php - Session are not working -

-

hello have created login system not working reason , start session after 1 login , made check if session isset , if session no more 1 hour :

this login script on index.php :

<?php require 'mysql.php';  if(isset($_session["username"]) && time() - $_session["created"] > 3600){     session_start();     session_unset();     session_destroy();   }   if(isset($_session["username"]) && time() - $_session["created"] < 3600){      header('location: main.php'); }    if (isset($_post["login"])){      $username = $_post["username"];     $password = $_post["password"];      $stmt = $connect->prepare("select username, password users username=? ");     $stmt->bind_param("s", $username);     $stmt->execute();     $result = $stmt->get_result();     $rowcount = $result->num_rows;         if ($rowcount > 0){                  while ($row = $result->fetch_assoc()) {                     if ($row["username"] == $username && $row["password"] == $password){                          if(!isset($_session)) {                              session_start();                         }                             $_session["username"] = $username;                             $_session["usertype"] = $row["usertype"];                             $_session["userid"] = $row["id"];                             $_session["created"] = time();                         header('location: main.php');                      } else {                         $error_msg2 = "username or password not mach";                         $error2 = "error";                     }                 }         } else {             $error_msg2 = "no such user";             $error2 = "error";         }      echo $error_msg2;     $stmt->close();     $connect->close();  }  ?>

and main.php code : 

if(isset($_session["username"]) && time() - $_session["created"] > 3600){     session_start();     session_unset();     session_destroy();       header('location: index.php'); }

so ones login redirected main.php , if session set u should unable access index.php cuz if try u , session not expired redirected main.php same main if session expired redirected index.php login , no matter if logged in or no can walk between them freely

you should call session_start in case - fills $_session values. it's enough unset $_session['username'], no need destroy whole session - php can take care of that. here code should work:

index.php

<?php require 'mysql.php';  session_start(); if (isset($_session['username'])) {     if ($_session['created'] < 3600) {         header('location: main.php');         exit;     }      unset($_session['username']); }   if (isset($_post['username']) && isset($_post['password'])) {     $username = $_post['username'];     $password = $_post['password'];      $stmt = $connect->prepare('select username, password users username=? limit 1');     $stmt->bind_param('s', $username);     $stmt->execute();     $result = $stmt->get_result();     $rowcount = $result->num_rows;      if ($rowcount > 0) {         $row = $result->fetch_assoc();          if ($row['username'] == $username && $row['password'] == $password) {             $_session['username'] = $username;             $_session['usertype'] = $row['usertype'];             $_session['userid'] = $row['id'];             $_session['created'] = time();              header('location: main.php');             exit;         } else {             $error_msg2 = 'username or password not mach';             $error2 = 'error';         }     } else {         $error_msg2 = 'no such user';         $error2 = 'error';     }      echo $error_msg2;     $stmt->close();     $connect->close(); }

main.php

session_start(); if (!isset($_session['username']) || time() - $_session['created'] > 3600){     unset($_session['username']);     header('location: index.php');     exit; }

Comments

Post a Comment

Popular posts from this blog

ios - RestKit 0.20 — CoreData: error: Failed to call designated initializer on NSManagedObject class (again) -

-
this error has shown on many times, seems. prominent answer issue seems restkit 0.20 — coredata: error: failed call designated initializer on nsmanagedobject class however, solution posted doesn't work me. let's start beginning: i want upload file server. want parse response make sure uploaded. if not, try again later. model has boolean variable called nsnumber *senttoserver purpose (in coredata, bool saved nsnumber ) . because don't know whether sending going successful, save entity coredata model first before sending via restkit. when post request successful, server returns json string this: {"id":14,"created":true} notice that, of course, id not set on coredata model yet, both id , created new informations model. here's model: @interface recording : nsmanagedobject @property (nonatomic, retain) nsstring * audiofilepath; @property (nonatomic, retain) nsdate * createdat; @property (nonatomic, retain) nsstring * deviceid; @
Read more

java - Digest auth with Spring Security using javaconfig -

-
so i'm trying create digest authentication spring following documentation trying translate xml "requirements" in java requirements. let's have xml in docs: <bean id="digestfilter" class= "org.springframework.security.web.authentication.www.digestauthenticationfilter"> <property name="userdetailsservice" ref="jdbcdaoimpl"/> <property name="authenticationentrypoint" ref="digestentrypoint"/> <property name="usercache" ref="usercache"/> </bean> <bean id="digestentrypoint" class= "org.springframework.security.web.authentication.www.digestauthenticationentrypoint"> <property name="realmname" value="contacts realm via digest authentication"/> <property name="key" value="acegi"/> <property name="noncevalidityseconds" value="10"/> </b
Read more

laravel - PDOException in Connector.php line 55: SQLSTATE[HY000] [1045] Access denied for user 'root'@'localhost' (using password: YES) -

-
my .env: app_env=local app_debug=true app_key=myappkey app_url=http://localhost db_connection=mysql db_host=localhost db_port=3306 db_database=gestiontaller db_username=root db_password='root' cache_driver=file session_driver=file queue_driver=sync redis_host=127.0.0.1 redis_password=null redis_port=6379 mail_driver=smtp mail_host=mailtrap.io mail_port=2525 mail_username=null mail_password=null mail_encryption=null i've tried password ", ' , without, restarting server every time. i've tried changing localhost 172.0.0.1. yes, password correct, running mysql -u root -p introducing password root in prompt can go mysql. users table: +------------------+-----------+ | user | host | +------------------+-----------+ | debian-sys-maint | localhost | | mysql.sys | localhost | | root | localhost | | root1 | localhost | +------------------+-----------+ i've added homestead.yaml this: database_port: 3306
Read more