Too Many Redirects With Login Session Example
Solution 1:
Session sometimes depending on your system and your code, will not work unless you have a session_id("sessionID")
, I used to have this problem too. it's a method and a way I used.
You also have a database clarified, when you already have one. With mysqli_connect()
you just put the database name at the end, which you have already done.
So what do you do about the sessions?
Well, I have my own solution that I have used.
<?php
// edit the `mysqli_connect` to your requirements.
$connect = mysqli_connect("host", "user", "password", "database");
// since you have the database already defined then you don't need to:
// mysqli_select_db();
// let's start the session, and get things going.
session_id("mainID"); // you can rename this if you want.
session_start();
// set the session `login` too: `false`, if the session hasn't been set yet.
if(!isset($_SESSION['login'])) {
$_SESSION['login'] = false;
}
// and this is pretty much your solution.
?>
And you may want to move to MySQLi OOP, (AKA) Object Oriented Programming. It's more reliable, but since your are using just regular MySQLi.
And as a little extra to help you out, I'll point out a couple things for you to check out.
Things to check for
- you'll want to check your .htaccess to make sure you aren't messing anything up.
- debug your code, like looking for closing brackets that are supposed to be there.
And here is some help on a login query:
<?php
if(isset($_POST['form'])) {
// username and password
// also if you want to make your password more secure, you can do a `sha1()`.
$user = mysqli_real_escape_string(strip_tags($_POST['username']));
$pass = mysqli_real_escape_string(strip_tags($_POST['password']));
$query = "SELECT * FROM accounts WHERE username='{$user}' AND
password='".sha1($pass)."' LIMIT 1";
// since you are not using OOP, I'll just do it this way.
$set = mysqli_query($query);
// basicly means:
// if the user's input username and password equal to a row,
// it will execute the code below.
if(mysqli_num_rows($set) === 1) {
// for safety reasons, NEVER, and
// I mean EVER, store passwords in sessions or cookies.
// People can get access to session and cookies,
// so do not rely on cookies or sessions for storing passwords.
$_SESSION['login'] = true;
$_SESSION['username'] = $user;
}
}
?>
NOTE: OOP is very good for securing, like bind_param()
, is great for user inputs, because it will tell the SQL statement what to expect. like string
or integer
.
Hope this helped!
Post a Comment for "Too Many Redirects With Login Session Example"