tags:

views:

70

answers:

2
Q: 

function.session-start is displaying on sign-in-action page with other correct links why so and how to check session for sign-in-action-form 

<?php
session_start();

if(isset($_POST['username']) && ($_POST['password'])) 
{



                $con=mysql_connect("localhost","root","");
                if(!$con)
                {
                die('Could Not Connect:'.mysql_error());
                } 

                mysql_select_db("tcs",$con);

                $usr=$_POST["username"];                 //pick username from login page
                $pwd=hash('sha1',$_POST['password']);    //pick password from login page and use hash algorithm to encrypt it

                $query="select * from employee where Username='$usr' and Password='$pwd'";  //serch that single row in which both r found
                $result=mysql_query($query,$con);


                    if ($result) 
                    {

                                $row=mysql_fetch_array($result);

                        if (($row["Username"]==$usr) && ($row["Password"]==$pwd))
                        {

                                $_SESSION['employee']['id']=$row['User Id'];
                                $_SESSION['employee']['username']=$row['Username'];
                        }       
                        else
                        {
                                echo "Login Not Successfull";
                        }
                    }   
}

else
{
echo 'Error! Username & Password were not sent!';
}

$_SESSION['user_authenticated'] = true;



?>

<html>
<body bgcolor="black">


<?php 
if($_SESSION['user_authenticated']) 
{


                                echo "<font color=red>"."<h3 align=center>"."Welcome ".$_SESSION['employee']['username']."</h3>"."</font>";
                                echo "<br />"."<a href='upload_file.php'>"."<font color='white'>"."<h4>"."Up-Load Files"."</h4>"."<font>"."</a>";
                                echo "<br />"."<br />"."<a href='list_files.php'>"."<font color='white'>"."<h4>"."List All Up-Loaded Files"."</h4>"."<font>"."</a>";

}



?>

</font>
<a  href="logout_file.php"><font color="white"><h3 align="right">Sign Out</h3></font></a>
<font color="white">

</body>
</html>

Ok fine now i am getting the point.But there is one more problem.Suppose i am on signin-action page which have a link of sign out.When i click on sign out button i am re-directed to sign in page.ok no problem but again if i press back button again i am asked to resend the data(even after sign out) and again i am on sign-in-action page why so..It is wrong yar..What to do this.For all other pages like if i click on sign out buttom from upload button->redirected to sign-in and if i press back button it shows u are signed out.I dont know how to check session varibale exit for signinaction

+1  A: 

From the documentation:

Note: To use cookie-based sessions, session_start() must be called before outputing anything to the browser.

Make sure to put session_start() before any output.
You can always create a session whether the user logs in or not. If he logs in then, you just set some flag in the session variables to mark him as logged in (and probably regenerate the session key for security reasons).

<?php 
session_start()

// do all the user authentication here

$_SESSION['user_authenticated'] = true;

// maybe more stuff....
?>

<!-- html stuff -->
<body>
<?php if($_SESSION['user_authenticated']) {
      echo "<font color=red>"."<h3 align=center>"."Welcome ".$_SESSION['employee']['username']."</h3>"."</font>";
      echo "<br />"."<a href='upload_file.php'>"."<font color='white'>"."<h4>"."Up-Load Files"."</h4>"."<font>"."</a>";
      echo "<br />"."<br />"."<a href='list_files.php'>"."<font color='white'>"."<h4>"."List All Up-Loaded Files"."</h4>"."<font>"."</a>"
} ?>

<!-- and so on -->

This is more or less pseudo code but it should give you the right idea.

Felix Kling  2010-01-26 09:08:14
from ur post i just came to know that i should place sesion start on the first line of the page even in sign-in action page..i dont know anything about flegs i just statrted php..so plz elaborate things plz.
Deepak Narwal  2010-01-26 09:57:07
now the problem of displaying function.session-start is overcome.NOw no such function is displaying,but by putting session_start() on first line of sign-in-action-form one problem is created.Every time when i want to go back on this apge from any other page an allert msj comes do u wnat to send request or cancel so when i press re-send then i will move to that page..why so..
Deepak Narwal  2010-01-26 10:32:14
Well this is standard behavior in browsers when you want to go back to a page where you sent post data before.
Felix Kling  2010-01-26 15:59:17
With flag I mean just a variable that just say whether the user is logged in or not.
Felix Kling  2010-01-26 16:00:07
@felixbut this behaviour is not for other links why only for sign-in-action page..in this page i have upload link and in upload i have list file link..so when i move signactionpage->upload->list and then try to come back then this resend alert box is not appered why only for when i move from upload->signinaction..plz check i have placed session_start on the top og this file(in very first line)
Deepak Narwal  2010-01-26 17:30:26
As I said it is this way because you send your login data to `signinaction`. So if you go back to this page (i.e. going back after one page) it ask if you want to resend that data again. You can read about it e.g. http://www.thefutureoftheweb.com/blog/get-redirect-after-post . Please use upper case characters were appropriate, it makes your comments easier to read.
Felix Kling  2010-01-26 17:38:05
@felixOk fine now i am getting the point.But there is one more problem.Suppose i am on signin-action page which have a link of sign out.When i click on sign out button i am re-directed to sign in page.ok no problem but again if i press back button again i am asked to resend the data(even after sign out) and again i am on sign-in-action page why so..It is wrong yar..What to do this.For all other pages like if i click on sign out buttom from upload button->redirected to sign-in and if i press back button it shows u are signed out.I dont know how to check session varibale exit for signinaction
Deepak Narwal  2010-01-26 19:50:24
i am editing the code with new one..
Deepak Narwal  2010-01-26 19:54:32
@Deepak: As the tutorial which I linked to says, you should redirect the user to another page after login. This should contain all information you need: http://www.thefutureoftheweb.com/blog/get-redirect-after-post (and imho this is a new question)
Felix Kling  2010-01-26 20:12:44
A: 

you can check your session for thia page allow include ur session page on every page where u want it..

 2010-01-26 15:55:31

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases