PHP confusion

Question

Stefce 146 Posting Pro

10 Years Ago

i can not understand why is showing "Wrong Username or password" even i dont click the button always is there and dissapearing after user enter true username and password.

if($count == 1) {
    session_register("myusername");
    session_register("mypassword");
    session_start();
if(session_is_registered(myusername)){
    echo "<a id='user_login_info'><br>Welcome <font color='#00FF00'>$user</font></a>";
    echo "<a id='user_login_info'><br>Username and Password Accepted</a>";
}
} else {
    echo "<a id='user_login_info'><br>Wrong Username or Password!</a>";
}

Thanks :)

php

2 Contributors
5 Replies
147 Views
5 Hours Discussion Span
Latest Post 10 Years Ago Latest Post by cereal

cereal 1,524 Nearly a Senior Poster

10 Years Ago

The first argument of session_is_registered() must be a string, in your case myusername is not a constant, it's a string, so add the quotes:

if(session_is_registered('myusername'))

In addition these functions will be removed from PHP 5.4, their use is highly discouraged:

Edited 10 Years Ago by cereal

cereal 1,524 Nearly a Senior Poster

10 Years Ago

Use the $_SESSION array instead:

http://www.php.net/manual/en/reserved.variables.session.php

At the top of the script place session_start(), then define the variables you want to save to session, for example:

<?php

    session_start();

    $_SESSION['username'] = 'Stefan';

    echo $_SESSION['username'];

Regarding the form, I cannot help much on the javascript side, but you have to be sure the logged user cannot submit to the login script, not only that the form is visible or not. This means you have to filter the requests to the script, you could place this in top:

<?php

    session_start();

    if(array_key_exists('username', $_SESSION))
    {
        $_SESSION['error_flashdata'] = 'Already logged';
        header('Location: /');
    }

Then if you want, you can apply a session variable to send and display error messages in the landing page, in this case as you see in the header(), the redirect points to the homepage:

<?php

    session_start();
    $error = false;

    if(array_key_exists('error_flashdata', $_SESSION))
    {
        $error = $_SESSION['error_flashdata'];
        unset($_SESSION['error_flashdata']);
    }

    echo $error;

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

Stefce 146 Posting Pro · Answer 1 · 2013-12-31T21:19:01+00:00

Doesnt work even with the quotes, BTW yeah i have readed something about that and what should i use instead of that method ?
EDITED Also want to ask how to i make to disapear the form when the user will login so just to say "Welcome $user" i have this:

<script>
    function asd(a)
    {
        document.getElementById("login_position").style.display="none";
    }
</script>

but the problem is i dont know where to place it to work.

Stefce 146 Posting Pro · Answer 2 · 2014-01-01T00:10:51+00:00

I have solved that with the login system:

login.php

<?php
    function CheckCookieLogin() {
    $username = $_COOKIE['username'];
    if (!empty($username)) {
        $sql = "SELECT * FROM `users` WHERE `login_session`='$username'";
        $_SESSION['user_is_logged_in'] = 1;
        $_SESSION['cookie'] = $username;

        setcookie("username",$username,time()+3600*24*365,'/','.secretchatsk.host56.com');
        echo "<script> document.getElementById('login_position').style.display='none';</script>";
    }
}

    if(!isset($_SESSION['cookie']) && empty($_SESSION['user_is_logged_in'])) {
        CheckCookieLogin();
    }
?>

<?php
    if($count == 1) {
    session_register("myusername");
    session_register("mypassword");
    session_start();
        if(session_is_registered('myusername')) {
        echo "<script> document.getElementById('login_position').style.display='none';</script>";
        echo "<a id='user_login_info'><br>Welcome <font color='#00FF00'>$user</font></a>";
        echo "<a id='user_login_info'><br>Username and Password Accepted</a>";
        $_SESSION['user_is_logged_in'] = 1;
        $cookiehash = md5(sha1(username . user_ip));
        setcookie("username",$cookiehash,time()+3600*24*365,'/','.secretchatsk.host56.com');
        $sql = "UPDATE `users` SET `login_session`='$cookiehash' WHERE `Username`='$uid'";
        }
    }
?>

index.html

<?php
    require('login.php');
    CheckCookieLogin();
    //include('login.php');
?>

But i can't get that with the functions... :/

cereal 1,524 Nearly a Senior Poster Featured Poster · Answer 3 · 2014-01-01T02:10:00+00:00

Ok. Maybe I'm missing something, but from what I see, I think your script should not work, because it needs some specific conditions. For example: register_globals is on? The documentation of session_register() says:

If your script uses session_register(), it will not work in environments where the PHP directive register_globals is disabled.

As of PHP 4.2.0, the default value for the PHP directive register_globals is off. The PHP community discourages developers from relying on this directive, and encourages the use of other means, such as the superglobals.

And:

Caution
If you are using $_SESSION (or $HTTP_SESSION_VARS), do not use session_register(), session_is_registered(), and session_unregister().

Reference: http://www.php.net/manual/en/function.session-register.php

Your intent is to make the first part (up to line 17) work with the second (after line 19)? If yes, remove session_register() and the others, as suggested by the documentation and use $_SESSION to make it work.

You should, also, get some errors because session_start() is declared only at line 23 while it should be in the first line of the script.