Php Auto login after register

[Unidentified]

I Need some help adding an auto login after user registered, here is my register script, Thank you

if (empty($_POST) === false) {
    $required_fields = array ('email', 'username', 'password', 'password_again', 'first_name', 'last_name');
    foreach ($_POST as $key=>$value) {
        if (empty($value) && in_array($key, $required_fields) === true) {
            $errors [] = 'ALL fields MUST be filled out correctly';
            break 1;
        }
    }
   
        if (empty($errors) === true) {
        if (user_exists($_POST['email']) === true) {
            $errors [] = 'Sorry, the email \'' . $_POST['email'] . '\' is already in use.';   
        }
                if (preg_match("/\\s/", $_POST['email']) == true) {
                $errors[] = 'Your email must not contain any spaces';
 
        }
                if (user_exists($_POST['username']) === true) {
            $errors [] = 'Sorry, the username \'' . $_POST['username'] . '\' is already in use.';   
        }
        if (preg_match("/\\s/", $_POST['username']) == true) {
                $errors[] = 'Your username must not contain any spaces';
 
        }
        if (strlen($_POST['password']) < 6)  {
        $errors[] = 'Your password must be in between 6-24 characters long';
        }
        if ($_POST['password'] !== $_POST ['password_again']) {
            $errors[] = 'Your passwords did not match';
        }
       
    }
}   
 
?>

 

[Weasel]

How do you secure your scripts with a check if someone is logged in? Can't do much without that.

 

[Unidentified]

Repeat that in english plz

 

[Weasel]

How do you check if someone is logged in.

 

[Unidentified]

How do you check if someone is logged in.

Shall I send u my Login Script?

 

[Sledmore]

A way to do it would be just start a session and redirect them to your desired page.

 

[Unidentified]

I tried that but it gave me a blank session :S

 

[Weasel]

Shall I send u my Login Script?

Yes. Just post it here.

 

[Unidentified]

if    (empty($_POST) === false) {
    $email = $_POST['email'];
    $password = $_POST['password'];
 
    if    (empty($email) === true || empty ($password) === true) {
        $errors[] = 'Please enter your valid email and password';
    } else if (user_exists($email) === false){
            $errors[] = 'Our records cannot find this email. are you sure you have registered?';
    } else {
        $login = login($email, $password);
            if ($login === false) {
            $errors[] = "This email/password combination is incorrect";
    } else {
        $_SESSION['id'] = $login;
        mysql_query("UPDATE `usersystem` SET `online` = '1' WHERE `id` = ".$_session['id']);
        header('Location: ?ref=profile');
        exit();
        }
    }
 
}
if (empty($errors) === false) {
echo output_errors($errors);
}
}
}

 

[Ecko]

Where's the rest of the register script? The part that inserts user data into the database?

 

[Weasel]

Original code

First of all, this looked horrible, so I re-wrote your log-in script:

if (isset($_POST['email']) && isset($_POST['password']))
{
$email = $_POST['email'];
$password = $_POST['password'];
}
if (empty($email) || empty($password))
{
$errors[] = 'Please enter your valid email and password';
}
else if (user_exists($email) === false)
{
$errors[] = 'Our records cannot find this email. Are you sure you have registered?';
} 
 
else
{
if (login($email, $password) === false) {
$errors[] = "This email/password combination is incorrect";
}
else
{
$_SESSION['id'] = login($email, $password);
mysql_query("UPDATE usersystem SET online = '1' WHERE id = '".$_SESSION['id']."'");
header('Location: ?ref=profile');
}
}
 
if (!empty($errors))
{
echo output_errors($errors);
}

Same for your register:

<?php
if (!empty($_POST))
{
    $required_fields = array ('email', 'username', 'password', 'password_again', 'first_name', 'last_name');
    foreach ($_POST as $key => $value)
{
        if (empty($value) && in_array($key, $required_fields))
{
            $errors[] = 'ALL fields MUST be filled out correctly';
            break 1;
        }
    }
   
if (empty($errors))
{
if (user_exists($_POST['email']) === true)
{
$errors [] = 'Sorry, the email \'' . $_POST['email'] . '\' is already in use.';   
}
if (preg_match("/\\s/", $_POST['email']) == true)
{
$errors[] = 'Your email must not contain any spaces';
}
if (user_exists($_POST['username']) === true)
{
$errors [] = 'Sorry, the username \'' . $_POST['username'] . '\' is already in use.';   
}
if (preg_match("/\\s/", $_POST['username']) === true)
{
$errors[] = 'Your username must not contain any spaces';
}
if (strlen($_POST['password']) < 6)
{
$errors[] = 'Your password must be in between 6-24 characters long';
}
if ($_POST['password'] !== $_POST ['password_again'])
{
$errors[] = 'Your passwords did not match';
}
}
} 
?>

However, like ecko said, where is the part where you insert the user into the database? I can't do much without that.