Hi all I hope this is an ok place to post this issue, i looked for a similar thread but didnt find one.

My issue concerns implementing the login and register system for my website.

my site is based on .php files, and I am using this line for including the menu, left, and right sides, as I only want the middle content of the page to change:

<?php include("includes/left.php"); ?>

however, because I want a static login box on the left side of the page, I tried cutting and pasting the login.php document from chapter one directly in my "left.php" document. then when i implemented the "register.php" and tried using the left, right, and nav includes, when I implemented

<?php include("includes/left.php"); ?> nothing would show up

so i removed the login.php code (figuring an include within the left include would be better form anyway) and it worked. Now, I have a new problem.

My left.php is in a subfolder "includes". my login is within "includes" in a subfolder named "public_files" (/includes/public_files/login.php)

my <?php include("public_files/login.php"); ?> returns errors stating it doesn't exist. I moved the login.php into the same folder as my "left.php", and it states "error can not find database scema. (i still need to set up the database, thats another issue for another time) the real issue is the rest of the page is missing... the navigation, the right, and all the content in "left.php"


you can see what i'm talking about here: http://www.guerrilla-gaming.com/
and the files are at: guerrilla-gaming.com/includes/left.php
the login.php: guerrilla-gaming.com/includes/public_files/login.php

I have NO idea what i'm doing wrong. google searches have told me nesting include statements should work fine. please help!!

thanks

ok now i've moved the login form to left.php and i'm using

<form action="<?php echo htmlspecialchars($_SERVER['public_files/login.php']); ?>?login"
method="post">

would this work?

Hi Ninjask,

login.php is designed to perform different task depending
upon what's passed into it on the query string.
If nothing is passed in on the query string then a form is
presented where the user can type in username and password.
If "login" is passed in on the query string then login.php
validates the user name and password, sets up a session, then
redirects the user to your main page upon success, or to
401.php upon failure.
If "logout" is passed then it unsets and destroys the session.

You can see this in the code on page 21.
At line 13, it checks to see if login was passed, and
if so, it does the validation process.
If you do not pass in login, the code goes to the else statement
on page 22, the fourth line down. here it checks if you have
passed in logout . If so, it processes the logout.
If you have not passed in logout, the code goes down to the
17th line on that page to generate the login form
Often a web site will have a link on the first page which says
login and that takes the user to the login page. In this
case you would pass nothing on the query string, which takes
you to the place in the file where the login form is presented.
This is what you want the first time through.

Now, when user enters their username and password, the action
takes them right back to the login page again, only this
time they have login in the query string. In other words,
you are actually exiting out of the login file, and then
coming right back into the login file a second time. This
second visit to the login file will be very different than
your first visit because you have the word login on your
query string. This takes you to that section we talked about
that does the validation. If you look at that section of
code carefully, you will see that you go to main.php when
login is valid, or go off to 401.php when the login does not
pass.

The login.php file is entered from other files as
well, such as 401.php and verify.php

I have taken a look at you code. It appears the validation
part of logging in has not been implemented yet, at least
when I looked at it, perhaps you are planning on adding it later.

Before the login validation can work you will need to setup your
database and User class. You will need to register the users
before you can log them in because login validation checks users against
the information in the database, and it is the registration process
which puts that information into the database.
You will need to do all of this before the login validation can get
to the last thing it does which is set up the session. The session is
essential to keeping out unauthorized users.

One approach you might consider is to get the login and
registration working as it is in the book. Then work on
integrating your stuff back into it. There were some mistakes
in Chapter 1, you may want to check the errata and this forum.

I hope this helps.

thank you for your response!

this has been immensely helpful