I am currently trying to setup an admin login for a webpage. Currently, I have 2 logins set up, admin1 and admin2. Currently when I login with admin1, even after logging out and relogging in with admin2, the admin1 data still shows up.

I have my MySQL database setup so all data about admin1 is in one row, and each user has their own row. Here is my code. I have a decent understanding of PHP, but am really just a late beginner. I generally understand the code and what it’s doing, but am still working on being able to write complicated functions.

Any help would be greatly appreciated. Thank you in advance.

[size=18pt]
CODE: LOGIN SUCCESS[/size]

<?php session_start(); //Start the session define(ADMIN,$_SESSION['myusername']); //Get the user name from the previously registered super global variable if(!session_is_registered($myusername)){ //If session not registered header("location:login.php"); // Redirect to login.php page } else //Continue to current page header( 'Content-Type: text/html; charset=utf-8' ); ?> <?php header( 'Location: http://www.theindigopath.com/test/admin.php' ) ; ?>

[size=18pt]
CODE: CONNECT CODE I HAVE ADDED INCLUDED IN THE TOP OF THE PAGE[/size]

<?php // Make a MySQL Connection mysql_connect("MYHOST", "USERNAME", "PASSWORD") or die(mysql_error()); mysql_select_db("DB") or die(mysql_error()); // Retrieve all the data from the "users" table $result = mysql_query("SELECT * FROM users WHERE username = '$myusername' AND password = '$password'") or die(mysql_error()); // store the record of the "users" table into $row $row = mysql_fetch_array( $result ); ?>

[size=18pt]
CODE: ADMIN MAIN PAGE[/size]
Administration

<?php
include(“connect.php”); ?>

<?php //Calculate 60 days in the future //seconds * minutes * hours * days + current time $inTwoMonths = 60 * 60 * 24 * 1 + time(); setcookie('lastVisit', date("G:i - m/d/y"), $inTwoMonths); ?> <?php // Retrieve all the data from the "users" table $result = mysql_query("SELECT * FROM users WHERE username = '$myusername' AND password = '$password'") or die(mysql_error()); // store the record of the "users" table into $row $row = mysql_fetch_array( $result ); // Print out the contents of the entry echo "You are logged in as ".$row['username']; ?>

| Logout? |

<?php if(isset($_COOKIE['lastVisit'])) $visit = $_COOKIE['lastVisit']; else echo "Welcome Back!"; echo "Your last visit was - ". $visit; ?> <?php echo "

"; ?>

Image:

<?php echo "Status: ".$row['status']; echo "
"; echo "Blurb: " ?><?php

$quote_style = ENT_QUOTES;
echo html_entity_decode(html_entity_decode($row[‘blurb’], $quote_style), ENT_QUOTES);
?>

Change your status: Available Busy Unavailable Choose a file to upload:

<?php $quote_style = ENT_QUOTES; echo html_entity_decode(html_entity_decode($row['blurb'], $quote_style), ENT_QUOTES); ?>

Hi Crossroads,

Can you post a little about your logout.php codes?

I just want to see if you’ve properly killed/unset sessions and cookies.

Here is my logout page code:

<? session_start(); session_destroy(); ?>

And then a redirect back to the login page. Thank you.

Hi Crossroads,

session_destroy() does not remove any value assigned to global variables associated with the session nor does it unset session cookie. So my suggestion is to unset all “global” and “defined” variables during logout. Follow this link http://php.net/manual/en/function.unset.php as reference.

It seems that the logout is working properly. When asking for the username, the correct username came up. however, when I try to call on different columns than the username or password columns, it can’t seem to differentiate admin1 from admin2.

I’ve changed my script to a more clean cut version I found here: http://www.intechgrity.com/create-login-admin-logout-page-in-php-w/

It works fine, the logging in and out is working. How can I call upon other columns in that specific row? So admin1 (id=1) can only see data in the row associated with id=1?

I’m assuming my issue is with my mysql_query, as I’m brand new to that coding.
So in short, the two users are supposed to have different images, different blurbs, and different statuses. But it only shows the first admin’s info no matter which is logged in.

Here’s the code for the admin page:

[code]<?php
session_start(); //Start the session
define(ADMIN,$_SESSION[‘name’]); //Get the user name from the previously registered super global variable
if(!session_is_registered(“admin”)){ //If session not registered
header(“location:login.php”); // Redirect to login.php page
}
else //Continue to current page
header( ‘Content-Type: text/html; charset=utf-8’ );
?>

Welcome To Admin Page Demonstration

Welcome To Admin Page

You are logged in as <?php echo ADMIN /*Echo the username */ ?> | Logout <?php //Connect to server include("MY CONNECTION INFORMATION"); // Retrieve all the data from the "login_admin" table $result2 = mysql_query("SELECT * FROM login_admin") or die(mysql_error());

// store the record of the “example” table into $row
$row = mysql_fetch_array( $result2 );
// Print out the contents of the entry

?>
<?php
echo “

”; ?>
Image:

<?php echo "Status: ".$row['status']; echo "
"; echo "Blurb: " ?><?php

$quote_style = ENT_QUOTES;
echo html_entity_decode(html_entity_decode($row[‘blurb’], $quote_style), ENT_QUOTES);
?>

Change your status: Available Busy Unavailable

<?php $quote_style = ENT_QUOTES; echo html_entity_decode(html_entity_decode($row['blurb'], $quote_style), ENT_QUOTES); ?>

[/code]

Again, thank you for your help!

Sorry for the double post, but I was wondering if this could be solved with $_SESSION and/or isset? I’m a little unsure of how to use these to my advantage, and proper syntax.

I’m thinking of something like
$column = $_SESSION[‘column’]

or

isset($_SESSION[‘name’])

Again, I’m not sure how to properly code this.

Try to create a session variable for the admin username if login is successful, like:
[php]
$_SESSION[‘myusername’] = $_POST[‘username’];[/php]

And then use that during extraction of data from your users table. So your code should look like:
[php]
$query = "SELECT * FROM users WHERE username = " . $_SESSION[‘myusername’];
$result = mysql_query($query) or die(mysql_error());
[/php]

As to isset, you can use it to redirect users to login page if their sessions expire. Here’s a sample:
[php]
if (!isset($_SESSION[‘myusername’])){
//redirect to login page here…
}[/php]

Am not really sure if I got your question right but I hope I gave you a good insight to get this thing done.

Regards,
codeguru