www.webdeveloper.com
Results 1 to 2 of 2

Thread: Login System

  1. #1
    Join Date
    Jan 2014
    Posts
    1

    Login System

    Hi guys,
    I'm creating a login system and there is one small bug that I am trying to iron out, so any input is appreciated
    Once I log out as a user, I get redirected to my login page like:
    http://localhost:8888/login-form/log...atus=loggedout
    Now that I am logged out, if I try to "bypass" the login page and go straight to the index.php page (without logging in this time), I can still access the "secure" page (..not that secure, and I get the following message:


    Notice: Undefined index: status in /Applications/MAMP/htdocs/login-form/classes/membership.php on line 32

    Warning: Cannot modify header information - headers already sent by (output started at /Applications/MAMP/htdocs/login-form/classes/membership.php:32) in /Applications/MAMP/htdocs/login-form/classes/membership.php on line 33
    You are Logged In User!!!!
    Log Out

    ----

    This is the code in membership.php (please see towards the end I have marked the link 32 where I get the notice & warning message)


    PHP Code:
    require 'mysql.php';

    class 
    Membership

        function 
    validate_user($un$pwd){
            
    $mysql = New Mysql();
            
    $ensure_credentials $mysql->verify_Username_and_Pass($unmd5($pwd));
            
                
    // if credentials returns true, log in to index page
                
    if($ensure_credentials) {
                    
    $_SESSION['status'] ='authorized';
                    
    header("location: index.php");
                   return 
    true;
                } else return 
    "Please enter a correct username and password";
        }

        function 
    log_User_Out() {
             if(isset(
    $_SESSION['status'])){
                     unset(
    $_SESSION['status']);
                     
                      if(isset(
    $_COOKIE[session_name('Mylogin')])){ 
                          
    setcookie(session_name('Mylogin'), ''time() - 1000);
                          
    session_destroy();
                      }
             }
        }
        
        function 
    confirm_Member(){   // This is Line 32 where I am Getting the Notice Error
            
    session_start();
                if(
    $_SESSION['status'] !='authorized') { 
                    
    header("location: login.php");            //////////////// I think that this is the issue, instead this should be returning "True", but what is the syntax?
                
    }
        }


    The code in my login.php page is:

    Code:
    <?php
    ob_start();
    session_start();
    
    require_once 'classes/membership.php';
    $membership = new Membership();
    
    //if clicked on log out link on index page
    if(isset($_GET['status']) && $_GET['status'] == 'loggedout'){
        $membership->log_User_Out();
    }
    
    //validate user
    if($_POST && !empty($_POST['username']) && !empty($_POST['pwd'])){
        $response = $membership->validate_user($_POST['username'], $_POST['pwd']);
    }
    
    
    ?>
    
    
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=uft-8" />
        
        <title>Login</title>
    
           <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script> 
    </head>
    <body>
    <script type="text/javascript">
            
            $(function(){
            
                $('h4.alert').hide().fadeIn(700);
                $('<span class="exit"> X</span>').appendTo('h4.alert');
            
                $('span.exit').click(function(){
                    $(this).parent('h4.alert').fadeOut('slow');
                });
            
            });
            
    </script>
        
        <div id="login">
            
            <form method="post" action="">
                <h2>Login <small>enter your credentials</small></h2>
                <p>
                    <label for="name">Username: </label>
                    <input type="text" name="username" />
                </p>
                    <p>
                    <label for="pwd">Password: </label>
                    <input type="password" name="pwd" />
                </p>
                
                <p><input type="submit" id="submit" value="login" name="submit" /></p>
                
            </form>
            <?php if (isset($response)) echo "<h4 class='alert'>".$response."</h4> "; ?>
            
        </div>
    
    </body>
    </html>

    Any advise please?

    Thanks,
    Michel
    Attached Images Attached Images

  2. #2
    Join Date
    Mar 2007
    Location
    localhost
    Posts
    2,325
    session_start() should be the very first item your page has in all pages that use the sessions object.
    Yes, I know I'm about as subtle as being hit by a bus..(\\.\ Aug08)
    Yep... I say it like I see it, even if it is like a baseball bat in the nutz... (\\.\ Aug08)
    I want to leave this world the same way I came into it, Screaming, Incontinent & No memory!
    I laughed that hard I burst my colostomy bag... (\\.\ May03)
    Life for some is like a car accident... Mine is like a motorway pile up...

    Problems with Vista? :: Getting Cryptic wid it. :: The 'C' word! :: Whois?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles