🔒 Closed PHP code, Using $_session in login page?

daredavil07 · Aug 27, 2018

heto, complete and 100% working (and kasama na rin yung password encryption).
Ikaw na lang maglagay ng validation sa form.

ITO YUNG database TABLE structure ko (dinagdag ko lang yung First Name and Last Name, pampaganda)

Code:

CREATE TABLE `users` (
  `id` int(11) NOT NULL,
  `firstname` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
  `lastname` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
  `username` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
  `encrypted_password` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
  `privilege` tinyint(1) NOT NULL
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;

ITO YUNG login in page (isang FORM para sa login, at isang FORM para sa creation ng new user)
Filename ko lang "index.php"

Code:

<?php
session_start();

/**
* Database connection
*/
define('SERVER', "localhost");
define('USERNAME', "root");
define('PASSWORD', "root");
define('DATABASE', "crud_db");
$connection = new mysqli(SERVER,USERNAME,PASSWORD,DATABASE);

if($connection->connect_error){
    die("Connection failed: " . $conn->connect_error);
} else {
    $_GLOBALS['dbcon'] = $connection; //optional style
    echo "Connected successfully";
}
/** end of database connection **/

/**
* This code will insert a new user into the database
* Take note of the password_hash (it encrypt password before storing to database)
*/
if(isset($_POST['createuser'])){
    $firstName = $_POST['firstname'];
    $lastName = $_POST['lastname'];
    $username = $_POST['username'];
    $password = $_POST['password'];

    //encryption option 1 (PHP 5.5)
    $password = password_hash($password,PASSWORD_DEFAULT);

    //encryption option 2 (PHP 5.5)
    //$password = password_hash($password,PASSWORD_BCRYPT, ['cost'] => 10);

    $query = "INSERT INTO users (firstname,lastname,username,encrypted_password) ";
    $query .= "VALUES ('$firstName','$lastName','$username','$password')";
    $result = mysqli_query($connection,$query);
}
/** end of user creation/insertion **/


/**
* Logging in prompt
* To test.
*/
if(isset($_POST['login'])){
    $username = $_POST['username'];
    $password = $_POST['password'];
    $query = "SELECT * FROM users WHERE username='$username' ";
    $result = mysqli_query($connection, $query);

    if($result){
        while($row=mysqli_fetch_assoc($result)){
            if( password_verify($password,$row['encrypted_password']) ){
                $_SESSION['username'] = $row['username'];
                $_SESSION['privilege'] = $row['privilege'];
                header("Location: main.php");
            }
        }
 
    }
}

?>
<!DOCTYPE html>
<html>
<head>
    <title>Login page</title>
</head>
<body>

    <p>Log in:</p>
    <form action="index.php" method="POST">
        USERNAME:<input type="text" name="username">
        <br>
        PASSWORD:<input type="password" name="password">
        <br>
        <input type="submit" name="login">
    </form>

<br><br>

    <p>Create User:</p>
    <form action="index.php" method="POST">
        First Name<input type="text" name="firstname">
        <br>
        Last Name<input type="text" name="lastname">
        <br>
        Username<input type="text" name="username">
        <br>
        Password:<input type="password" name="password">
        <br>
        <input type="submit" name="createuser">
    </form>


</body>
</html>

ITO NAMAN yung redirection page KUNG valid yung user name ang password (header location page)
Para lang ma-test kung nakukuha niya yung username and rights from database.
Filename ko "main.php"

Code:

<?php
session_start();
echo 'Welcome, ' . $_SESSION['username'];
echo '<br>';
echo 'You have level '. $_SESSION['privilege'] . ' rights.';
?>

<!DOCTYPE html>
<html>
<head>
    <title></title>
</head>
<body>

</body>
</html>

***TAKE NOTE: session_start() needs to be ALWAYS on the very top of the code. Siya lagi yung unang unang code. Kung hindi, hindi gagana ang session.
***Ikaw na lang maglagay ng validation sa HTML form at saka sa php code.

***INVITATION KO SA LAHAT****
JOIN "SeriouslyJava" group kung gusto matuto ng Java Object Oriented Programming...lalo na kung nangangamote kayo sa Java.

Hi Sir codyscott , sinubukan ko rin po ito sir..medyo na lula lang ako..

