Login Logout and Session Expire...

**Craft** · Jul 17 '05, 01:29 PM

Re: Login Logout and Session Expire...

I use this on my auth. site, maybe this might help you

<?php
// This Function authenticates to make sure that the user has entered a
valid
// username and password, and then grabs the user's info
function authenticate($u ser, $pass, $minRank) {
global $diplomacy, $log, $members, $news, $status, $templates,
$useronline, $images;
global $fontString;
global $myrow;
global $recruit;
$result = @mysql_query("S ELECT * FROM $members WHERE username =
\"$user\"");
$myrow = mysql_fetch_arr ay($result);
if($myrow != NULL)
extract($myrow) ;

// If the username matches the result in the mysql query and the
password is correct
// return the rank of the user.
if($user == $username && $pass == $password and $username != NULL) {
if($disable != 1) {
if($rank >= $minRank) {
return 1;
}
else {
echo("
$fontString
You are not high enough rank. <center> <fo nt size=2
face=verdana><a href=main.php>C lick Here to return to
console</center>
");
}
}
if($disable == 1) {
$result = @mysql_query("S ELECT * FROM $members WHERE username =
\"$user\"");
$row = mysql_fetch_arr ay($result);
extract($row);

echo("
$fontString
You have been disabled. 
$d isabled
");
}
}
else {
if(!$user) {

echo("
$fontString

Inval id Username or Password 
Note: Username and Password are CaSe Sensitive.
 
If you are unsure of how your name is spelled you should check the
members page. 
If you had forgotten your password ask one of the generals to retrieve
it for you
<form action=main.php method=post>

Username: <INPUT style=\"border: 1px solid
#76A5D5; WIDTH: 115px; HEIGHT: 20px; BACKGROUND-COLOR: #ffffff\"
type=username name=username size=\"20\"> 
Password:  <INPUT style=\"border: 1px solid #76A5D5;
WIDTH: 115px; HEIGHT: 20px; BACKGROUND-COLOR: #ffffff\" type=password
name=password size=\"20\"> 
  &nb sp;     &nb sp;     &nb sp;     &nb sp;    <INPUT
style=\"border: 1px solid #1874CD; WIDTH: 115px; HEIGHT: 20px;
BACKGROUND-COLOR: #76A5D5; float:center\" type=submit value=Login>

");

}
else {
echo("
$fontString
Inval id Username or Password 
Note: Username and Password are CaSe Sensitive.
 
If you are unsure of how your name is spelled you should check the
members page. 
If you had forgotten your password ask one of the generals to retrieve
it for you

<form action=main.php method=post>

Username: <INPUT style=\"border: 1px solid
#76A5D5; WIDTH: 115px; HEIGHT: 20px; BACKGROUND-COLOR: #ffffff\"
type=username name=username size=\"20\"> 
Password:  <INPUT style=\"border: 1px solid #76A5D5;
WIDTH: 115px; HEIGHT: 20px; BACKGROUND-COLOR: #ffffff\" type=password
name=password size=\"20\"> 
  &nb sp;     &nb sp;     &nb sp;     &nb sp;    <INPUT
style=\"border: 1px solid #1874CD; WIDTH: 115px; HEIGHT: 20px;
BACKGROUND-COLOR: #76A5D5; float:center\" type=submit value=Login>
");
}
}

}
?>

This is used to grab the username & password from mysql and then lets
the member view w/e page this function is on like for example if i only
want a member of a rank 26 (admin) to view a page called ip.php that
views the name & ips of each member then i would put the following on
that page.

<?php
$username = $usercook;
$password = $passcook;
setcookie("user cook", $username);
setcookie("pass cook", $password);

require("functi ons.php");

if(authenticate ($username, $password, 26)) {
Ip();
}
?>

Maybe this will help you.. if you want the full code then email me and
ill help you out...

**Angelos** · Jul 17 '05, 01:29 PM

hmm :s Globals And Cookies is something that I don't want

> Maybe this will help you.. if you want the full code then email me and[color=blue]
> ill help you out...[/color]

First of all thank you for your reply,
This code is better than nothing so it will be a bit helpfull. Although I
noticed that you use globals... and I don't know how that is going to affect
my program that doesn't use Globals... Also I don't use Cookies....

So I will wait to see if I have any other suggestions and then I will have a
better look in your Code bit ...
Thanks Again Craft !!!

**Craft** · Jul 17 '05, 01:29 PM

Re: hmm :s Globals And Cookies is something that I don't want

No probelm.. sessions are tricky.. but i use cookies b/c you can set
how long til they expire.. so if the user times out (ie: closes the
page for how ever long i set it) they logged out.. but yea no problem..

You could try and use different variables for each site..

IE: $username & $password for one site

then $user & $pass for the other so then you wont be logged in one
both.. just and idea it might work..

**Botan Guner** · Jul 17 '05, 01:29 PM

Re: Login Logout and Session Expire...

You can register another variable like

$_SESSION['site']=$_SERVER['SERVER_NAME'];

this will register the sites adress (www.site.com) to session than you
can compare the sites after login while checking
(!isset($_SESSI ON['user_id']))

if (!isset($_SESSI ON['user_id']) or
(isset($_SESSIO N['site'])!=$_SERVER['SERVER_NAME']))

If you are working on localhost its better you to use
$site=explode("/",$_SERVER['PHP_SELF']);
$_SESSION['site']=$site[1];

to get the directory name of your site insted of
$_SERVER['SERVER_NAME'].

**Angelos** · Jul 17 '05, 01:29 PM

Re: hmm :s Globals And Cookies is something that I don't want

> You could try and use different variables for each site..[color=blue]
>
> IE: $username & $password for one site
>
> then $user & $pass for the other so then you wont be logged in one
> both.. just and idea it might work..[/color]

Yeah That is an OPTION ... not the Best Though but you can get away with the
problem I have at the moment. Thanks Again !!! ;-)

**Angelos** · Jul 17 '05, 01:29 PM

Re: Login Logout and Session Expire...

> if (!isset($_SESSI ON['user_id']) or[color=blue]
> (isset($_SESSIO N['site'])!=$_SERVER['SERVER_NAME']))
>
> If you are working on localhost its better you to use
> $site=explode("/",$_SERVER['PHP_SELF']);
> $_SESSION['site']=$site[1];
>
> to get the directory name of your site insted of
> $_SERVER['SERVER_NAME'].[/color]

Wow... That was something I haven't thought ... Great !!!
This will definetely do my Job ;-)
Cheers Botan Guner !!!

**Jamie Meyers** · Jul 17 '05, 01:29 PM

Re: Login Logout and Session Expire...

I actually had a problem with logging into both my sites when I was
developing my open source CMS (ProtonCMS http://protoncms.gotdns.com). Here
is what I did to stop it, and I'll show you how allow it also.

on every page put (in your case header.php).

<other session stuff here>
session_name(SI TE_SESS_NAME);
session_start() ;

If SITE_SESS_NAME is different, then you cannot go across domains that are
on one machine, however if they are the same, then it works like a charm. I
hope this helps.

Login Logout and Session Expire...

Login Logout and Session Expire...

Comment

Comment

Comment

Comment

Comment

Comment

Comment