Home/ Questions/Q 8876591
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-14T19:14:50+00:00

Many people may use a PHP mySQL function for login sections for a website

  • 0

Many people may use a PHP mySQL function for login sections for a website

I am trying to use this code;

ON EACH CONTENT PAGE – TO CHECK IF LOGGED IN (in the header of every content page)

<?php
session_start();
if(! isset($_SESSION["myusername"]) ){
header("location:main_login.php");
}
?>
<html>
<body>
Page Content Here
</body>
</html>

THE LOGIN SCRIPT (which is referred to by my main_login.php page)

<?php

ob_start();
$host="ClubEvents.db.9606426.hostedresource.com"; // Host name 
$username="ClubEventsRead"; // Mysql username 
$password="Pa55word!"; // Mysql password 
$db_name="ClubEvents"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// Define $myusername and $mypassword 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
ob_end_flush();
?>

THE LOGOUT CODE

<?
session_start();
session_destroy();

header("location:main_login.php");
exit();
?>

MAIN_LOGIN.php

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
<?php
phpinfo()
?>

but something isnt working, the page login_success.php should only be accessable when logged in, so either the logout isnt working, or, the login_success.php check isnt working. But I don’t know how to tell, I have tried playing around with them both, and still no further forward

Regards

Henry

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I have never had a problem with the following: 

    unset($_SESSION[$myusername]);

    The advantage here is that you are only clearing the log in session and can freely store other information in the session if needed because session_destroy() will clear ALL session data.

    EDIT: Looking at your code as well, it’s always sending the user to the login page if the username session is set.

    Change:

    <?php
session_start();
if( isset($_SESSION[$myusername]) ){
header("location:main_login.php");
}
?>

    to (notice the ! before isset). You only want to redirect to the login page when the session isn’t set.

    <?php
session_start();
if(! isset($_SESSION[$myusername]) ){
header("location:main_login.php");
}
?>

    Summary of comments:

    Session[$myusername] changed to Session['myusername'] and the isset check was changed to !isset. This identified the session wasn’t being set in the first place.

    • 0