Ito lang po muna ginamit ko para masubukan lang yung session rights:

Login Page:

Code:

<html>
<body>
        <form method="post" action="#">
        <strong>Username: </strong><input type="text" id="user" name="user" placeholder="Enter here.."/><br>
        <strong>Password: </strong><input type="password" id="pass" name="pass" placeholder="Enter here.."/><br><br>     
        <input type="submit" id="submit" name="submit" value="Login" class="button"/> 
        </form>
        </div>                     

<?php
session_start();

$conn = mysqli_connect("localhost", "root", "", "account");
if (mysqli_connect_errno())
  {
  echo "Failed connecting to database: " . mysqli_connect_error();

}

if(isset($_POST['submit'])){
    $user = $_POST['user'];
    $pass = $_POST['pass'];
    $query = "SELECT * FROM log WHERE user='$user' ";
    $result = mysqli_query($conn, $query);

    if($result){
        while($row=mysqli_fetch_assoc($result)){
            if( password_verify($pass,$row['pass']) ){
                $_SESSION['user'] = $row['user'];
                $_SESSION['rights'] = $row['rights'];
                header("Location: main.php");
            }
        }
 
    }
}
?>
</body>
</html>

main.php

Code:

<?php
session_start();
error_reporting(0);
$rights=$_SESSION['rights'];
$user=$_SESSION['user'];
//if($user==true){
?>
<!DOCTYPE html>
<html>
<body>       
        <strong style="color: blue;">Username: </strong><?php echo $_SESSION['user']; ?></br>
        <strong style="color: blue;">Rights: </strong><?php echo $_SESSION['rights']; ?>
</body>
</html>

Ano kaya problema nito Sir.

daredavil07 · Aug 27, 2018

Phcmjal said:
sundan mo to eto lahat need mo dadagdagan mo nalang username lang eecho nito

You do not have permission to view the full content of this post. Log in or register now.

sa part ng session.php

mag add ka sa baba nito

$login_session = $row['username'];
$right= $row['right'];

$row['username']; = dibale ung username na word yan dapat nasa database mo kung usto mo mag add
$row['name na gusto mo add']; = sample fname or lname tapos sa part ng

welcome.php

<h1>Welcome <?php echo $login_session; pede ka dito mag add
echo $fname;

?></h1>

dibale username at fname lalabas jan depende sa gusto mo na nasa database

Hello Sir Phcmjal , kakasubok kulang sir..at nagdagdag po ako ng para sa 'rights', yung 'user' lang po na pickup nya..

the_flash · Aug 27, 2018

daredavil07 said:

Hello Sir bluesharkboy_05 , sinubukan ko po sir..at nag update ng kunting

Code:

mysql

to

Code:

mysqli

kasi nagka-error sakin.. Makapag-echo naman po ng 'user', pero di parin po kasama yung 'rights'.

Login Page:

Code:

<html>
<body>
        <form method="post" action="#">
        <strong>Username: </strong><input type="text" id="user" name="user" placeholder="Enter here.."/><br>
        <strong>Password: </strong><input type="password" id="password" name="pass" placeholder="Enter here.."/><br><br>  
        <input type="submit" id="submit" name="submit" value="Login" class="button"/>
        </form>
        </div>                  


<?php
session_start();
$conn = mysqli_connect("localhost", "root", "", "account");
if (mysqli_connect_errno())
  {
  echo "Failed connecting to database: " . mysqli_connect_error();
  }

$error = "";

if(isset($_POST["submit"]))
{
if(empty($_POST["user"]) || empty($_POST["pass"]))
{
$error = "both fields are required.";
}else
{

    $user = $_POST['user'];
    $pass = $_POST['pass'];


mysqli_connect("localhost", "root", "", "account") or die ("Could not connect: " . mysqli_error()); //Updated due to 'Fatal error:call to undefined function mysql_connect'
     $result= mysqli_query("SELECT rights FROM log");
 while($row = mysqli_fetch_array($result,MYSQLI_NUM)){
      echo $row[0];
       $_SESSION['rights']=$row[0];
 }
   
    $query = mysqli_query($conn, "SELECT * FROM account.log WHERE user = '$user' and pass = '$pass' ");
    session_start();
    $rows = mysqli_num_rows($query);
 
    if ($rows >= 1 ){
 
    $_SESSION['user']=$user;


        header("Location: main.php");

