ok im making a script so when some1 enters the correct username and password it redirects them to the a private page, however the privatepage is privated, ive got the login bit working so it redirects and wont redirect unless the correct username & pass is entered but the page i want private can be accessed without using the login system.

here is the page i want private

PHP Code:

<? 
session_start();
if(!session_is_registered(username)){
header("location:index.php");
}
?>
<!-- OmG haxzor, you shouldnt be looking at this. Im telling the police haha--> 
<html>
<head>
<title>RaNdoM sHiZ by bU1m3r.2008</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<!--Fireworks MX 2004 Dreamweaver MX 2004 target.  Created Fri Aug 29 13:17:13 GMT+0100 (GMT Daylight Time) 2008-->
<script language="JavaScript">
<!--
function MM_findObj(n, d) { //v4.01
  var p,i,x;  if(!d) d=document; if((p=n.indexOf("?"))>0&&parent.frames.length) {
    d=parent.frames[n.substring(p+1)].document; n=n.substring(0,p);}
  if(!(x=d[n])&&d.all) x=d.all[n]; for (i=0;!x&&i<d.forms.length;i++) x=d.forms[i][n];
  for(i=0;!x&&d.layers&&i<d.layers.length;i++) x=MM_findObj(n,d.layers[i].document);
  if(!x && d.getElementById) x=d.getElementById(n); return x;
}
function MM_swapImage() { //v3.0
  var i,j=0,x,a=MM_swapImage.arguments; document.MM_sr=new Array; for(i=0;i<(a.length-2);i+=3)
   if ((x=MM_findObj(a[i]))!=null){document.MM_sr[j++]=x; if(!x.oSrc) x.oSrc=x.src; x.src=a[i+2];}
}
function MM_swapImgRestore() { //v3.0
  var i,x,a=document.MM_sr; for(i=0;a&&i<a.length&&(x=a[i])&&x.oSrc;i++) x.src=x.oSrc;
}
function MM_preloadImages() { //v3.0
 var d=document; if(d.images){ if(!d.MM_p) d.MM_p=new Array();
   var i,j=d.MM_p.length,a=MM_preloadImages.arguments; for(i=0; i<a.length; i++)
   if (a[i].indexOf("#")!=0){ d.MM_p[j]=new Image; d.MM_p[j++].src=a[i];}}
}
//-->
</script>
<style type="text/css">
<!--
body {
 margin-left: 0px;
 margin-top: 0px;
}
-->
</style>
<link href="../../_stylesheet.css" rel="stylesheet" type="text/css">
</head>
<body bgcolor="#566876" onLoad="MM_preloadImages('../../images/index_r3_c3_f2.jpg','../../images/index_r3_c5_f2.jpg','../../images/index_r3_c7_f2.jpg','../../images/index_r3_c9_f2.jpg','../../images/index_r3_c11_f2.jpg')">
<table border="0" cellpadding="0" cellspacing="0" width="1024">
<!-- fwtable fwsrc="temp.png" fwbase="index.gif" fwstyle="Dreamweaver" fwdocid = "750890046" fwnested="0" -->
  <tr>
   <td><img src="../../images/spacer.gif" width="36" height="1" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="222" height="1" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="75" height="1" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="19" height="1" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="76" height="1" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="22" height="1" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="117" height="1" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="40" height="1" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="80" height="1" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="27" height="1" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="74" height="1" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="13" height="1" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="223" height="1" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="1" height="1" border="0" alt=""></td>
  </tr>
  <tr>
   <td colspan="13">&nbsp;</td>
   <td><img src="../../images/spacer.gif" width="1" height="32" border="0" alt=""></td>
  </tr>
  <tr>
   <td rowspan="8">&nbsp;</td>
   <td rowspan="2"><img name="index_r2_c2" src="../../images/index_r2_c2.jpg" width="222" height="83" border="0" alt=""></td>
   <td colspan="10"><img name="index_r2_c3" src="../../images/index_r2_c3.jpg" width="543" height="30" border="0" alt=""></td>
   <td rowspan="8">&nbsp;</td>
   <td><img src="../../images/spacer.gif" width="1" height="30" border="0" alt=""></td>
  </tr>
  <tr>
   <td><a href="../../index.php" onMouseOut="MM_swapImgRestore();" onMouseOver="MM_swapImage('index_r3_c3','','../../images/index_r3_c3_f2.jpg',1)"><img name="index_r3_c3" src="../../images/index_r3_c3.jpg" width="75" height="53" border="0" alt=""></a></td>
   <td><img name="index_r3_c4" src="../../images/index_r3_c4.jpg" width="19" height="53" border="0" alt=""></td>
   <td><a href="../../about.php" onMouseOut="MM_swapImgRestore();" onMouseOver="MM_swapImage('index_r3_c5','','../../images/index_r3_c5_f2.jpg',1)"><img name="index_r3_c5" src="../../images/index_r3_c5.jpg" width="76" height="53" border="0" alt=""></a></td>
   <td><img name="index_r3_c6" src="../../images/index_r3_c6.jpg" width="22" height="53" border="0" alt=""></td>
   <td><a href="../../computing.php" onMouseOut="MM_swapImgRestore();" onMouseOver="MM_swapImage('index_r3_c7','','../../images/index_r3_c7_f2.jpg',1)"><img name="index_r3_c7" src="../../images/index_r3_c7.jpg" width="117" height="53" border="0" alt=""></a></td>
   <td><img name="index_r3_c8" src="../../images/index_r3_c8.jpg" width="40" height="53" border="0" alt=""></td>
   <td><a href="../../design.php" onMouseOut="MM_swapImgRestore();" onMouseOver="MM_swapImage('index_r3_c9','','../../images/index_r3_c9_f2.jpg',1)"><img name="index_r3_c9" src="../../images/index_r3_c9.jpg" width="80" height="53" border="0" alt=""></a></td>
   <td><img name="index_r3_c10" src="../../images/index_r3_c10.jpg" width="27" height="53" border="0" alt=""></td>
   <td><a href="../../music.php" onMouseOut="MM_swapImgRestore();" onMouseOver="MM_swapImage('index_r3_c11','','../../images/index_r3_c11_f2.jpg',1)"><img name="index_r3_c11" src="../../images/index_r3_c11.jpg" width="74" height="53" border="0" alt=""></a></td>
   <td><img name="index_r3_c12" src="../../images/index_r3_c12.jpg" width="13" height="53" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="1" height="53" border="0" alt=""></td>
  </tr>
  <tr>
   <td colspan="11"><img name="index_r4_c2" src="../../images/index_r4_c2.jpg" width="765" height="29" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="1" height="29" border="0" alt=""></td>
  </tr>
  <tr>
   <td colspan="11"><img name="index_r5_c2" src="../../images/index_r5_c2.jpg" width="765" height="172" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="1" height="172" border="0" alt=""></td>
  </tr>
  <tr>
   <td colspan="11"><img name="index_r6_c2" src="../../images/index_r6_c2.jpg" width="765" height="43" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="1" height="43" border="0" alt=""></td>
  </tr>
  <tr>
   <td colspan="11" align="left" valign="top" background="../../images/index_r7_c2.jpg"><table width="100%"  border="0" cellspacing="2" cellpadding="3">
     <tr>
       <td width="99%">&nbsp;</td>
       <td width="1%">&nbsp;</td>
     </tr>
   </table></td>
   <td><img src="../../images/spacer.gif" width="1" height="342" border="0" alt=""></td>
  </tr>
  <tr>
   <td colspan="11"><img name="index_r8_c2" src="../../images/index_r8_c2.jpg" width="765" height="43" border="0" alt=""></td>
   <td><img src="../../images/spacer.gif" width="1" height="43" border="0" alt=""></td>
  </tr>
  <tr>
   <td colspan="11">&nbsp;</td>
   <td><img src="../../images/spacer.gif" width="1" height="24" border="0" alt=""></td>
  </tr>
</table>
</body>
</html>

here is the login script

PHP Code:

<?php
$username = $_POST['txtUsername'];
$password = $_POST['txtPassword'];
//check that the user is calling the page from the login form and not accessing it directly 
//and redirect back to the login form if necessary 
if (!isset($username) || !isset($password)) { 
header( "Location: music.php" ); 
} 
//check that the form fields are not empty, and redirect back to the login page if they are 
elseif (empty($username) || empty($password)) { 
header( "Location: music.php" ); 
} 
else
{ 
$username = stripslashes($username);
$password = stripslashes($password);
if ($username == "lilyGW" & $password == "jellybeans")
{
 session_start();
 session_register("username");
 header('Location: music/private/priv_song.php');
}
else
{
 echo "sorry you dont have access";
 header('Location: music.php');
}
}
?>

Use of session_register is deprecated and bad practice. You should be using the $_SESSION superglobal.

On you login script you should replace session register with $_SESSION['username']= $username;


and on the private page

PHP Code:

<? 
if (!isset($_SESSION)) {
  session_start();
}
if (!isset($_SESSION['username']) ){ 
  header("location:index.php");
}
?>

Another problem is in the last few lines of your php code. The header() function requires that no tet be sent to the browser before it is executed. This means that you can't redirect an unauthorized user and give them notification with php.

You may consider getting a more full-featured login script written by someone else. I'm using one that I found at evolt, here. It's quite handy and provides a good base to build the rest of your site on.

@maxxximus: Your avatar really had me fooled for a second. i was reaching out to squish it but then I realized it was an animation.

Yes, use $_SESSION variables.

to know if someone is loggin.

PHP Code:

if(isset($_SESSION['username']))
echo "He is loggin" ; 


From: http://myphpsource.blogspot.com/2008...-sessions.html