[WEBSITE SCRIPT] Help ;)

~~Hesorio1u~~ · 10/04/2012, 00:48

Hello elitepvpers,

ET: I created my website with index.php, downloads.php, register php, forum.php contact.php but the problem is! How can i stay logged into a site IF I switch another .php page?

Some pictures:

1.

----> I logged into site!
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
2.

----> Tryed a switch page!
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
3.

----> Automatically LOGOUT afther switched page!

- I saw on Eterniagames and other PS sites, they have only index.php with all scripts in one .php
- But i can't understand how to Do it?
- Any explain, suggestions or maybe help?

Thanks u if u understand my problem.

janvier123 · 10/04/2012, 06:36

Quote:

session_start() creates a session or resumes the current one based on a session identifier passed via a GET or POST request, or passed via a cookie.

When session_start() is called or when a session auto starts, PHP will call the open and read session save handlers. These will either be a built-in save handler provided by default or by PHP extensions (such as SQLite or Memcached); or can be custom handler as defined by session_set_save_handler(). The read callback will retrieve any existing session data (stored in a special serialized format) and will be unserialized and used to automatically populate the $_SESSION superglobal when the read callback returns the saved session data back to PHP session handling.

~~Hesorio1u~~ · 10/04/2012, 14:13

Thanks javnier,

but where session must started and deystoyed?

Here is script:

Quote:

$CONFIG['host'] = "X.XX.XXX.XX";
$CONFIG['user'] = "sa";
$CONFIG['pass'] = "1234";
$CONFIG['conn'] = mssql_connect( $CONFIG['host'], $CONFIG['user'], $CONFIG['pass']);

function anti_injection($sql) {
$sql = preg_replace(sql_regcase("/(from|select|insert|delete|where|drop table|show tables|#|\*|--|\\\\)/"),"",$sql);
$sql = trim($sql);
$sql = strip_tags($sql);
$sql = addslashes($sql);
return $sql;
}

if(isset($_GET['action']) && ($_GET['action'] == "login")){

$user = anti_injection($_POST['user']);
$pass = anti_injection($_POST['pass']);
$crypt_pass = md5($pass);

$result1 = mssql_query("SELECT * FROM account.dbo.user_profile WHERE user_id = '".$user."'");
$count1 = mssql_num_rows($result1);

$result2 = mssql_query("SELECT user_pwd FROM account.dbo.user_profile WHERE user_id = '".$user."'");
$row2 = mssql_fetch_row($result2);

$userno = mssql_query("SELECT user_no FROM account.dbo.user_profile WHERE user_id = '".$user."'");
$row5 = mssql_fetch_row($userno);

$coins = mssql_query ("SELECT amount FROM cash.dbo.user_cash WHERE user_no = '".$row5[0]."'");
$row6 = mssql_fetch_row($coins);

if($count1 == '0') {
echo '<br>';
echo '<br>';
echo 'This game account is not' ;
echo '<br>';
echo 'founded in the database ';
echo '<br>';
echo '<a href="index.php">Try again!</a>';
}
elseif($row2[0] != $crypt_pass) {
echo '<br>';
echo '<br>';
echo 'Wrong password. ';
echo '<br>';
echo '<a href="index.php">Try again!</a>';
}
elseif($_GET['login'] != 'login' && $count1 == '0') {
echo '<br>Login Error, Please login again.';
} else {

$_SESSION['user'] = $user;
$_SESSION['coins'] = $coins;
$_SESSION['userno'] = $userno;

echo "<h3>Welcome, ".$_SESSION['user']."</h3>";
echo "<br>";
echo "DK coins: <span style='color: orange;'> ".$row6[0]."";
echo '<img src="img/gold.png" alt="" width="13" height="14" />';
echo '<a href="index.php"> (Buy more)</a> ';
echo '<br>- - - - - - - - - - - - - - - - - - </br>';
echo '<a href="reborn.php">REBORN SYSTEM</a> | <a href="votenow.php">VOTE</a>';
echo '<form id="form1" method="post" action="index.php">
<p>         &n bsp;       &nbs p;  <input type="submit" name="Logout" id="Logout" value="Logout account" /></p>
</form>';
}
} else {

echo '<h2> </h2>
<form name="" action="'.$_SERVER['php_self'].'?action=login" method="post">' ;
echo '<tr><td style="height: 15px; padding-left: 30px;" width="130"><input type="text" name="user" maxlength="12" size="20" class="i" value="Username" OnClick="this.value=\'\'"></td></tr>';

echo '<tr><td style="height: 15px; padding-left: 30px;"><input type="password" name="pass" class="i" value="Password" maxlength="12" size="20" OnClick="this.value=\'\'"><input type="hidden" ></td></tr>';
echo'

    <input type="submit" value="Login account"> ';
echo '<br>';
echo '</form>';

?>

janvier123 · 10/04/2012, 16:41

no where, you need to start it
and mostly destroyed at logout page

~~Hesorio1u~~ · 10/04/2012, 17:21

Ok i started and this error shows me:

Can u modify that script below i posted?

Decima · 10/04/2012, 19:22

session_start() must be the first function called in w/e script you plan on using session in.

~~Hesorio1u~~ · 10/04/2012, 23:28

Ok, i made session_start() first fuction, its pretty works without errors. But still same. I try switch .php page! Also i putted session_destory on logout button... also not works... Any diffrent solutions? Please.

Decima · 10/05/2012, 00:32

EVERY page where you are using ANY SESSION variables at all, must begin with session_start();, it must be the first function on each page, before anything else, before config vars, before html, before anything.

janvier123 · 10/05/2012, 06:51

Quote:

Originally Posted by Decima

EVERY page where you are using ANY SESSION variables at all, must begin with session_start();, it must be the first function on each page, before anything else, before config vars, before html, before anything.

but after <?php

Example

PHP Code:


			
<?php

session_start();

~~Hesorio1u~~ · 10/06/2012, 17:19

Yes janvier and Decima, i added on every my page that command

PHP Code:

Quote:

<?php
session_start();

But that still not working yet, i think i need vizual help.
Sorry, Reply if u have ideas, If i need unpload files to check problems , ill do it

- - Of course if you have time

-- Thanks Anyway --

janvier123 · 10/07/2012, 00:04

send me all your files, and ill have a look

~~Hesorio1u~~ · 10/07/2012, 14:59

Oki, i'll send files in private message box.