Authenticating a user using sessions with PHP -
Authenticating a user using sessions with PHP -
i have setup session code not seem working!
on login verification script post request login form, code following.. if( isset($_post['email']) && isset($_post['password']) ) { // perform lookup $sql = "select * authentication email='" . $email . "';"; $query = mysqli_query($conn,$sql); $fetch = mysqli_fetch_assoc($query); $fetched = $fetch['email']; if($fetched == $email) { // auth okay, setup session $_session['user'] = $_post['email']; // redirect required page header( "location: app.php" ); } else { // didn't auth go loginform //header( "location: fail.html" ); die("failed auth."); } } else { // username , password not given go login //header( "location: loginform.html" ); die("no username or password given"); } ?>
on "secure" page in top..
<?php session_start(); session_regenerate_id(); if(!isset($_session['user'])) // if there no valid session { header("location: index.php?message=notauthed"); } require 'includes/header.php'; $name = $_session['user']; ?> on log-out script in place..
<?php session_start(); unset($_session['user']); session_destroy(); header("location: index.html"); ?> woops totally forgot include issues haha :)
login script works, redirects fine.
after logging in, unable echo $name = $_session['user'];
also, when log out still able access app page.
also** running on php 5.3? think. not latest, hostgator php..
try:
<?php session_start(); session_unset($_session['user']); header("location: index.html"); ?> this method not best because clears contents of variable not session self so, if seek check 1 time again still going nowadays instead seek this:
<?php session_start(); session_destroy(); header("location: index.html"); ?> hope helps.
php session authentication
Comments
Post a Comment