dcsimg
www.webdeveloper.com
Results 1 to 2 of 2

Thread: Login System

  1. #1
    Join Date
    Jan 2014
    Posts
    2

    Login System

    Hi guys,
    I'm creating a login system and there is one small bug that I am trying to iron out, so any input is appreciated
    Once I log out as a user, I get redirected to my login page like:
    http://localhost:8888/login-form/log...atus=loggedout
    Now that I am logged out, if I try to "bypass" the login page and go straight to the index.php page (without logging in this time), I can still access the "secure" page (..not that secure, and I get the following message:


    Notice: Undefined index: status in /Applications/MAMP/htdocs/login-form/classes/membership.php on line 32

    Warning: Cannot modify header information - headers already sent by (output started at /Applications/MAMP/htdocs/login-form/classes/membership.php:32) in /Applications/MAMP/htdocs/login-form/classes/membership.php on line 33
    You are Logged In User!!!!
    Log Out

    ----

    This is the code in membership.php (please see towards the end I have marked the link 32 where I get the notice & warning message)


    PHP Code:
    require 'mysql.php';

    class 
    Membership

        function 
    validate_user($un$pwd){
            
    $mysql = New Mysql();
            
    $ensure_credentials $mysql->verify_Username_and_Pass($unmd5($pwd));
            
                
    // if credentials returns true, log in to index page
                
    if($ensure_credentials) {
                    
    $_SESSION['status'] ='authorized';
                    
    header("location: index.php");
                   return 
    true;
                } else return 
    "Please enter a correct username and password";
        }

        function 
    log_User_Out() {
             if(isset(
    $_SESSION['status'])){
                     unset(
    $_SESSION['status']);
                     
                      if(isset(
    $_COOKIE[session_name('Mylogin')])){ 
                          
    setcookie(session_name('Mylogin'), ''time() - 1000);
                          
    session_destroy();
                      }
             }
        }
        
        function 
    confirm_Member(){   // This is Line 32 where I am Getting the Notice Error
            
    session_start();
                if(
    $_SESSION['status'] !='authorized') { 
                    
    header("location: login.php");            //////////////// I think that this is the issue, instead this should be returning "True", but what is the syntax?
                
    }
        }


    The code in my login.php page is:

    Code:
    <?php
    ob_start();
    session_start();
    
    require_once 'classes/membership.php';
    $membership = new Membership();
    
    //if clicked on log out link on index page
    if(isset($_GET['status']) && $_GET['status'] == 'loggedout'){
        $membership->log_User_Out();
    }
    
    //validate user
    if($_POST && !empty($_POST['username']) && !empty($_POST['pwd'])){
        $response = $membership->validate_user($_POST['username'], $_POST['pwd']);
    }
    
    
    ?>
    
    
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=uft-8" />
        
        <title>Login</title>
    
           <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script> 
    </head>
    <body>
    <script type="text/javascript">
            
            $(function(){
            
                $('h4.alert').hide().fadeIn(700);
                $('<span class="exit"> X</span>').appendTo('h4.alert');
            
                $('span.exit').click(function(){
                    $(this).parent('h4.alert').fadeOut('slow');
                });
            
            });
            
    </script>
        
        <div id="login">
            
            <form method="post" action="">
                <h2>Login <small>enter your credentials</small></h2>
                <p>
                    <label for="name">Username: </label>
                    <input type="text" name="username" />
                </p>
                    <p>
                    <label for="pwd">Password: </label>
                    <input type="password" name="pwd" />
                </p>
                
                <p><input type="submit" id="submit" value="login" name="submit" /></p>
                
            </form>
            <?php if (isset($response)) echo "<h4 class='alert'>".$response."</h4> "; ?>
            
        </div>
    
    </body>
    </html>

    Any advise please?

    Thanks,
    Michel
    Attached Images Attached Images

  2. #2
    Join Date
    Mar 2007
    Location
    localhost
    Posts
    2,589
    session_start() should be the very first item your page has in all pages that use the sessions object.
    If your post falls off the page, bump it. ...
    Please remember to wrap any code you have in forum tags:-

    [CODE]...[/CODE] [HTML]...[/HTML] [PHP]...[/PHP]

    If you can't think outside the box, you will be trapped forever with no escape...

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles