PhP code wont work HELP

axx81 · July 18, 2013, 6:46pm

This is my checklogin.php [php]<?php
include “mysql_info.php”;
session_start();

$filled = 0;
if($_POST[“mypassword”] != “” && $_POST[“myusername”] != “”)
{
// Connect to server and select databse.
mysql_connect("$host", “$username”, “$password”)or die(“cannot connect”);
mysql_select_db("$db")or die(“cannot select DB”);

// username and password sent from form
$myusername=$_POST[‘myusername’];
$mypassword=$_POST[‘mypassword’];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$mypassword = md5($mypassword);

$sql=“SELECT * FROM members WHERE username=’$myusername’ and password=’$mypassword’”;
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
session_register(“myusername”);
session_register(“mypassword”);
header(“location:home.php”);
}
else {
echo “Wrong Username or Password”;
}
}
?>
[/php]
This is home.php which the login directs to [php]<?php
session_start();
if(!session_is_registered(myusername)){
header(“location:index.html”);
}
?>

<head>
	<meta charset="UTF-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> 
    <title>Homepage</title>
    <link rel="shortcut icon" href="../favicon.ico"> 
    <link rel="stylesheet" type="text/css" href="css/demo.css" />
    <link rel="stylesheet" type="text/css" href="css/style4.css" />
	<link href='http://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'>
</head>
<body>
    <div class="container">
		<!-- Codrops top bar -->
        <div class="codrops-top">

           
                <strong>Home Page                                  <a style="font-size:10px" href="logout.php">Logout</a> </strong>
    
            <div class="clr"></div>
        </div><!--/ Codrops top bar -->

		<section>

a{color: White; font-size: 15px} a:visited{color: white; font-size: 15px;}

Home

		</section>



    </div>
</body>

[/php] i want this and some other pages to be locked for users that are not signed in but it doesnt work. It blocks everybody included logged in users (when you login it directs you back to the login page) or if i doesnt block everybody it blocks none (offcourse diffrent code). You have seen my code can you give me a code that i put in top of every site i want blocked that blocks users that havent signed in but not those that has signed in. And if i need to change my code just tell.

Axx81 LLC

Login Page

axx81 · July 18, 2013, 6:47pm

You are able to reply

fastsol · July 18, 2013, 7:19pm

Couple things, session_register is deprecated and not supposed to be used any longer, simply set a session var like this instead.
[php]
$_SESSION[‘myusername’] = ‘’;
$_SESSION[‘mypassword’] = ‘’;
[/php]
Although you should NEVER store a users password in a session or cookie. Second, this this line
[php]if(!session_is_registered(myusername))[/php]
should be this
[php]if(!isset($_SESSION[‘myusername’]))[/php]

AbraCadaver · July 18, 2013, 7:21pm

This will tell:
[php]error_reporting(-1);
ini_set(‘display_errors’, ‘1’);[/php]

axx81 · July 18, 2013, 7:58pm

ok now i have sat home.php to [php]<?php
session_start();
if(!isset($_SESSION[‘myusername’]))
header(“location:index.html”);
}
?>
[/php] and changed checklogin.php to[php]<?php
include “mysql_info.php”;
session_start();

$filled = 0;
if($_POST[“mypassword”] != “” && $_POST[“myusername”] != “”)
{
// Connect to server and select databse.
mysql_connect("$host", “$username”, “$password”)or die(“cannot connect”);
mysql_select_db("$db")or die(“cannot select DB”);

// username and password sent from form
$myusername=$_POST[‘myusername’];
$mypassword=$_POST[‘mypassword’];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$mypassword = md5($mypassword);

$sql=“SELECT * FROM members WHERE username=’$myusername’ and password=’$mypassword’”;
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
$_SESSION[‘myusername’] = ‘true’;
header(“location:home.php”);
}
else {
echo “Wrong Username or Password”;
}
}
?>
[/php]
now i get internal server errror anytime i login on the website or try to access home.php why?

fastsol · July 18, 2013, 8:06pm

Only thing I am seeing is that you missed a opening { on this if()
[php]if(!isset($_SESSION[‘myusername’]))
header(“location:index.html”);
}[/php]

axx81 · July 18, 2013, 8:54pm

ok i added the opening { but it still doesnt work why? i really need som help

axx81 · July 18, 2013, 8:57pm

basically after i added the bracket it is the same and the error is that i cant access when i go /home.php in the browser, but i cant access when i log in either so its basically open for everybody or closed for everybody every time i change it! and i don understand why

fastsol · July 18, 2013, 9:03pm

Do you have error reporting turned on? If not , turn it on and see if it gives a php error.

axx81 · July 18, 2013, 9:33pm

how because it doesnt look like an error it just redirects me to the login page because i am not logged in even tho i am so i dont see how and how do you turn it on?

axx81 · July 18, 2013, 9:36pm

ok i think i turned it on with and it gave me this
Warning: Unknown: open(/var/php_sessions/sess_236838f60c6a29a7c2fa600b478db3ba, O_RDWR) failed: No such file or directory (2) in Unknown on line 0 Warning: U

axx81 · July 18, 2013, 9:40pm

that error happned when i logged in using this login code [php]<?php
include “mysql_info.php”;
session_start();

$filled = 0;
if($_POST[“mypassword”] != “” && $_POST[“myusername”] != “”)
{
// Connect to server and select databse.
mysql_connect("$host", “$username”, “$password”)or die(“cannot connect”);
mysql_select_db("$db")or die(“cannot select DB”);

// username and password sent from form
$myusername=$_POST[‘myusername’];
$mypassword=$_POST[‘mypassword’];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$mypassword = md5($mypassword);

$sql=“SELECT * FROM members WHERE username=’$myusername’ and password=’$mypassword’”;
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
$_SESSION[‘myusername’] = ‘true’;
header(“location:home.php”);
}
else {
echo “Wrong Username or Password”;
}
}
?>[/php]
and this was the file that the login directs me to and it is suppose to have a header(“location:index.html”) if the user isnt logged in but when i put it in the code the only thing it does is redirecting everybody included logged in users (this home.php) [php]<?php
session_start();
if(!isset($_SESSION[‘myusername’])) {
//there is suppose to be an header(“location:index.html”) here
error_reporting(-1);
ini_set(‘display_errors’, ‘1’);
}
?>

<head>
	<meta charset="UTF-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"> 
    <title>Homepage</title>
    <link rel="shortcut icon" href="../favicon.ico"> 
    <link rel="stylesheet" type="text/css" href="css/demo.css" />
    <link rel="stylesheet" type="text/css" href="css/style4.css" />
	<link href='http://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'>
</head>
<body>
    <div class="container">
		<!-- Codrops top bar -->
        <div class="codrops-top">

           
                <strong>Home Page                                  <a style="font-size:10px" href="logout.php">Logout</a> </strong>
    
            <div class="clr"></div>
        </div><!--/ Codrops top bar -->

		<section>

a{color: White; font-size: 15px} a:visited{color: white; font-size: 15px;}

Home

		</section>



    </div>
</body>

[/php]

Axx81 LLC

Login Page

fastsol · July 18, 2013, 9:53pm

These two lines are backwards
[php]error_reporting(-1);
ini_set(‘display_errors’, ‘1’);[/php]
Also something is not setup right with your sessions in the server. It looks like it’s not saving the session to the correct place. That stuff is beyond my knowledge.

axx81 · July 18, 2013, 10:09pm

i am so confused man i dont understand why this is wrong if you remove the error reporting and insert the header isnt it anybody that can explain what i have done wrong?