Jump to content
xisto Community
Eggie

Writing And Testing My Own Login Script [solved]

Recommended Posts

i have this error

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/eggie/public_html/race.php:2) in /home/eggie/public_html/race.php on line 5

in every page i have with session start...what's the problem??

<title>Race</title><?phpinclude("style.css");include("config.php");session_start();if(!session_is_registered(myusername)){echo 'Your Session has Expired!';exit;}//If you click race...if ($_GET['action']=='race'){$asa=$_POST['bike'];if(!isset($asa)){echo 'You didn\'t select any bike!';?><br>click <a href=race.php> HERE</a> to go back<?phpexit;}else{$rand=mt_rand(1,2);   if ($_POST['bike']==1) $trub='Derbi Senda 50';if ($_POST['bike']==2) $trub='Honda NS 50 R';if ($_POST['bike']==3) $trub='Suzuki ZR 50';if ($_POST['bike']==4) $trub='Yamaha DT 50 MX';if ($_POST['bike']==5) $trub='Aprilia RS 50';echo'You raced against:';echo $trub;$name=$_SESSION['views'];$res = mysql_query("select * from members where username = '$name'"); $wins1 = mysql_fetch_array($res);$points=$wins1['points'];$wo=$wins1['wins'];$lo=$wins1['lose'];//If random number is equal to 1 than set win +1if($rand==1){?></br><?php$wo++;$points=$points+100;mysql_query("update members set wins=$wo where username = '$name'"); mysql_query("update members set points=$points where username = '$name'"); echo '<br>You won 100 points!'; ?></br><table border="1"><?phpecho'You have total of: ' .$points. ' points!';?></table></br><?php}//else lose +1else {echo'<br><br>You lost!';?><table border="1"><td><?phpecho'You have total of: ' .$points. ' points!';?></td></table><?php$lo++;mysql_query("update members set lose=$lo where username = '$name'"); ?></br><?php}//How many times you won overallecho 'Wins:';echo $wo;?></br><?phpecho'Losses:';echo $lo;//race form?><form name="form3" method="post" action="race.php">	<input type=submit value="Go back">  </form><?phpexit;}}if ($_GET['action']!='race'){?><html><head><script type="text/javascript">	function showpic(o) {		o = parseInt(o);		switch (o)		{		case 1:			imgName='pictures/senda.jpg';break;		case 2:			imgName='pictures/ns.jpg';break;		case 3:			imgName='pictures/zr.jpg';break;		case 4:			imgName='pictures/dt.jpg';break;		case 5:			imgName='pictures/rs.jpg';break;		}		var DivImage = document.getElementById('DivImg');		var DisplayImg = document.getElementById('IdImg');		DisplayImg.src=imgName;		DivImage.style.visibility="visible";	}</script></head><body><form name="form2" method="post" action="race.php?action=race"><table border="1"><td>Who do you wanna race?<br><font size="1">Hint:You get 100 points for racing this class</font></td></table>	<select size=5 name="bike" onchange="showpic(this.options[this.selectedIndex].value)">	<option value="1">Derbi Senda 50</option>	<option value="2">Honda NS 50 R</option>	<option value="3">Suzuki ZR 50</option>	<option value="4">Yamaha DT 50 R</option>	<option value="5">Aprilia RS 50</option>	</select><br>	<input type=submit value=Race>  	<div id="DivImg" style="position:relative;top:-90px;left:150px;z-index:20;width:25px;height:25px;visibility:hidden;text-align:center;"><img id="IdImg"></div></td></tr></form></body></html><?php}?><form method=post action='login_success.php'>						 <input type=submit value='Go to main!'></form>

Share this post


Link to post
Share on other sites

I'm not sure, but judging from your code, this could be caused by not having the session_start() function at the top of the code. Put it to the top and post here with any more issues. Or, it could be that config.php has session_start() already in it and you're having it again, which causes warnings. If all else fails, it dosen't seem much more than a warning, so you could possibly have error_reporting(0); in it, which I believe stops warnings from coming up.

Share this post


Link to post
Share on other sites

i put it up and it's ok...
now i have another problem...
this is my logout script...

<?session_start();session_destroy();?>
and this is another part in other script(login_success)...
if(!session_is_registered(myusername)){header("location:main_login.php");}
when i go to my logout script and after that i go to the "login_success.php" script it just prints out just as i didnt go to my logout script.. what could cause the problem?

EDIT:btw this is my "login_check.php" script

<?phpinclude("style.css");include("config.php");// username and password sent from signup form$myusername=$_POST['myusername'];$mypassword=$_POST['mypassword'];$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";$result=mysql_query($sql);// Mysql_num_row is counting table row$count=mysql_num_rows($result);// If result matched $myusername and $mypassword, table row must be 1 rowif($count==1){// Register $myusername, $mypassword and redirect to file "login_success.php"session_register("myusername");session_register("mypassword");header("location:login_success.php");$_SESSION['views'] = $_POST['myusername'];}else {echo "Wrong Username or Password";}?>

Edited by Eggie (see edit history)

Share this post


Link to post
Share on other sites

I think I know whats wrong.

