Rui
You will have to check a session attribute at the start of each of your
scripts that you want to protect to ensure that the user has logged on.
Locking out other users whilst this user is logged on will mean flipping
some flag in a database table or creating a row that tells your login script
that someone is altready logged on. Problem is that this row will have to
get cleared after a certain timeout else noone will be able to logon again
even though the original user has gone away. The errors you are getting are
because you are sending http headers - session.start() sends an http header
as a session cookie and obviously header() as well - you cannot send http
headers once html output to the browser has started so check that these
functions are called first... you can use output buffering if this poses a
logical problem for your scripts.
pseudo code
?
// Protected script
// Assume db is connected already
session.start();
if (!isset($_SESSION['logged_on'])) {
$rs = mydb_query('select 1 from user_already_logged_in');
$in = (mydb_num_rows($rs) == 1);
header('Location: http://mysite.com/'.($in ? 'sorry.php' : 'login.php'));
exit();
}
// User is logged in ...
.
.
?
/pseudo code
HTH
Rich
-Original Message-
From: Rui [mailto:[EMAIL PROTECTED]]
Sent: 21 February 2003 11:24
To: [EMAIL PROTECTED]
Subject: [PHP-WIN] Re: Authenticate user
I'm really new at this authentification thing...
What I want do to:
1- a user appears
2- he fills a form (easy)
3- gain access to the page (?)
4- no one else can log-on until the user who is logged quits (very
important) ()
5- inside the user can surf in diferent php files without being asked for
new athentification ()
---
3 - Trying to authentificate user the warnings bellow appear:
Warning: Cannot send session cache limiter - headers
already sent
Warning: Cannot add header information - headers already
sent by (
Line of the first Warning:
// Main --
session_start();
Line of second warning:
// Relocate back to the login page
header(Location: index.php);
5- How can a user surf in diferent pages with the same loggin?
Thanks
Rui Monteiro
Rui [EMAIL PROTECTED] escreveu na mensagem
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
I'm trying to make a page that requires an authentification by the user.
A lot of problems appear when I run a script copied from the O'Reilly :
Web
Database Applications.
One of them is the function :clean: that doesn't exist,
according with the
php compiler:
session_start();
$authenticated = false;
// Clean the data collected from the user
$appUsername =
clean($HTTP_POST_VARS[formUsername], 10);
$appPassword =
clean($HTTP_POST_VARS[formPassword], 15);
Can someone tell me what is the prob? Where can I get
information for this
kind of script?
Thanks.
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
