Writing And Testing My Own Login Script [solved]

[Eggie 0]

i dont know why but there is nothing in my $_SESSION['login']

<?phpinclude("style.css");include("config.php");// username and password sent from signup form$myusername=$_POST['myusername'];$mypassword=$_POST['mypassword'];$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";$result=mysql_query($sql);// Mysql_num_row is counting table row$count=mysql_num_rows($result);// If result matched $myusername and $mypassword, table row must be 1 rowif($count==1){// Register $myusername, $mypassword and redirect to file "login_success.php"$_SESSION['login'];$_SESSION['views'] = $_POST['myusername'];header("location:login_success.php");}else {echo "Wrong Username or Password";}?>

since this is the code...something's wrong with rows
Edited February 21, 2008 by Eggie (see edit history)

[iGuest 3]

1:You have <title>Race</title> before your PHP session/headers, this means the headers will already be sent and you were too late to start a session. Usually caching a page before it's sent can solve this, or just move the title below the PHP code.2:Including a CSS stylesheet, I don't know what's inside here, but if it's plain text use HTML to include the stylesheet or if it's PHP, give it a PHP extension, else it'll be treated just like plain text.e.g. <link href="path/to/style.css" rel="stylesheet" type="text/css" />3:session_start() must appear before any other PHP operation unless page caching is done, but you should learn to always do it first.4:session_is_registered() takes a string, you are using a constant called myusername which may or may not be what you want, e.g. you might want to do if(!session_is_registered('myusername'))5:failed to check if $_GET['action'] is set before using it, you should do:if(!empty($_GET['action']) && $_GET['action'] == 'race')6:failed to check if $_POST['bike'] exists, undefined variables can cause undesirable results, always insure they are set before using them.if(!empty($_POST['bike'])) { $asa = $_POST['bike'];}else { echo '<p>You did not select a bike!</p><p>Click <a href="race.php">HERE</a> to go back</p>'; exit;}I know there will be more problems, but I don't have time to go through the whole thing at the moment so I'll leave it as this for now.Cheers,MC

[yordan 10]

By the way, I changed the topic title, the old one ("Login") was not clear enough. The new title should be more representative of the problem statement and the solutions found.

[Feelay 0]

Sorry. My fault. Try this code:

<?phpinclude("style.css");include("config.php");// username and password sent from signup form$myusername=$_POST['myusername'];$myusername=mysql_real_escape_string($myusername);//I added this to make your script a little more safe$mypassword=$_POST['mypassword'];$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";$result=mysql_query($sql);// Mysql_num_row is counting table row$count=mysql_num_rows($result);// If result matched $myusername and $mypassword, table row must be 1 rowif($count==1){// Register $myusername, $mypassword and redirect to file "login_success.php"$_SESSION['login'] =$myusername; //I added "=$myusername, so that the session can recognize you"$_SESSION['views'] = $_POST['myusername'];header("location:login_success.php");}else {echo "Wrong Username or Password";}?>

Try it. It Should Work.

//Feelay
Edited February 23, 2008 by Feelay (see edit history)

[Eggie 0]

hey man...sorry i already solved it and it works fine...
sorry for not posting so you can mark it [sOLVED]
if you wanna see the game i'm making go to MY GAME
i will put it on this server when i finish it
thanx for the help feelay

[yordan 10]

so you can mark it [sOLVED]

OK, I did it. By the way, you can olso do it by yourself : just click the "Edit" button on the topic stater post, and you can change the title ...Yordan