 
       }
    else
    {
     echo "<script>
     alert('Username & Password Incorrect!');
     window.location.href='log-out.php';
     </script>";
        }
    }
}
?>

</body>
</html>

main.php

Code:

<?php
session_start();
error_reporting(0);
$rights=$_SESSION['rights'];
$user=$_SESSION['user'];
//if($user==true){
?>
<!DOCTYPE html>
<html>
<body>    
        <strong style="color: blue;">Username: </strong><?php echo $_SESSION['user']; ?></br>
        <strong style="color: blue;">Rights: </strong><?php echo $_SESSION['rights']; ?>
</body>
</html>

View attachment 444781
Di ako sure sir bakit ayaw lumabas ng 'rights' sakin, si 'user' lang..

hindi mo naman sinunod yung buong binigay ko anyways, eto nalang download mo yang dalawang file then okay na

wala ka na papalitan diyan ha You do not have permission to view the full content of this post. Log in or register now.

Phcmjal · Aug 27, 2018

Send mo nga sakin ung buong file mo eedit ko

Phcmjal · Aug 27, 2018

eto inedit ko ung post mo

Code:

<?php
session_start();
include("connect.php");

$error = "";

if(isset($_POST["submit"]))
{
if(empty($_POST["user"]) || empty($_POST["pass"]))
{
$error = "both fields are required.";
}else
{
    $user = $_POST['user'];
    $password = $_POST['pass'];
        
    $query = mysqli_query($conn, "SELECT * FROM account.log WHERE user = '$user' and pass = '$pass' ");
    
    $rows = mysqli_num_rows($query);
  
    if ($rows == 1 ){
    $_SESSION['user'] = $row["user"];
    $_SESSION['rights'] = $row["rights"];
        header("Location: main.php");
        }
    else
    {
     echo "<script>
     alert('Username & Password Incorrect!');
     window.location.href='log-out.php';
     </script>";
        }
    }
}
?>

pag mag echo ka ganito

echo $_SESSION['user'];
echo $_SESSION['rights'];

daredavil07 · Aug 27, 2018

bluesharkboy_05 said:
hindi mo naman sinunod yung buong binigay ko anyways, eto nalang download mo yang dalawang file then okay na wala ka na papalitan diyan ha You do not have permission to view the full content of this post. Log in or register now.

View attachment 444820
View attachment 444821
View attachment 444822
View attachment 444823
View attachment 444824

Hello Sir bluesharkboy_05 , opo sir. Di ko po masunod kasi ayaw po tanggapin sir, pati yung na download ko na bigay mo sir, may error po na lumabas sakin sir na

Fatal error: Uncaught Error: Call to undefined function mysql_connect()

.

Sa line po na

HTML:

mysql_connect("localhost", "root", "")

Naghanap po ako ng sagot bakit ganun, at may nakita akong ganito sir:

Yung ginagamit ko po is

XAMPP Version 7.2.8

, ito po yung na download ko last week..

the_flash · Aug 27, 2018

ay

daredavil07 said:
Hello Sir bluesharkboy_05 , opo sir. Di ko po masunod kasi ayaw po tanggapin sir, pati yung na download ko na bigay mo sir, may error po na lumabas sakin sir na .

View attachment 444915
Sa line po na

HTML:

mysql_connect("localhost", "root", "")

Naghanap po ako ng sagot bakit ganun, at may nakita akong ganito sir:

View attachment 444919

Yung ginagamit ko po is , ito po yung na download ko last week..

hehehe sige wait update ko muna xampp ko sensya na

daredavil07 · Aug 27, 2018

bluesharkboy_05 said:
ay

hehehe sige wait update ko muna xampp ko sensya na

Okay lang po sir. Salamat po ng marami!

the_flash · Aug 27, 2018

daredavil07 said:
Okay lang po sir. Salamat po ng marami!

eto na update na xampp ko pati yung code You do not have permission to view the full content of this post. Log in or register now.

daredavil07 · Aug 27, 2018

bluesharkboy_05 said:
eto na update na xampp ko pati yung code You do not have permission to view the full content of this post. Log in or register now.

Nadali na Sir bluesharkboy_05, Thank you po ulit! Salamat din po kina Sir Phcmjal at codyscott!

