Hi,
I am trying to get this script (Free Light PHP Script - Free PHP Registration Login System ) working, and I seem to be stuck in an endless loop.
Basically, you are meant to put this at the top of pages you want to protect:
<?php
session_start();
if($_SESSION['isLoged'] != 'yes' || $_SESSION['userName'] == NULL)
{
header("Location: login.php");exit();
}
?>
This loads the log-in box. But even when you enter the correct password and get directed to the initial “secure” page, you are simply presented with the login box again.
Basically, despite “logging in”, the session doesn’t seem to actually start, and the login box will simply keep appearing. I am logging in, and the username and password is recognized, but the session doesn’t seem to start. So, even after logging in, any page with the above code in it remains inaccessible.
I really know next to nothing about php, so really have no way of working this out.
Post the script of the login.php page. There must be something missing on the page. It could be the script isn’t setting the right session variables, but we won’t know until we see the script.
From login.php
<?php
/*
This script was downloaded at:
LightPHPScripts.com
Please support us by visiting
out website and letting people
know of it.
Produced under: LGPL
*/
/* Start session */
if($startSession == TRUE){ session_start();}
/* Config file */
include('config.php');
/* Check for submition */
if($_POST['submitID'] == 1){
/* Connect to database */
if($connectDatabase == TRUE){$action=TRUE;include('connect.php');}
/* sanitize and check info */
$userName = mysql_real_escape_string($_POST['userName'],$dbc);
$password = mysql_real_escape_string($_POST['password'],$dbc);
if($userName == NULL) { $message = 'Please enter username.';}
if($message == NULL && $password == NULL){ $message = 'Please enter password.';}
if($message == NULL)
{
$userQuery = mysql_fetch_row(mysql_query("SELECT COUNT(*) FROM " . $tableName .
" WHERE `" . $userNameField . "`='$userName' AND `" . $userPasswordField . "`='$password'"));
/* If usercount is more than 0 -> ok */
if($userQuery[0] > 0){
/* Disconnect from database */
if($connectDatabase == TRUE){$action=FALSE;include('connect.php');}
$_SESSION['isLoged'] = 'yes';
$_SESSION['userName'] = $userName;
/* add cookies ?*/
/* expire in 1 hour */
if($useCookies == TRUE)
{
setcookie("isLoged", 'yes', time()+logedInFor, "/", ".$domainName", 1);
setcookie("userName", $userName, time()+logedInFor, "/", ".$domainName", 1);
}
/* Redirect to login page */
header("Location: $loginPage");
exit();
} else {
$message = 'Invalid username and/or password!';
}
}
/* Disconnect from database */
if($connectDatabase == TRUE){$action=FALSE;include('connect.php');}
}
?>
<!--
/*
This script was downloaded at:
LightPHPScripts.com
Please support us by visiting
out website and letting people
know of it.
Produced under: LGPL
*/
-->
<?php
/* Display error messages */
if($message != NULL){?>
<table width="100%" border="0" cellpadding="3" cellspacing="0" bgcolor="#FFCCCC">
<tr>
<td><div align="center"><strong><font color="#FF0000"><?=$message;?></font></strong></div></td>
</tr>
</table>
<?php } ?>
<form action="<? echo $_SERVER['PHP_SELF'];?>" method="post" name="login" id="login" style="display:inline;">
<table width="100%" border="1" align="center" cellpadding="5" cellspacing="0" bordercolor="#99CC33">
<tr bgcolor="#99CC99">
<td colspan="2"><div align="center"><strong>Please log in:</strong></div></td>
</tr>
<tr>
<td width="47%"><strong>Username:</strong></td>
<td width="53%"><input name="userName" type="text" id="userName"></td>
</tr>
<tr>
<td><strong>Password:</strong></td>
<td><input name="password" type="password" id="password"></td>
</tr>
<tr>
<td colspan="2"><div align="center"><font face="Georgia, Times New Roman, Times, serif"><strong>
<input name="Submit" type="submit" id="Submit" value="Sign-In">
<input name="submitID" type="hidden" id="submitID" value="1">
</strong></font> </div></td>
</tr>
<tr>
<td colspan="2"><div align="right"><a href="http://lightphpscripts.com" target="_blank"><font size="1">Powered by LPS</font></a></div></td>
</tr>
</table>
</form>
I see that the correct session variables should be getting set. However, I have a couple of concerns. First of all, this line is in there three times and is guaranteed to run twice:
if($connectDatabase == TRUE){$action=TRUE;include(‘connect.php’);}
Trying to include the same page more than once is going to generate an error.
After seeing it, I wonder if your page is generating an error and you aren’t seeing it. Try adding this to the top of the page and see what happens:
error_reporting( -1 );
ini_set('display_errors', 1);
This should force the page to tell you of any errors.
Also, are you sure that $startSession is in fact set to TRUE? If not, sessions won’t get started and those variables will never be set.
Cute_Tink:
First of all, this line is in there three times and is guaranteed to run twice:
if($connectDatabase == TRUE){$action=TRUE;include(‘connect.php’);}
Trying to include the same page more than once is going to generate an error.
Correction: disregard this question.