warning: session_start()
Aljosa Spanger
aljosa.spanger at siol.net
Thu Jul 15 11:50:05 CEST 2004
Zivijo,
za prijavo na stran sem uporabil php skripto na spodnji strani;
--> http://www.free2code.net/tutorials/programming/php/4/phplogin.php <--
*
oz.
************************
*chech_login.php*
<?php
/* check login script, included in db_connect.php. */
session_start();
if (!isset($_SESSION['username']) || !isset($_SESSION['password'])) {
$logged_in = 0;
return;
} else {
// remember, $_SESSION['password'] will be encrypted.
if(!get_magic_quotes_gpc()) {
$_SESSION['username'] = addslashes($_SESSION['username']);
}
// addslashes to session username before using in a query.
$pass = $db_object->query("SELECT password FROM users WHERE username
= '".$_SESSION['username']."'");
if(DB::isError($pass) || $pass->numRows() != 1) {
$logged_in = 0;
unset($_SESSION['username']);
unset($_SESSION['password']);
// kill incorrect session variables.
}
$db_pass = $pass->fetchRow();
// now we have encrypted pass from DB in
//$db_pass['password'], stripslashes() just incase:
$db_pass['password'] = stripslashes($db_pass['password']);
$_SESSION['password'] = stripslashes($_SESSION['password']);
//compare:
if($_SESSION['password'] == $db_pass['password']) {
// valid password for username
$logged_in = 1; // they have correct info
// in session variables.
} else {
$logged_in = 0;
unset($_SESSION['username']);
unset($_SESSION['password']);
// kill incorrect session variables.
}
}
// clean up
unset($db_pass['password']);
$_SESSION['username'] = stripslashes($_SESSION['username']);
?>
******************************
*_napaka po zagonu login.php_*
*login.php*
<?php
// database connect script.
require 'db_connect.php';
if($logged_in == 1) {
die('You are already logged in, '.$_SESSION['username'].'.');
}
?>
<html>
<head>
<title>Login</title>
</head>
<body>
<?php
if (isset($_POST['submit'])) { // if form has been submitted
/* check they filled in what they were supposed to and authenticate */
if(!$_POST['uname'] | !$_POST['passwd']) {
die('You did not fill in a required field.');
}
// authenticate.
if (!get_magic_quotes_gpc()) {
$_POST['uname'] = addslashes($_POST['uname']);
}
$check = $db_object->query("SELECT username, password FROM users
WHERE username = '".$_POST['uname']."'");
if (DB::isError($check) || $check->numRows() == 0) {
die('That username does not exist in our database.');
}
$info = $check->fetchRow();
// check passwords match
$_POST['passwd'] = stripslashes($_POST['passwd']);
$info['password'] = stripslashes($info['password']);
$_POST['passwd'] = md5($_POST['passwd']);
if ($_POST['passwd'] != $info['password']) {
die('Incorrect password, please try again.');
}
// if we get here username and password are correct,
//register session variables and set last login time.
$date = date('m d, Y');
$update_login = $db_object->query("UPDATE users SET last_login =
'$date' WHERE username = '".$_POST['uname']."'");
$_POST['uname'] = stripslashes($_POST['uname']);
$_SESSION['username'] = $_POST['uname'];
$_SESSION['password'] = $_POST['passwd'];
$db_object->disconnect();
?>
<h1>Logged in</h1>
<p>Welcome back <?php echo $_SESSION['username']; ?>, you are logged in.</p>
<?php
} else { // if form hasn't been submitted
?>
<h1>Login</h1>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table align="center" border="1" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td>
<input type="text" name="uname" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="passwd" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>
</body>
</html>
**********************
Warning*: session_start(): Cannot send session cookie - headers already
sent by (output started at /var/www/login.php:2) in
*/var/www/check_login.php* on line *5
*
*Warning*: session_start(): Cannot send session cache limiter - headers
already sent (output started at /var/www/login.php:2) in
*/var/www/check_login.php* on line *5
*Kar se tice napake sem ze po googlal vendar povsod pise, da je problem
ker session_start(); zacne za html in ne pred oziroma je kak prazen
prostor, vendar za moj primer to ne velja.*
*Ce ima kdo kaksno idejo bi je bil zelo hvalezen.
LP
Aljosa*
*
More information about the lugos-list
mailing list