formularz logowania:
Kod
<form class="register" action="index2.php" method="post">
<fieldset>
<div class="inputy2">Logowanie - tu będzie opis<br />Logowanie - tu będzie opis<br />Logowanie - tu będzie opis<br /></div>
<div class="inputy4">Panel logowania</div>
<div class="inputy3" style="display:table;">
<p style="display:table-row;">
<span style="display:table-cell;">Nazwa użytkownika: </span><span style="display:table-cell;"><input type="text" class="text" name="user" maxlength="15" /></span></p>
<br />
<p style="display:table-row;">
<span style="display:table-cell;">Hasło: </span><span style="display:table-cell;"><input type="password" class="text" name="pass" maxlength="15" /></span></p></div>
<br />
<input type="submit" name="sprawdz" value='Zaloguj się'></div>
</fieldset>
</form>
</div>
<fieldset>
<div class="inputy2">Logowanie - tu będzie opis<br />Logowanie - tu będzie opis<br />Logowanie - tu będzie opis<br /></div>
<div class="inputy4">Panel logowania</div>
<div class="inputy3" style="display:table;">
<p style="display:table-row;">
<span style="display:table-cell;">Nazwa użytkownika: </span><span style="display:table-cell;"><input type="text" class="text" name="user" maxlength="15" /></span></p>
<br />
<p style="display:table-row;">
<span style="display:table-cell;">Hasło: </span><span style="display:table-cell;"><input type="password" class="text" name="pass" maxlength="15" /></span></p></div>
<br />
<input type="submit" name="sprawdz" value='Zaloguj się'></div>
</fieldset>
</form>
</div>
tak w teori powinno wygladac cos oparte na sesjach:
Kod
<?php
session_start();
if (isset($_POST['submit'])) {
$_SESSION['imie'] = $_POST['imie'];
} else {
header("Location: index2.php");
}
?>
session_start();
if (isset($_POST['submit'])) {
$_SESSION['imie'] = $_POST['imie'];
} else {
header("Location: index2.php");
}
?>
index2.php
Kod
<?php
// If there is no cookie presesnt
if (!isset($_COOKIE['cookie_info'])) {
// Variables that data come from the form
$username = $_POST["user"];
$password = $_POST["pass"];
// Check if username and password where submitted
if (!$username) {
echo "Niejesteś zalogowany"; exit;
}
if (!$password) {
echo "Please enter password"; exit;
}
// Use Connect Script
include("connect.php");
// MD5 Username and Password
$username = MD5($username);
$password = MD5($password);
// Check if username exists. If not then say no such username.
$issuchusername = mysql_query("SELECT * FROM userdata WHERE userid = '$username'");
$usernamelogin = mysql_num_rows($issuchusername);
// If username exists
if ($usernamelogin == 1) {
$issuchpassword = mysql_query("SELECT * FROM userdata WHERE userid = '$username' AND userpass = '$password'");
$passwordlogin = mysql_num_rows($issuchpassword);
// If password is correct
if ($passwordlogin == 1) {
$time = time();
$cookie_data = $username.'-'.$password;
if(setcookie ("cookie_info",$cookie_data, $time+3600)==TRUE) {
}
else {
echo "You computer does not support cookies. <BR> To view other pages after logged in you need to have cookies enabled.<BR>";
}
}
else {
echo "Incorrect username/password";
exit;
}
}
else {
echo "Incorrect username/password";
exit;
}
}
// End if no cookie present
?>
<?php
// Use Connect Script
include("connect.php");
// Use cookie and Extract the cookie data (Username and Password)
$cookie_info = explode("-", $_COOKIE['cookie_info']);
$namecookie = $cookie_info[0];
$passcookie = $cookie_info[1];
if (!isset($_COOKIE['cookie_info'])) {
$namecookie = $_POST["user"];
$passcookie = $_POST["pass"];
}
// MD5 Username and Password
$namecookie = MD5($namecookie);
$passcookie = MD5($passcookie);
// Check if username exists. If not then say no such username.
