OSDev.org

Got three questions this time.

1) How can I make it so that an admin has to log in, but only once, until they log out? I don't think cookies're pretty safe, and right now, every time you submit something on a form, it asks to log in again.

2) How can I spread the login session over multiple files, so I don't have to stuff everything into one huge file, but so that people can't just go to their URL and use the stuff in there?

3) In my database, the passwords're encrypted by choosing the Password function (using PHPMyadmin) Is there any way to do that with the user-submitted passwords as well? Comparing the two gives untrue between an encrypted and an unencrypted string, which's a bit of a problem.

1) and 2), check out "PHP sessions".

3), check out if crypt() is what you are looking for.

1) You can choose between cookies (which are pretty safe due to only being stored on the pc of the person who has logged in), session variables and a few other methods that I haven't played around with myself. Of course, you can combine them, using session variables for ease of use while the browser is still open and then using cookies for longer-term logins.

2) If you use one of the above then they are persistent as long as you want them. I would advise putting all the session handling stuff in a seperate php file and including it in each of your pages (incredibly easy if you're using a template system, easy nonetheless otherwise).

3) Encrypt the submitted password and check that against the stored one. I would suggest MD5 encryption as I'm not too sure what phpMyAdmin uses.

Been checking the sessions out, but it's running a bit odd. I think I didn't start it well enough, and it doesn't seem to want to stop The crypt()-function seems to work different than the one on PHPMyadmin, so that's not the one. I'll search the manual for any other, similar functions.

The sessions're going weird. Got some problems with them.

1) The session-id changed with each page-load.
2) It nags.


1) This's how my session starts: At first, I didn't use a session_register()-function on $session_id. Adding it didn't have any effect, as it apparently keeps recreating the session. I'll be checking for if($session_id == NULL) to do the session_start(), but I don't think that'll fully get it to work.

2) It says this: The first 11 lines of login.php are this: The ninth line is session_start(); I don't know why it nags, nor how to solve it, but it sure disrupts my page.

You can't send any output to the browser before you start the session, that's the reason.

What's the output in this case?

<html>
<head>
</head>

<body>

Aye, got it all to work now Had some more problems, mainly due to a misconception from me on what the result of mysql_query is (never been properly taught), which's been set straight by a friend of mine. Now the login works, and over multiple pages

Got another question. This time, I've got these entries in my SQL database that I want to edit. Each entry consists out of 8 fields. I want to list all names of the entries and a checkbox to select them. Submitting the form goes to another page, where the input'll be processed.

This new page shows 7 out of the 8 fields (the 8th being the ID... well, technically the 1st, but you get what I mean). You should be able to alter all 7 fields of each entry. Pressing the Submit-button should process it, running an SQL-query to update the contents.

There's the tricky part. I've tried passing the checkbox array through the processing, so the page'd know which entries to alter, after the alterations've been given in. The problem with this, is that the checkbox array, as I have it now, still has the same look (var_dump gives this:

array(3) {[0] => string(1) "1" [1] => string(1) "4" [2] => string(1) "7" }

, which's right. It doesn't update the entries, though, nor does it show them again on the page. Pressing Submit a second time gives NULL for the checkbox array.

Anybody know why it's doing this, and how to fix it? I'm completely stumped. Been trying everything I could think of.

Nevermind, finally got it fixed. 't Was quite a few things that were wrong, a bit too much to sum up, but at least I figured them out