Creating a login system using php/cookies

Question

I'm really struggling with this if anyone doesn't mind helping me. I'm definitely no php master this is showing for sure!

I'm trying to make a log in system using php/sessions/cookies etc, all I seem to get so far is an error whenever I try to log in (It's meant to log in then basically say Hello "User" along with a log out button. I'll try attach/reduce what I can.

Thanks in advance!

index.php(main log in page with log in button)

<?php
include('includes/sessions.inc.php');
?>
<?php 
        /////////////////////////// conditional includes here
        if(isset($_SESSION['login'])){
            include('includes/session-logout.inc.php');
        }else{
            include('includes/session-login.inc.php');
        }
?>

session-login.php

<div id="login">
<?php 
error_reporting(E_ALL|E_STRICT); ini_set('display_errors', true);

if($_SESSION['count'] > 0 && $_SESSION['count'] <= 3 ){
echo "<p class=\"error\">Sorry incorrect</p>";
}
if($_SESSION['count'] > 3){
    echo "<p class=\"error\">Too many attempts</p>";
}else{
// don't forget to close this with } after the HTML form
?>

<form id="loginForm" name="loginForm" method="post" action="logic/checklogin.php">

              <label for="username">Username</label>
              <input name="username" type="text" id="username">
              <label for="password">Password</label>
              <input name="password" type="password" id="password">
              <input type="submit" name="Submit" value="Login">
</form>
<?php 
}

?>
</div>

sessions.inc.php

<!doctype html><?php
////////////////////// START SESSION HERE ///////////////////////////
session_set_cookie_params(0, '/~b4019635', 'homepages.shu.ac.uk', 1, 1);
session_start();
?></html>

checklogin.php

<?php
error_reporting(E_ALL|E_STRICT); ini_set('display_errors', true);
// check login and create SESSION and count attempts
include('../includes/sessions.inc.php');
//check login / password combination
if ($_POST['username'] == "admin" && $_POST['password'] == "letmein"){
$_SESSION['login'] = 1;
}else{
 if(!isset($_SESSION['count'])){

    // first fail
    $_SESSION['count'] = 1;
    }else{
    // 2nd or more fail
    $_SESSION['count']++;
    }
}


// redirect browser
header("Location: ".$_SERVER['HTTP_REFERER']);
?>

I feel like session_start(); has something to do with it as in the inspector the cookie isn't be created?

^ This ^duplicate^ link to a minimal learning php user is absolute nonsense. — John B, Jan 30 '16 at 00:08

score 0 · Accepted Answer · answered Jan 29 '16 at 09:38

0

place the session_start(); before the <!doctype html> tag. Ensure that there is no other output before it.

answered Jan 29 '16 at 09:38

Ivan Bauer

65
8

Thank you! So bloody simple as well! – John B Jan 29 '16 at 10:35

Creating a login system using php/cookies

1 Answers1