Hello, i have an CMS for my gaming server of metin2 . There is the link for the site. h t t p s : / / infometin2. ro/sfx/blue/ .The problem is that when i try to log in automatically logout by the CMS. I try to search and find the problem but i can’t find it. Any suggestions ?
Show us the code and put the code in php tags that way you get help.
[php]<?php
if(empty($_SESSION[‘id’])){
if(isset($_POST['login']) && $_POST['login'] == 'Logare') {
((bool)mysqli_query($sqlServ, "USE account"));
$user = sanitize(stripInput($_POST['user']));
$pw = sanitize(stripInput($_POST['pw']));
$check = "SELECT * from account where login = '" . $user . "' and password = PASSWORD('$pw')";
$query = mysqli_query($sqlServ, $check);
$num = mysqli_num_rows($query);
if($num > 0) {
$array = mysqli_fetch_array($query);
// SESSION variable start //
if($array['status']=='OK') {//daca contul nu este blocat
$_SESSION['id'] = $array['login'];
//$_SESSION['coins'] = $array['coins'];
$_SESSION['email'] = $array['email'];
$_SESSION['real_name'] = $array['real_name'];
$_SESSION['social_id'] = $array['social_id'];
$_SESSION['user_admin'] = $array['web_admin'];
$_SESSION['user_id'] = $array['id'];
$_SESSION['user_name'] = $array['login'];
$_SESSION['user_coins'] = $array['coins'];
$_SESSION['user_email'] = $array['email'];
$_SESSION['fingerprint'] = md5($_SERVER['HTTP_USER_AGENT'] . 'x' . $_SERVER['REMOTE_ADDR']);
//Selectare nume chat
$BestChar = "SELECT player.name, player.level, player.exp, player.job
FROM player.player
WHERE player.account_id='".$_SESSION['user_id']."' ORDER BY player.level DESC, player.exp DESC Limit 1";
$sql = mysqli_query($sqlServ, $BestChar);
$check = mysqli_num_rows($sql);
if ($check == 0) {
$_SESSION['chat'] = $_SESSION['id'];
$_SESSION['avatar'] = "user";
}
else {
while($getBestChar = mysqli_fetch_object($sql)) {
$_SESSION['chat'] = $getBestChar->name;
$_SESSION['avatar'] = $getBestChar->job; }
}
//Selectare nume chat (sf)
echo "<meta http-equiv='refresh' content='0; URL=index.php?page=home'>"; }
else if($array['status']=='BLOCK') {//daca contul este blocat
echo'<div class="alert alert-danger" role="alert">
Ne pare rău, dar contul tău este <strong>BLOCAT</strong>.
</div>'; }
} else {
echo "<meta http-equiv='refresh' content='0; URL=index.php?page=login_error'>";
}
}
?>
<?php include("./user/name_sv.php"); ?> - Logare
Scrie numele şi parola din joc apoi apasă butonul Logare pentru a vedea meniurile interne ale siteului!
<input id="submitBtn" class="button" type="submit" name="login" value="Logare"/>
<script type="text/javascript">
</script>
</form></center>
<news><font color="red">Completați cu datele corecte!</font></news>
</font>
</div><br>
<div class="con-head">
<h3><?php include("./user/name_sv.php"); ?> - Încă nu ai cont?</h3>
</div>
<div class="con-text">
<font color="#999999">
<news><font color="#f9ca8d">Crearea unui jucător (cont) este rapidă, uşoară şi gratis.</font></news>
<a role="button" href="index.php?page=register" class="button">Înregistrează-te!</a>
</font>
</div>
That is the code from login page.
Hello, sfxtm.
I would suggest to use a single session tho, the way how I want user to always hold their own data is simply specify each of them with an unique id, so whenever I want to fetch the data of the user I can just query
[php]“SELECT * FROM table WHERE id=”.row[‘id’];[/php]
… not just that, it will be easier if you want to combine table too, you can just you the id of the user instead of using A LOT of them at the same time. You save a lot of time that way… which you pretty much do not need to specify each data with a session…
That’s just my opinion regarding your sessions…