Logowanie PHP z sesjami
Jestem początkującym PHP. Próbowałem utworzyć kod logowania do php i miałem pewne problemy. Sesja nie zostaje, jeśli przejdę na inne strony, moja strona nie pamięta, że się zalogowałem.
<?php
$logincontent;
require_once 'config.php';
$logincontent=
' <div class="column-1-3">
<div class="white-box">
<div class="box-title">
Login
<div class="subtitle"><img src="images/subtitle-lets-work-together.png" alt="let\'s work together" /></div>
<div class="icon"><img src="images/title-icon-contact.png" alt="" /></div>
</div>
<div class="box-content fixed-height">
<form action="" method="post" class="contact-form">
<div>
<b>Username</b>
<input class="text-input" type="text" name="username" value="" onfocus="clearInput(this);" onblur="restoreInput(this);" /><br/>
<b>Password</b>
<input class="text-input" type="text" name="password" value="" onfocus="clearInput(this);" onblur="restoreInput(this);" /><br/>
<div class="align-right">
<span class="blue-button"><span><input type="submit" value="SEND »" /></span></span>
</div>
<input type="hidden" name="val" value="checkin">
</div>
</form>
</div>
</div>
</div><!--/end .column-1-3 --> ';
if (isset($_POST["val"])&&($_POST["val"]=='checkin'))
{
echo "checkin";
DBConnect();
$username=$_POST['username'];
$password=$_POST['password'];
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$sql="SELECT * FROM users WHERE username='$username' and password='$password'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1)
{
@session_start();
// Register $myusername, $mypassword and redirect to file "login_success.php"
@session_register('username');
@session_register('password');
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
}
else
{
echo "Wrong Username or Password";
unset($username);
}
} else
if ((isset($_POST["val"]))&&($_POST["val"]=='logout'))
{
@session_start();
session_destroy();
} else
{
//echo $logincontent;
}
//if((isset($username))&&(!@session_is_registered($username)))
@session_start();
//if((@session_is_registered('username')))
if (isset($_SESSION['username']) && isset($_SESSION['password']))
{
if (isset($db_conn) == false)
DBConnect();
$username=$_SESSION['username'];
$password=$_SESSION['password'];
//echo $username;
//echo $password;
$sql="SELECT * FROM users WHERE username='$username' and password='$password'";
$result=mysql_query($sql);
$row = mysql_fetch_array($result);
$logincontent=
' <div class="column-1-3">
<div class="white-box">
<div class="box-title">
Welcome back!
<div class="subtitle"><img src="images/subtitle-lets-work-together.png" alt="let\'s work together" /></div>
<div class="icon"><img src="images/title-icon-contact.png" alt="" /></div>
</div>
<div class="box-content fixed-height">
<form action="" method="post" class="contact-form">
<div>
Username: <b>'.$row['username'].'</b><br><br>
Name: <b>'.$row['name'].'</b><br>';
//if (mysql_field_len ($row['avatar'])==0)
if (isset($row['avatar']))
{
$Link='images/no_avatar.gif';
} else
{
$Link=$row['avatar'];
}
$logincontent=$logincontent."<center>
<div class='avatar-image'><img src='".$Link."' alt='' width='100' height='100'/></div></center><br>".'
<div class="align-center">
<span class="blue-button"><span><input type="submit" value="logout" /></span></span>
</div>
<input type="hidden" name="val" value="logout">'."
</div>
</form>
</div>
</div>
</div><!--/end .column-1-3 --> ";
}
?>