Login System combined Template System = problems
Posted: Mon Apr 16, 2012 2:11 pm
Hello All,
i tried to combine the login system and the template system and get a bunch of errors, how can i fix it?
i tried to combine the login system and the template system and get a bunch of errors, how can i fix it?
but when i disable a few parts of the code, i get other error-msg instead of these, but it is not finished at all.310 (net::ERR_TOO_MANY_REDIRECTS):
.htaccessWarning: Cannot modify header information - headers already sent by (output started at /hp/cd/ac/bz/www/index.php:11) in /hp/cd/ac/bz/www/template/pages/login.page.inc.php on line 15
RewriteEngine On RewriteRule ^([a-zA-Z_]+)/?$ index.php?page=$1 [QSA]index.php
<?php include('template/init.inc.php');?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Name</title> <link rel="stylesheet" type="text/css" href="css/game/style.css"/> </head> <body> <div class="wrapper"> <ul> <li><a href="home">Home</a></li> <li><a href="login">Login</a></li> <li><a href="registrieren">Registrieren</a></li> </ul> <div class="content"> <?php include($include_file); ?> </div> </div> </body> </html>init.inc.php
<?php error_reporting(E_ALL); ini_set('display_errors', 1); ////////Login////////////////// @session_start(); $exeptions = array('registrieren', 'login'); $accesspage = substr(end(explode('/', $_SERVER['SCRIPT_NAME'])), 0, -4); if(in_array($accesspage, $exeptions) === FALSE){ if(isset($_SESSION['username']) === FALSE){ //header('Location: login'); //die("fehler"); } } mysql_connect('mysql3.1blu.de','s159243_1661146','hellsing12'); mysql_select_db('db159243x1661146'); $accesspath = dirname(__FILE__); include("{$accesspath}/pages/inc/user.inc.php"); ////////Templatesystem//////// if(empty($_GET['page'])){ header('Location: home'); die(); } $core_path = dirname(__FILE__); $pages = scandir("{$core_path}/pages"); unset($pages[0], $pages[1]); foreach($pages as &$page){ $page = substr($page, 0, strpos($page, '.')); } if(in_array($_GET['page'], $pages)){ $include_file = "{$core_path}/pages/{$_GET['page']}.page.inc.php"; }else{ $include_file = "{$core_path}/pages/home.page.inc.php"; } //////////////////////////// ?>registrieren.page.inc.php
<?php $errors = array(); if(isset($_POST['username'], $_POST['password'], $_POST['repeat_password'])){ if(empty($_POST['username'])){ $errors[] = 'The username cannot be empty.'; } if(empty($_POST['password']) || empty($_POST['repeat_password'])){ $errors[] = 'The password cannot be empty.'; } if($_POST['password'] !== $_POST['repeat_password']){ $errors[] = 'The Password verification failed.'; } if(user_exists($_POST['username'])){ $errors[] = 'The username is already taken.'; } if(empty($errors)){ add_user($_POST['username'], $_POST['password']); $_SESSION['username'] = htmlentities($_POST['username']); //header('Location: overview'); //die(); } } ?> <?php if(empty($errors) === false){ ?> <ul> <?php foreach($errors as $error){ echo "<li>{$error}</li>"; } ?> </ul> <?php } ?> <form action ="" method="POST"> <p> <label for="username">Username:</label> <input type="text" name="username" class="username" value="<?php if(isset($_POST['username'])) echo htmlentities($_POST['username']); ?>" /> </p> <p> <label for="password">Password:</label> <input type="password" name="password" class="password" /> </p> <p> <label for="repeat_password">Repeat Password:</label> <input type="password" name="repeat_password" class="repeat_password" /> </p> <p> <input type="submit" value="Register" /> </p> </form>overview.page.inc.php (the hidden area)
you are logged in as <?php echo $_SESSION['username']; ?> <a href="logout">Logout</a>logout.page.inc.php ( i removed the session_start(); at the top of the code )
you are logged in as <?php echo $_SESSION['username']; ?> <a href="logout">Logout</a>login.page.inc.php
<?php $errors = array(); if(isset($_POST['username'], $_POST['password'])){ if(empty($_POST['username'])){ $errors[] = 'The username cannot be empty'; } if(empty($_POST['password'])){ $errors[] = 'The password cannot be empty'; } if(valid_credentials($_POST['username'], $_POST['password']) === false){ $errors[] = 'Username / Password incorrect'; } if(empty($errors)){ $_SESSION['username'] = htmlentities($_POST['username']); header('Location: overview'); //die(); } } ?> <?php if(empty($errors) === false){ ?> <ul> <?php foreach($errors as $error){ echo "<li>{$error}</li>"; } ?> </ul> <?php } ?> <form action="" method="POST"> <p> <label for="username">Username:</label> <input type="text" name="username" class="username" /> </p> <p> <label for="password">Password:</label> <input type="password" name="password" class="password" /> </p> <p> <input type="submit" value="Login" /> </p> </form>user.in.php ( works fine )
<?php //check if the given username exists in the database function user_exists($user){ $user = mysql_real_escape_string($user); $total = mysql_query("SELECT COUNT(`ID`) FROM `users` WHERE `user_name` = '{$user}'"); return (mysql_result($total, 0) == '1') ? true : false; } //chech if the given username and password combination is valid function valid_credentials($user, $pass){ $user = mysql_real_escape_string($user); $pass = sha1($pass); $total = mysql_query("SELECT COUNT(`ID`) FROM `users` WHERE `user_name` = '{$user}' AND `user_password` = '{$pass}'"); return (mysql_result($total, 0) == '1') ? true : false; } //add the user to the database function add_user($user, $pass){ $user = mysql_real_escape_string(htmlentities($user)); $pass = sha1($pass); mysql_query("INSERT INTO `users` (`user_name`,`user_password`) VALUES ('{$user}', '{$pass}')"); } ?>thank you