MySQL Forums
Cookies and Sessions
Posted by: Dan Hardy ()
Date: November 14, 2008 10:46AM
HI,
I have succesfully set up my login and register elements in my site and it links to the database perfectly. However, I have a members area page where the users sign in. The user can log in fine. At the moment if a logged in user clicks back on the members area page, they are prompted to log in again. Therefore it forgets the user as I have no sessions in place. Here is the code for my Login.php and register.php pages.
Login.php:
<?php
$dbhost = "localhost";
$dbname = "wyrleyjuniors";
$dbuser = "root";
$dbpass = "";
mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());
session_start();
$username = $_POST['username'];
$password = md5($_POST['password']);
$query = "select * from users where username='$username' AND password='$password'";
$result = mysql_query($query);
if (mysql_num_rows($result) != 1) {
$error = "Bad Login";
include "WyrleyJuniorsDatabaseLogin.html";
} else {
$_SESSION['username'] = "$username";
include "memberspage.php";
}
setcookie("username", $row_user['username'], time()+36000);
setcookie("password", $row_user['password'], time()+36000);
?>
....And the Register.php page:
<?PHP
session_start();
//Database Information
$dbhost = "localhost";
$dbname = "wyrleyjuniors";
$dbuser = "root";
$dbpass = "";
//Connect to database
mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());
$name = $_POST['name'];
$email = $_POST['email'];
$username = $_POST['username'];
$password = md5($_POST['password']);
// lets check to see if the username already exists
$checkuser = mysql_query("SELECT username FROM users WHERE username='$username'");
$username_exist = mysql_num_rows($checkuser);
if($username_exist > 0){
echo "<b>I'm sorry but the username you specified has already been taken. Please pick another one.</b>";
unset($username);
include 'WyrleyJuniorsDatabaseRegister.html';
exit();
}
// lf no errors present with the username
// use a query to insert the data into the database.
$query = "INSERT INTO users (name, email, username, password)
VALUES('$name', '$email', '$username', '$password')";
mysql_query($query) or die(mysql_error());
mysql_close();
echo "<b>You have successfully Registered";
?>
As you can see I have tried to set cookies in the login script. Is this in the wrong place, wrong code altogether?
Any ideas on how I can reach my aim? I'm sure it's fairly simple to achieve but I'm new and learning :)
Thanks in advance
Dan
I have succesfully set up my login and register elements in my site and it links to the database perfectly. However, I have a members area page where the users sign in. The user can log in fine. At the moment if a logged in user clicks back on the members area page, they are prompted to log in again. Therefore it forgets the user as I have no sessions in place. Here is the code for my Login.php and register.php pages.
Login.php:
<?php
$dbhost = "localhost";
$dbname = "wyrleyjuniors";
$dbuser = "root";
$dbpass = "";
mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());
session_start();
$username = $_POST['username'];
$password = md5($_POST['password']);
$query = "select * from users where username='$username' AND password='$password'";
$result = mysql_query($query);
if (mysql_num_rows($result) != 1) {
$error = "Bad Login";
include "WyrleyJuniorsDatabaseLogin.html";
} else {
$_SESSION['username'] = "$username";
include "memberspage.php";
}
setcookie("username", $row_user['username'], time()+36000);
setcookie("password", $row_user['password'], time()+36000);
?>
....And the Register.php page:
<?PHP
session_start();
//Database Information
$dbhost = "localhost";
$dbname = "wyrleyjuniors";
$dbuser = "root";
$dbpass = "";
//Connect to database
mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error());
mysql_select_db($dbname) or die(mysql_error());
$name = $_POST['name'];
$email = $_POST['email'];
$username = $_POST['username'];
$password = md5($_POST['password']);
// lets check to see if the username already exists
$checkuser = mysql_query("SELECT username FROM users WHERE username='$username'");
$username_exist = mysql_num_rows($checkuser);
if($username_exist > 0){
echo "<b>I'm sorry but the username you specified has already been taken. Please pick another one.</b>";
unset($username);
include 'WyrleyJuniorsDatabaseRegister.html';
exit();
}
// lf no errors present with the username
// use a query to insert the data into the database.
$query = "INSERT INTO users (name, email, username, password)
VALUES('$name', '$email', '$username', '$password')";
mysql_query($query) or die(mysql_error());
mysql_close();
echo "<b>You have successfully Registered";
?>
As you can see I have tried to set cookies in the login script. Is this in the wrong place, wrong code altogether?
Any ideas on how I can reach my aim? I'm sure it's fairly simple to achieve but I'm new and learning :)
Thanks in advance
Dan
| Subject | Written By | Posted |
|---|---|---|
| Cookies and Sessions | Dan Hardy | 11/14/2008 10:46AM |
| Re: Cookies and Sessions | Randy Clamons | 11/14/2008 12:40PM |
Sorry, you can't reply to this topic. It has been closed.
© 1995-2008 MySQL AB, 2008- Sun Microsystems, Inc.