Phcmjal · Aug 27, 2018

Ahaaha aralinnmo basic sir kasj basic lngnsapat na

codyscott · Aug 27, 2018

daredavil07 said:

Hi Sir codyscott , sinubukan ko rin po ito sir..medyo na lula lang ako..

Ito lang po muna ginamit ko para masubukan lang yung session rights:

Login Page:

Code:

<?php
session_start();
?>
<html>
<body>
        <form method="post" action="#">
        <strong>Username: </strong><input type="text" id="user" name="user" placeholder="Enter here.."/><br>
        <strong>Password: </strong><input type="password" id="pass" name="pass" placeholder="Enter here.."/><br><br>  
        <input type="submit" id="submit" name="submit" value="Login" class="button"/>
        </form>
        </div>                  

<?php

$conn = mysqli_connect("localhost", "root", "", "account");
if (mysqli_connect_errno())
  {
  echo "Failed connecting to database: " . mysqli_connect_error();

}

if(isset($_POST['submit'])){
    $user = $_POST['user'];
    $pass = $_POST['pass'];
    $query = "SELECT * FROM log WHERE user='$user' ";
    $result = mysqli_query($conn, $query);

    if($result){
        while($row=mysqli_fetch_assoc($result)){
            if( password_verify($pass,$row['pass']) ){
                $_SESSION['user'] = $row['user'];
                $_SESSION['rights'] = $row['rights'];
                header("Location: main.php");
            }
        }
 
    }
}
?>
</body>
</html>

main.php

Code:

<?php
session_start();
error_reporting(0);
$rights=$_SESSION['rights'];
$user=$_SESSION['user'];
//if($user==true){
?>
<!DOCTYPE html>
<html>
<body>    
        <strong style="color: blue;">Username: </strong><?php echo $_SESSION['user']; ?></br>
        <strong style="color: blue;">Rights: </strong><?php echo $_SESSION['rights']; ?>
</body>
</html>

View attachment 444798
View attachment 444802

Ano kaya problema nito Sir.

Inilipat ko yung session_start() sa taas (login page)
Remember the rule about SESSIONS? in any page, siya dapat yung unang unang code.
Try mo yan.

Code:

<?php session_start(); ?>
<html>
<body>
       <form method="post" action="#">
       <strong>Username: </strong><input type="text" id="user" name="user" placeholder="Enter here.."/><br>
       <strong>Password: </strong><input type="password" id="pass" name="pass" placeholder="Enter here.."/><br><br>   
       <input type="submit" id="submit" name="submit" value="Login" class="button"/>
       </form>
       </div>                   

<?php

$conn = mysqli_connect("localhost", "root", "", "account");
if (mysqli_connect_errno())
  {
  echo "Failed connecting to database: " . mysqli_connect_error();

}

if(isset($_POST['submit'])){
   $user = $_POST['user'];
   $pass = $_POST['pass'];
   $query = "SELECT * FROM log WHERE user='$user' ";
   $result = mysqli_query($conn, $query);

   if($result){
       while($row=mysqli_fetch_assoc($result)){
           if( password_verify($pass,$row['pass']) ){
               $_SESSION['user'] = $row['user'];
               $_SESSION['rights'] = $row['rights'];
               header("Location: main.php");
           }
       }

   }
}
?>
</body>
</html>

Jmrie_ · Aug 27, 2018

Ang galing niyo po sir ,codyscott Phcmjal
bluesharkboy_05

codyscott · Aug 28, 2018

-Ateh- said:
Ang galing niyo po sir ,codyscott Phcmjal
bluesharkboy_05

Puwede na ba ako? Salamat.
Baguhan lang ako sa PHP... na-ta-transfer ko lang yung knowledge ko sa Java to PHP.
(Killing two birds with one stone...kumbaga)

Heizengberg · Aug 28, 2018

baka di ka nag session start?

🔒 Closed PHP code, Using $_session in login page?

Journeyman

Journeyman

Forum Expert

Eternal Poster

Eternal Poster

Journeyman

Forum Expert

Journeyman

Forum Expert

Journeyman

Eternal Poster

Honorary Poster

in memoriam 1995-2021

Honorary Poster

Honorary Poster

About this Thread

Trending Topics

Online now

Forum statistics