www.webdeveloper.com
Results 1 to 4 of 4

Thread: Get "Array()" when I login.

Hybrid View

  1. #1
    Join Date
    Oct 2010
    Posts
    17

    Get "Array()" when I login.

    This is the site:

    http://www.protaxlink.com/login.php

    user: john@doe.com pass: 123456789

    I cant login. I read somewhere that I have an empty array, but dont know where.


    Login Page:

    Code:
    <?php
    require('config.php');//for db connectivity
    $message= $_GET['message'];
    //hey file, look at url, is there a var called 'message'? if yes, grab it.
    if (!isset($_SESSION)){
    	session_start();
    	//if session hasnt started-start one.
    	//if we are already in session-resume it.
    }//end if
    
    if (isset($_POST['user_email'])) {
    	//was the form submitted? time to process!
    	$user_email=$_POST['user_email'];
    	$user_password=$_POST['user_password'];
    	//grab what the user filled in the boxes
    mysql_select_db($database, $makeconnection);
    //establish connection with db
    
    $Login_query="Select user_email, user_password 
    From user_tbl
    Where user_email='$user_email'
    AND user_password='$user_password'";
    //bring me email+password of any row that matches this email+password. we expect 0 rows or 1
    
    $LoginRS = mysql_query($Login_query, $makeconnection);
    //press send
    
    $loginFoundUser = mysql_num_rows($LoginRS);
    //count the rows found
    
    if ($loginFoundUser>0){
    	//was a match found? at least 1? GOOOD! let him in.
    $_SESSION['session_user_email'] = $user_email;
    $_SESSION['session_user_password'] = $user_password;
    //into the sessin array, push his email+password
    $_SESSION['session_start'] = time();
    //push into the array the time logged in.
    header("Location: free-trial.php");
    //take user to the restricted page
    }else{
    	header("Location: login.php?message=loginfailed");
    	//reload this page with error message
    }//end of else
    }//end of isset post email
    ?>
    Free-Trail Page (this is where user should go after login)

    Code:
    <?php
    session_start(); print_r($_SESSION); 
    $now=time();//grab the time now
    //if (!isset($_SESSION)) {
    	session_start();//start a session or resume one.
    //}
    if (!isset($_SESSION['session_user_email']) || 
    $now - $_SESSION['session_start']>60*60){	//if there isnt in the session an item called 'session_user_email' that means the user didnt come from login. OR if the login time is older than _______
    ///////////////////////////////////////////////////////////
    ////////// code for setting a timeout in session //////////
    ////	if (!isset($_SESSION['session_user_email']) || ////
    //// $now - $_SESSION['session_start']>30){ ///////////////
    ////////// code for setting a timeout in session //////////
    ///////////////////////////////////////////////////////////
    	header('Location:login.php');
    	//kick them out of here, send to login
    	exit;//stop rendering this page
    }//end of if
    ?>
    I added ---->> session_start(); print_r($_SESSION); to see what the problem was, but I'm confused... I don't understand where the problem is. Need help.

  2. #2
    Join Date
    Nov 2010
    Posts
    66
    1# On your first page you are passing the username and password right into a query. Even with sql safe quotes enabled in php ini I still would not do that (sql injection protection)
    2# You only need to call "session_start();" once per page.
    3# Why not echo out some debug code on your second page? For example if login works, you echo out 'logged in', then add an else for 'not logged in'. Personally id auto redirect to login page if session is not set, but if session time is expired id give the user a timeout error. That will help tell you more as a programmer whats going on, but it also makes more sense based on a users perspective.

  3. #3
    Join Date
    Oct 2010
    Posts
    17
    Thanks for your response!

    I appreciate your help and feedback. I got it to work..

  4. #4
    Join Date
    Oct 2010
    Posts
    17
    Spoke too soon. I get a login if I put the "else" the session time, but then it doesn't logout.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles