Halllo,
Ik ben bezig met een login systeem.Ik wil gebruikers niet opnieuw laten inloggen, en de handigste en veiligste manier hiervoor is $_SESSION, denk ik. Iedereen keer als ik de site herlaad zou ik dus nog ingelogd moeten zijn, maar helaas ben ik dan weer uitgelogd. Kan iemand mij helpen?
Dit is mijn script:
PHP
<?php
ignore_user_abort === FALSE;
include('config.php');
$password1 = htmlspecialchars($_POST['password'], ENT_QUOTES); // Encrypt wachtwoord.
$password = sha1(md5(hash('sha512',$password1)));
$username = htmlspecialchars($_POST['username'], ENT_QUOTES); // Gebruikt html specialchars om XSS exploit te voorkomen.
if (isset($_POST['login']) && $username !="" && $password != ""){
$controleer = mysql_query("SELECT * FROM `users` WHERE `username`='".mysql_real_escape_string($username)."' AND `password`='".mysql_real_escape_string($password)."' AND `admin`='1'") or die (mysql_error());
$admin = mysql_num_rows($controleer);
if ($admin == 1){
session_start();
session_regenerate_id (true); //Voorkomt session fixed attacks.
$_SESSION['usr_name'] = $username;
$naam = mysql_fetch_object($controleer);
}
}
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Crystal ACP</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<link href="style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div class="main">
<div class="blok_header">
<div class="header">
<div class="logo"> <a href="index.html"><img src="images/logo.gif" width="349" height="98" border="0" alt="logo" class="one" /></a> </div>
<div class="galeria">
<p><a href="#" class="thre"><img src="images/spacer.gif" alt="pisture" width="24" height="23" border="0" /></a> <a href="#" class="sek"><img src="images/spacer.gif" alt="pisture" width="24" height="23" border="0" /></a> <a href="#" class="first"><img src="images/spacer.gif" alt="pisture" width="24" height="23" border="0" /></a> </p>
</div>
</div>
<div class="clr"></div>
</div>
<?php
if (!isset($_SESSION['usr_name'])){ ?>
<div class="menu_resize_bg">
<div class="menu_resize">
<div class="menu">
<ul>
<li><a href="index.php"><span>User login</span></a></li>
<li><a href="show.html"><span>Features</span></a></li>
</ul>
</div>
<div class="clr"></div>
<div class="body_resize">
<div class="body">
<center>
<form method="post">
<b>This page is for Crystal Administrators only</b>
<br>
Username:<input type="textbox" name="username">
<br>
Password:<input type="password" name="password">
<br>
<input type="submit" value="login" name="login">
</div>
<div class="clr"></div>
</div>
<div class="clr"></div>
</div>
<? }
elseif (isset($_SESSION['usr_name'])){
?>
<div class="menu_resize_bg">
<div class="menu_resize">
<div class="menu">
<ul>
<li><a href="admin.php" class="active"><span>Users</span></a></li>
<li><a href="serial.php"><span>Creat serial</span></a></li>
</ul>
</div>
<div class="clr"></div>
<div class="body_resize">
<div class="body">
<form method="post">
<center>Welcome <?echo $_SESSION['usr_name'];?></center>
<table width="100%" cellspacing="2" cellpadding="2">
<tr><td>Username:</td><td>Serial:</td></tr>
<?php
$userstel = mysql_query("SELECT * FROM `users`");
while($userstellen = mysql_fetch_object($userstel)){ ?>
<tr>
<td><?if ($userstellen->admin >0){echo "<font color=red>";} echo $userstellen->username;if($userstellen->admin >0){echo "</font>";}?></td>
<td><? echo $userstellen->serial;?></td>
</tr>
<? }?>
</table>
<br /> <br /> <br />
</table>
<? } ?>
Toon Meer