$issuchusername = mysql_query("SELECT * FROM userdata WHERE userid = '$namecookie'");
$usernamelogin = mysql_num_rows($issuchusername);
// If username exists
if ($usernamelogin == 1) {
$issuchpassword = mysql_query("SELECT * FROM userdata WHERE userid = '$namecookie' AND userpass = '$passcookie'");
$passwordlogin = mysql_num_rows($issuchpassword);
// If password is correct
if ($passwordlogin == 1) {
// User is now logged in, display details of user
// Get details of user from Database and put them in variables
$query = mysql_query("SELECT * FROM userdata WHERE userid = '$namecookie'");
$nameuser = mysql_result($query,0,13);
$name = mysql_result($query,0,2);
$address = mysql_result($query,0,3);
$suburb = mysql_result($query,0,4);
$state = mysql_result($query,0,5);
$postcode = mysql_result($query,0,6);
$phone1 = mysql_result($query,0,7);
$phone2 = mysql_result($query,0,8);
$emailaddress = mysql_result($query,0,9);
$joineddate = mysql_result($query,0,10);
?>
// If there is no cookie presesnt
if (!isset($_COOKIE['cookie_info'])) {
// Variables that data come from the form
$username = $_POST["user"];
$password = $_POST["pass"];
// Check if username and password where submitted
if (!$username) {
echo "Niejesteś zalogowany"; exit;
}
if (!$password) {
echo "Please enter password"; exit;
}
// Use Connect Script
include("connect.php");
// MD5 Username and Password
$username = MD5($username);
$password = MD5($password);
// Check if username exists. If not then say no such username.
$issuchusername = mysql_query("SELECT * FROM userdata WHERE userid = '$username'");
$usernamelogin = mysql_num_rows($issuchusername);
// If username exists
if ($usernamelogin == 1) {
$issuchpassword = mysql_query("SELECT * FROM userdata WHERE userid = '$username' AND userpass = '$password'");
$passwordlogin = mysql_num_rows($issuchpassword);
// If password is correct
if ($passwordlogin == 1) {
$time = time();
$cookie_data = $username.'-'.$password;
if(setcookie ("cookie_info",$cookie_data, $time+3600)==TRUE) {
}
else {
echo "You computer does not support cookies. <BR> To view other pages after logged in you need to have cookies enabled.<BR>";
}
}
else {
echo "Incorrect username/password";
exit;
}
}
else {
echo "Incorrect username/password";
exit;
}
}
// End if no cookie present
?>
<?php
// Use Connect Script
include("connect.php");
// Use cookie and Extract the cookie data (Username and Password)
$cookie_info = explode("-", $_COOKIE['cookie_info']);
$namecookie = $cookie_info[0];
$passcookie = $cookie_info[1];
if (!isset($_COOKIE['cookie_info'])) {
$namecookie = $_POST["user"];
$passcookie = $_POST["pass"];
}
// MD5 Username and Password
$namecookie = MD5($namecookie);
$passcookie = MD5($passcookie);
// Check if username exists. If not then say no such username.
$issuchusername = mysql_query("SELECT * FROM userdata WHERE userid = '$namecookie'");
$usernamelogin = mysql_num_rows($issuchusername);
// If username exists
if ($usernamelogin == 1) {
$issuchpassword = mysql_query("SELECT * FROM userdata WHERE userid = '$namecookie' AND userpass = '$passcookie'");
$passwordlogin = mysql_num_rows($issuchpassword);
// If password is correct
if ($passwordlogin == 1) {
// User is now logged in, display details of user
// Get details of user from Database and put them in variables
$query = mysql_query("SELECT * FROM userdata WHERE userid = '$namecookie'");
$nameuser = mysql_result($query,0,13);
$name = mysql_result($query,0,2);
$address = mysql_result($query,0,3);
$suburb = mysql_result($query,0,4);
$state = mysql_result($query,0,5);
$postcode = mysql_result($query,0,6);
$phone1 = mysql_result($query,0,7);
$phone2 = mysql_result($query,0,8);
$emailaddress = mysql_result($query,0,9);
$joineddate = mysql_result($query,0,10);
?>
czyli aby oprzec to na sesji mam zrobić coś takiego:
Kod
<?php
session_start();
if (isset($_POST['submit'])) {
$_SESSION['username'] = $_POST['user'];
$_SESSION['password'] = $_POST['pass'];
} else {
header("Location: index2.php");
}
?>
session_start();
if (isset($_POST['submit'])) {
$_SESSION['username'] = $_POST['user'];
$_SESSION['password'] = $_POST['pass'];
} else {
header("Location: index2.php");
}
?>
i dać to gdzie?