Member Avatar for kazkuzzer007

I need help to solve my problem in making a login system. why always when login is rejected, the rejection order that I made: "You are not authorized to access this page", but that when admins are not logged in, even though I have entered the correct username and password with the codingnya. thank you in advance for those who have answered my question. sorry if my english bad :-)

login_admin.php

<html>
<head>
    <title>Index</title>
</head>
<body>
    <center>
        <form method="post" action="check_admin.php">
            <table width="287" height="101" border="0" style="border:groove">
                <tr valign="bottom">
                    <td width="109" height="35"><font size="4" face="verdana">Username</font></td>
                    <td width="160"><input type="text" name="username" size="20"></td>
                </tr>

                <tr valign="top">
                    <td height="34"><font size="4" face="verdana">Password</font></td>
                    <td><input type="password" name="password" size="20" id="password"></td>
                </tr>

                <tr>
                    <td colspan="2" align="center">
                        <input type="submit" name="send" value="LOGIN">
                        <input type="button" name="send" value="BACK" onClick="location.replace('index.php');"> 
                    </td>
                </tr>
            </table>
        </form>
    </center>
</body>
</html>

check_admin.php

<?php
    include "connection.php";

    $username=$_POST['username'];
    $password=$_POST['password'];

    $query=mysql_query("select * from admin where username='$username' && password='$password'");

    $jum=mysql_num_rows($query);

    if ($jum==1)
    {
        session_start();
        $_SESSION['username']=$username;
        $_SESSION['password']=$password;
        header("location:admin.php");
    }
    else
    {
?>
        <script type="text/javascript">
            alert('Username or Password wrong');
            document.location='login_admin.php'
        </script>
<?php
    }
?>

admin.php

<?php
    include "connection.php";

    if (!isset($_SESSION['username']) && !isset($_SESSION['password']))
    {
?>
        <script type="text/javascript">
            alert('You are not authorized to access this page');
            document.location='index.php'
        </script>
<?php
    }
    else
    {
?>
        <html>
        <head>
            <title>Admin Page</title>
            <style type="text/css">
                td{text-align: center}
                #foto{width: 100; height: 100}
                a{text-decoration: none;}
                a:hover{text-decoration: underline;}
            </style>
        </head>
        <body>
            <center>
                <h1>Halaman Admin</h1>
                <input type="button" value="DATA 1" onClick="location.replace('data_1.php');" /> &nbsp; &nbsp; &nbsp; &nbsp;
                <input type="button" value="DATA 2" onClick="location.replace('data_2.php');" /> &nbsp; &nbsp; &nbsp; &nbsp;
                <input type="button" value="DATA 3" onClick="location.replace('data_3.php');" /> &nbsp; &nbsp; &nbsp; &nbsp;
                <input type="button" value="LOGOUT" onClick="location.replace('logout.php');" />
            </center>
        </body>
        </html>
<?php
    }
?>
Edited by kazkuzzer007 because: salah kalimat
  • 2 Contributors
  • 2 Replies
  • 139 Views
  • 2 Hours Discussion Span
  • Latest Post Latest Post by kazkuzzer007
Member Avatar for Ajay Gokhale

Hi,

If you are using correct user name and password then please check on session part. In admin.php use @session_start() at the begning of the page. (Before any coding). Session should be start before any precoess. So this is your first line on page i.e. <?php @session_start(); ?>

@ is used for supress any error occured. Please check and let me know.

Thanks,
Ajay

Member Avatar for kazkuzzer007

oh, sorry I forgot, thanks for reminding me

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.