I am trying to create a login for this moviesite exercise that I am working on. There are essentially three pages - a login page, an intermediary page that has a link to the movie info and then the movie info page. I can login to the intermediary page just fine, but for some reason when I click the link to go to the final page, I get a message (which I also created) denyting me access. So far as I can tell, it is coded properly...
Here is the code for the login page:
<?php
session_unset();
?>
<html>
<head>
<title>Please Log In</title>
</head>
<body>
<form method="post" action="movie1.php">
<p>Enter your username:
<input type="text" name="user">
</p>
<p>Enter your password:
<input type="password" name="pass">
</p>
<p>
<input type="submit" name="Submit" value="Submit">
</p>
</form>
</body>
</html>
Here is the code for the intermediary page:
<?php
session_start();
$_SESSION['username'] = $_POST['user'];
$_SESSION['userpass'] = $_POST['pass'];
$_SESSION['authuser'] = 0;
if (($_SESSION['username'] == 'Joe') and
($_SESSION['userpass'] == '12345'))
{
$_SESSION['authuser'] == 1;
}
else
{
echo "Sorry, but you don't have permission to access this page.";
exit();
}
?>
<html>
<head>
<title>Find my Favorite Movie!</title>
</head>
<body>
<?php
$_myfavmovie = urlencode("Madagascar");
echo "<a href='moviesite.php?favmovie=$myfavmovie'>";
echo "Click here to learn about my favorite movie!";
echo "</a>";
?>
</body>
</html>
And here is the code for the final page...
<?php
session_start();
if ($_SESSION['authuser'] !=1)
{
echo "Sorry, but you don't have permission to view this page.";
exit();
}
?>
<html>
<head>
<title>My Movie Site - <?php echo $_REQUEST['favmovie']; ?></title>
</head>
<body>
<?php
echo "Welcome to our site, ";
echo $_SESSION['username'];
echo "! <br>";
echo "My favorite movie is ";
echo $_REQUEST['favmovie'];
echo "<br>";
$movierate = 5;
echo "My movie rating for this movie is ";
echo $movierate;
?>
</body>
</html>
Thanks for your help!
Passing Variables with Login
