1 Replies - 1091 Views - Last Post: 06 March 2013 - 04:54 AM Rate Topic: -----

#1 Bestford  Icon User is offline

  • New D.I.C Head

Reputation: 0
  • View blog
  • Posts: 44
  • Joined: 05-December 11

problem: login form when not logged in and show log out when logged in

Posted 05 March 2013 - 08:55 AM

Hello guys,

Basically I want to show alternative links for the user to click on,

- so when the user is logged in the menu will show only the logout menu bar
- when they aren't logged in it will show the login link which pulls down a login form

this is basically what i have so far

(inside the menu div I print this:

if ($_SESSION["loggedIn"] === true) { 
echo "<li> <a href=\"logout.php\">logout</a></li>";
} else if ($_SESSION["loggedIn"] === false) {
echo'<li class="dropdown" id="menu1">
<a class="dropdown-toggle" data-toggle="dropdown" href="#menu1">Login<b class="caret"></b>
<div class="dropdown-menu">

<form style="margin: 0px" accept-charset="UTF-8" action="checklogin.php" method="post">
<div style="margin:0;padding:0;display:inline">
<input name="utf8" type="hidden" value="&#x2713;" /><input name="authenticity_token" type="hidden" value="4L/A2ZMYkhTD3IiNDMTuB/fhPRvyCNGEsaZocUUpw40=" /></div>
	<fieldset class=\'textbox\' style="padding:10px">
	<input style="margin-top: 8px" name="username" type="text" placeholder="Username" />
	<input style="margin-top: 8px" name="password" type="password" placeholder="Passsword" />
	<input class="btn-primary" name="commit" type="submit" value="Log In" />

then to check the login i use this
session_start(); // Start a new session
require('includes/db.inc.php'); // Holds all of our database connection information
function sanitize($data) {
	return htmlentities(strip_tags(mysql_real_escape_string($data)));
// Get the data passed from the form
$username = sanitize($_POST['username']);
$password = sanitize($_POST['password']);

// Do some basic sanitizing
$username = sanitize($username);
$password = sanitize($password);

$sql = "select * from users3 where username = '$username' and password = '$password'";
$result = mysql_query($sql) or die ( mysql_error() );

$count = 0;

$count = mysql_num_rows($result);

if ($count == 1) {
	 $_SESSION['loggedIn'] === true;
	 header("Location: index.php"); // This is wherever you want to redirect the user to
} else {
	 $_SESSION['loggedIn'] === false;
	 header("Location: index.php"); // Wherever you want the user to go when they fail the login

any help would be great


Is This A Good Question/Topic? 0
  • +

Replies To: problem: login form when not logged in and show log out when logged in

#2 Atli  Icon User is offline

  • Enhance Your Calm
  • member icon

Reputation: 4013
  • View blog
  • Posts: 6,800
  • Joined: 08-June 10

Re: problem: login form when not logged in and show log out when logged in

Posted 06 March 2013 - 04:54 AM

You are setting the session values incorrectly. To set a variable you use a single equal sign operator. To compare variables you use either the two (loose) or three (strict) equal sign operators.

Also that sanitize function is both misleading and it's being incorrectly applied. It treats the value as if it is meant both for a mysql query and HTML output. You should only really be doing one at a time, in this case for the mysql query. You are also applying the function twice to the username and password inputs, which could easily corrupt them.
Was This Post Helpful? 1
  • +
  • -

Page 1 of 1