I am using the "PHP 6 fast & easy web development" book and have all of the scripts working correctly, but one; the log-in and authenticate scripts. They are listed below. Whether I fill in the blanks or not, the page does not change; will not forward to the correct page, nor display an error message.
The two variables are "id" and "password" along with several others. I can add, modify and delete users, as well as perform sort/selects against the MySQL DB.
This project is being developed on a MacBook, with PHP5 and MySQL 5 with Apache2.
Any help greatly appreciated!
Thanks in advance,
Ralph
------------------
show_login.html -
<HTML>
<HEAD>
<TITLE>Login</TITLE>
</HEAD>
<BODY>
<H1>Login to Secret Area</H1>
<FORM METHOD="POST" ACTION="do_authuser.php">
<P><STRONG>Employee ID #:</STRONG><BR>
<INPUT TYPE="text" NAME="id" SIZE=25 MAXLENGTH=25></p>
<P><STRONG>Password:</STRONG><BR>
<INPUT TYPE="password" NAME="password" SIZE=25 MAXLENGTH=25></p>
<P><INPUT TYPE="SUBMIT" NAME="submit" VALUE="Login"></P>
</FORM>
</BODY>
</HTML>
----------------------
do_authuser.php -
<?
//check for required fields
if ((!$_POST[id]) || (!$_POST[password])) {
header("Location: show_login.html");
exit;
}
//setup names of database and table to use
$db_name = "fto";
$table_name = "test_new";
//connect to server and select database
$connection = @mysql_connect("127.0.0.1", "user", "xxxxxx")
or die(mysql_error());
$db = @mysql_select_db($db_name, $connection) or die(mysql_error());
//build and issue query
$sql = "SELECT * FROM $table_name WHERE
id = '$_POST[id]' AND password = password('$_POST[password]')";
$result = @mysql_query($sql) or die (mysql_error());
//get the number of rows in the result set
$num = mysql_numrows($result);
//print a message and set a cookie if authorized,
//or redirect elsewhere if unauthorized
if ($num != 0) {
$cookie_name = "auth";
$cookie_value = "ok";
$cookie_expire = "0";
$cookie_domain = "127.0.0.1";
setcookie($cookie_name, $cookie_value, $cookie_expire,
"/" , $cookie_domain, 0);
$display_block = "
<p><strong>Secret Menu:</strong></p>
<ul>
<li><a href=\"secretA.php\">secret page A</a>
<li><a href=\"secretB.php\">secret page B</a>
</ul>";
} else {
header("Location: show_login.html");
exit;
}
?>
<HTML>
<HEAD>
<TITLE>Secret Area</TITLE>
</HEAD>
<BODY>
<? echo "$display_block"; ?>
</BODY>
</HTML>