I created a login.php page that redirects users to the membership area, which is a protected folder, so after they login on the login.php page, they are prompted again for their login info on the index.php of the protected directory. So, the user has to enter their login info 2 times, once on the login.php page and then again when they enter the protected directory. What's the code for the protected directory page that will recognize the user's info after they login on the login.php page, non protected area of the site? I used this code initially on in the protected directory index.php but it's still prompting users to login again. <?php if ($au=$_SESSION['_amember_user']){ // user is logged-in print "Hello $au[name_f] $au[name_l]!<br>"; } else { // user is not logged-in print "<form method=post action='/amember/login.php'> Username: <input type=text name=amember_login size=10><br> Password: <input type=password name=amember_pass size=10><br> <input type=submit value='Login'> </form>"; } ?> Thanks, SonHouse
Put what after the <?php session_start(); ?> ? I have this at the top of the page... <?php session_start(); ?> Is that in the wrong place? Thanks for your help.
Thanks David...i think I figured it out...put the session_start(); ?> right after that particular code? Seems to be working. Thanks again!
No. session_start code should be at the top of the file where you use session variables. make sure that you always use the same domain name in urls. www.domain.com and domain.com are different domain names.
I have the same problem with the login.php redirecting to a protected folder cause the user to login 2 times - once at login.php and the second at the .htaccess login. My site in the protected folder are all .htm files. Is there a way to prevent 2 logins? Or do I need to redesign my site in the protected folder to be php and use sessions as previously described in this thread? Thanks ~kcarey ________ GYRO
Are you logging in at a www and then redirecting to a non-www? Are you using relative redirect? ( /newdirectory vs. site.com/newdirectory) David
kcarey, I believe you use htpasswd protection to protect content, change it to new_rewrite user's will not be asked to login twice.
Thanks for the replies. Alex - you are correct about htpasswd. Unfortunately, the server that hosts our site does not allow new_rewrite. I will likely either move to another server/hosting service or change the protected directory to php files. Thanks again, ~kcarey ________ Ritalin Rehab Dicussion
I'm having the same issue, the user is being asked to login twice. When I cleared cache on my machine it started happening again. You said "I believe you use htpasswd protection to protect content, change it to new_rewrite user's will not be asked to login twice." how do I use htpasswd and new_rewrite? I originally protected the directory when setting up amember. Is that right?