        return 
true;
    elseif(isset(
$_COOKIE['gdusername']) && isset($_COOKIE['gdpassword']))
    {
        if(
confirmUser($_COOKIE['gdusername'],$_COOKIE['gdpassword']))
        {
            
createsessions($_COOKIE['gdusername'],$_COOKIE['gdpassword']);
            return 
true;
        }
        else
        {
            
clearsessionscookies();
            return 
false;
        }
    }
    else
        return 
false;
}
?>

connection

PHP Code:

<?php
$host
="localhost"// Host name
$dbusername=""// Mysql username
$dbpassword=""// Mysql password
$db_name="test"// Database name
$tbl_name="members"// Table name
mysql_connect("$host""$dbusername""$dbpassword")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

?>

login

PHP Code:

<?php

ob_start
();
session_start();
include(
"connection.php");
require_once (
"functions.php");

$returnurl urlencode(isset($_GET["returnurl"])?$_GET["returnurl"]:"");
if(
$returnurl == "")
    
$returnurl urlencode(isset($_POST["returnurl"])?$_POST["returnurl"]:"");

$do = isset($_GET["do"])?$_GET["do"]:"";

$do strtolower($do);

switch(
$do)
{
case 
"":
    if (
checkLoggedin())
    {
        echo 
"<H1>You are already logged in - <A href = \"login.php?do=logout\">logout</A></h1>";
    }
    else
    {
        
?>
        <form NAME="login1" ACTION="login.php?do=login" METHOD="POST" ONSUBMIT="return aValidator();">
        <input TYPE="hidden" name="returnurl" value="<?$returnurl?>">
        <TABLE cellspacing="3">
        <TR>
            <TD>Username:</TD>
            <TD><input TYPE="TEXT" NAME="username"></TD>
            <TD>Password:</TD>
            <TD><input TYPE="PASSWORD" NAME="password"></TD>
        </TR>
        <TR>
            <TD colspan="4" ALIGN="center"><input TYPE="CHECKBOX" NAME="remme">&nbsp;Remember me for the next time I visit</TD>
        </TR>
        <TR>
            <TD ALIGN="CENTER" COLSPAN="4"><input TYPE="SUBMIT" name="submit" value="Login"></TD>
        </TR>
        </form>
        </TABLE>
    <?
    }
    break;
case "login":




    $username = isset($_POST['username'])?$_POST['username']:"";
    $password = isset($_POST['password'])?$_POST['password']:"";

    if ($username=="" or $password=="" )
    {
        echo "<h1>Username or password is blank</h1>";
        clearsessionscookies();
        header("location: login.php?returnurl=$returnurl");
    }
    else
    {
        if(confirmuser($username,md5($password))) // As pointed out by asgard2005
        {
            createsessions($username,$password);
            if ($returnurl<>"")
                header("location: $returnurl");
            else
            {
                header("Location: index.php");
            }
        }
        else
        {
            echo "<h1>Invalid Username and/Or password</h1>";
            clearsessionscookies();
            header("location: login.php?returnurl=$returnurl");
        }
    }
    break;
case "logout":
    clearsessionscookies();
    header("location: index.php");
    break;
}
?>

I need your help guys :embarasse
I'm having a problem with my login. I dont encounter any error but I cant login :embarasse
Please help me :happy:
Thank you :nice:


All times are GMT +5.5. The time now is 17:39.