hi
i have a login page which is allowing only registered user .it is working too......
but when the second page URL is typed it is getting displayed i want the all the user to enter through the first page.......when the second page URL is typed it should not get displayed............
lydia21 9 Junior Poster
vssp -5 Junior Poster
When login you store the values to SESSION variable. then
try this code
$user_id=$_SESSION;
if(!$user_id)
{
echo "<meta http-equiv=refresh content=0;url=index.php>";
exit;
}
this will help for you
lydia21 9 Junior Poster
sorry it is not working....i tried like this
login form
<form method="post" action="start1.php">
<body>
<form name="form1" method="post" action="checklogin.php">
Username<input name="myusername" type="text" id="myusername">
Password<input name="mypassword" type="password" id="mypassword">
<input type="submit" name="Submit" value="Login">
</form>login code
<?php
$myusername=$_POST['myusername'];
$_session['name']=$myusername;
$mypassword=$_POST['mypassword'];
if ($myusername=="" && $mypassword=="")
{
print "<script language=\"JavaScript\">";
print "window.location = 'http://www.ho.com/aa/viewuser.php'";
print "</script>";
}
else
{
print "<script language=\"JavaScript\">";
print "window.location = 'http://www.ho.com/aa/start.php'";
print "</script>";
}
?>view user page
<?php
session_start();
$user_id="aletheia.loco";
if(!$user_id)
{
echo "<meta http-equiv=refresh content=0;url=start.php>";
exit;
}
?> ezb 0 Newbie Poster
Heres my code....
Loginform.php
<table>
<tr><td></td><td>
<?php
if(isset($_SESSION['group'])){
echo "You are logged in as: <b>";
echo $_SESSION['username'];
}
else { ?>
<table>
<form name="loginform" method="post" action="login.php">
<tr><td>Username:</td><td><input type="text" name="username"></td><td>Password:</td><td><input type="password" name="password"></td><td></td><td><input type="submit" value="Submit"><input type="reset" value="Clear"></td></tr>
</form>
</table>
<?
}
?>Code above first checks if the session is set in my case "group" and if it is simple message saying you are logged in as "username" (another seshion I have set up) and they do not see the login form. If it is not set, they will see a basic login form.
Then the actul loging in process and setting up the seshions
<?php
$host="localhost";
$username="username";
$password="password";
$db_name="dbname";
$tbl_name="tablename";
//Connect to the serve and select database
mysql_connect("$host", "$username", "$password") or die ("Cannot connect to server");
mysql_select_db("$db_name") or die ("cannot select database");
//Taking information from the form
$username=$_POST['username'];
$password=$_POST['password'];
//browsing the database for a match
$sql="SELECT user_username, user_password, user_groupid, company_id, user_id FROM $tbl_name WHERE user_username='$username' and user_password='$password'";
$result=mysql_query($sql);
//count table row
$count=mysql_num_rows($result);
//If correct username and password result should equal 1
if($count==1){
$Groupid=mysql_result($result,'', 'user_groupid');
$Companyid=mysql_result($result,'','company_id');
$Userid=mysql_result($result,'','user_id');
session_start();
$_SESSION['userid'] = $Userid;
$_SESSION['username'] = $username;
$_SESSION['group'] = $Groupid;
$_SESSION['usercompanyid'] = $Companyid;basicly searches the database for a match with the login details, and if found starts the seshions.
For the pages you only want logged in users to see, simply rework what I showed you with the login form. Only allowing users with your seshion set, or with a specific value.
Not the safest of scripts, pretty sure someone will show you abetter one, but it will work.
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.