You have registered a session in a way I've never used. But i checked the php manual, and according to that one, you must unregister registered sessions.

You can do that by typing something like this:

session_unregister("myusername");
You must include this code (and unregister mypassword), in the logout script. here is the link for the phpmanual:
session_unregister php manual

Share this post


Link to post
Share on other sites

I think I know whats wrong.
You have registered a session in a way I've never used. But i checked the php manual, and according to that one, you must unregister registered sessions.

You can do that by typing something like this:

session_unregister("myusername");
You must include this code (and unregister mypassword), in the logout script. here is the link for the phpmanual:
session_unregister php manual
how do you register sessions??can u put it here please??

EDIT:and unregister...please copy those codes here...
Edited by Eggie (see edit history)

Share this post


Link to post
Share on other sites

if($count==1){// Register $myusername, $mypassword and redirect to file "login_success.php"session_register("myusername");session_register("mypassword");header("location:login_success.php");$_SESSION['views'] = $_POST['myusername'];}
This is your code.. Look at this:

session_register("myusername");session_register("mypassword");
This is were you have registered them. now in the logoutscript, you should unregister them.

Share this post


Link to post
Share on other sites

This is your code.. Look at this:This is were you have registered them. now in the logoutscript, you should unregister them.

this is my logout script
<?session_start();session_unregister("myusername");?>

Share this post


Link to post
Share on other sites

You said this is your logout script:

<?session_start();session_destroy();?>
And I said that you should try to change it to this ;):

<?session_start();session_unregister("mypassword");session_unregister("myusername");session_unset();session_destroy();?>

But eggie. remember. as I told You.. I have NEVER ever used session_regiter and session_unregister, so I dont know if I am using session_unregister the right way..

Maybe it is:



<?session_start();session_unregister($mypassword);session_unregister($myusername);session_unset();session_destroy();?>
I don't know. try both.. but I know that the fault is from there.

Share this post


Link to post
Share on other sites

But eggie. remember. as I told You.. I have NEVER ever used session_regiter and session_unregister

thats why i asked u to copy that code where you register and unregister in ur scripts

Share this post


Link to post
Share on other sites
<?phpinclude("style.css");include("config.php");// username and password sent from signup form$myusername=$_POST['myusername'];$mypassword=$_POST['mypassword'];$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";$result=mysql_query($sql);// Mysql_num_row is counting table row$count=mysql_num_rows($result);// If result matched $myusername and $mypassword, table row must be 1 rowif($count==1){// Register $myusername, $mypassword and redirect to file "login_success.php"$_SESSION['login'];header("location:login_success.php");$_SESSION['views'] = $_POST['myusername'];}else {echo "Wrong Username or Password";}?>

Try this. The part I changed was this:

session_register(myusername);session_register(mypassword);

I erased them, and put $_SESSION['login'] Instead.
But now, you will have to change every place where you have:
session_register(myusername);session_register(mypassword);
into
$_SESSION['login'];
even in the login succes and so on. and in your logout.php you will have to change it to:

<?phpsession_start();session_unset();session_destroy();?>

This is the way I do it. It should work.

Edit:

Between.. You should change this in your login_succes.php.

change from:

if(!session_is_registered(myusername)){header("location:main_login.php");}

to:

if(!isset($_SESSION['login'])){header("location:main_login.php");}

If think thats what you wanted or? if the user is not logged in, he will be redirected to main_login.php. if you want the difference, just remove the "!" before "isset". And you will have to write this "if(!isset($_SESSION['login'])){..." instead of "if(!session_is_registered(myusername)){..." in every file that you want to protect.
Edited by Feelay (see edit history)

Share this post


Link to post
Share on other sites

btw...how do you check if the session is registered??that if the session is not registered that it just print out "Session is not registered"

Share this post


Link to post
Share on other sites

very simple :P

<?phpif(isset($_SESSION['login'])){echo "Welcome;) You are logged in";}else{echo "Welcome Guest! You are not logged in";}?>

And you can ofc do it the other way too ;)

<?phpif(!isset($_SESSION['login'])){echo "Welcome Guest! You are not logged in";}else{echo "Welcome;) You are logged in!";}?>

in the last one, if you look carefullt, you will see that I inserted a "!" before i wrote "isset". "!" = not wich means:

If not isset session login, echo welcome guest. you are not loged in, else echo welcome, you are logged in.

in the first one, it would be:

if isset session login, echo welcome. you are logged in, else echo welcome guest. you are not logged in.

Edited by Feelay (see edit history)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.