Login Management

[ublapach]

code to authentication page is

 

<?php
session_start();

$errorMessage = '';
if (isset($_POST['Submit'])) {
   
   $username=$_POST['username'];
   $passwd=$_POST['passwd'];
   
   include '../tracking/db_connx.php';

   $sql = "SELECT * FROM webusers WHERE username = '$username' AND passwd = '$passwd'" 
   
   or die("error 1");

   $result = mysql_query($sql)
             or die('Query failed. ' . mysql_error());

   if (mysql_num_rows($result) == 1) {

     echo"Loged In";

      
      /* UNCOMMENT THIS LATER
      
      $_SESSION['db_is_logged_in'] == true; 

      header('Location:../indexin.php');
      exit;
      
      */
   } else {
   
      $echo = 'Sorry, wrong user id / password';
   }

}
?>

 

 

code to check wheather your logged in or not

 

<?php
session_start();

// is the one accessing this page logged in or not?
if (!isset($_SESSION['db_is_logged_in'])
   || $_SESSION['db_is_logged_in'] !== true) {

   // not logged in, move to login page
   header('Location: indexlog.php');
   exit;
}

?>

[phpretard]

Make a new file and put this code and only this code in it...

 

Be sure --include '../tracking/db_connx.php';-- is still correct

 

 

<?php
session_start();

$errorMessage = '';

if (isset($_POST['Submit'])) {
   
   $username=$_POST['username'];
   $passwd=$_POST['passwd'];
   
   include '../tracking/db_connx.php';

   $sql = "SELECT * FROM webusers WHERE username = '$username' AND passwd = '$passwd'" 
   
   or die("error 1");

   $result = mysql_query($sql)
             or die('Query failed. ' . mysql_error());

   $count=mysql_num_rows($result);

     if($count==1){

     echo"Loged In";

      
      /* UNCOMMENT THIS LATER
      
      $_SESSION['db_is_logged_in'] == true; 

      header('Location:../indexin.php');
      exit;
      
      */
   } else {
   
      $echo = 'Sorry, wrong user id / password';
   }

}
?>
<p>
<form id="login" name="login" method="POST" action="">
<input type="text" id="username" name="username" value="User Name" />
<input type="password" id="passwd" name="passwd" value="Password"/>
<input type="submit" id="submit" name=Submit value="Log In"/>
</form>      
</p>

 

 

 

[BrianM]

just one more thing, please post your form as well.

[ublapach]

  <p>
              <form id="login" name="login" method="POST" action="login/authuser.php">
		    <input type="text" id="username" name="username" value="User Name" />
		    <input type="password" id="passwd" name="passwd" value="Password"/>
		    <input type="submit" id="submit" name="Submit" value="Log In"/>
	      </p>

[phpretard]

The onlt problem i saw was:

 

if (mysql_num_rows($result) == 1) {

 

Should be:

 

  $count=mysql_num_rows($result);

 

    if($count==1){

 

[BrianM]

it looks as though your trying to compare a boolean to a stored variable. lol

[phpretard]

That would be funny if I new what it meant. lol

[BrianM]

i'm saying that's what his problem is with the code... he's comparing a boolean to a stored variable lol.

[ublapach]

what does that mean

[ublapach]

and how to fix please

[phpretard]

Did you put that code on a new page?

[ublapach]

i put it in the same page just replace what i had there

[phpretard]

I set it up and it worked.  How about you?

[ublapach]

did you use the same code that i did

 

[BrianM]

if (isset($_POST['Submit']))
{
if ($_POST['username'] == $username && $_POST['passwd'] == $passwd)
{
	header("location: //wherever your main page is located");
}
else
{
	header("location: //location of your login page");
}
}

[ublapach]

where does this go i put it after  the database stuff and it says theres an error

Parse error: parse error, unexpected $ in /usr/home/jlytal/public_html/newsite/login/authuser.php on line 32

[BrianM]

paste your page with the new code i gave you exactly how you have it right now without changing anything.

[ublapach]

<?php
session_start();

$errorMessage = '';
if (isset($_POST['Submit'])) {
   
   $username=$_POST['username'];
   $passwd=$_POST['passwd'];
   
   include '../tracking/db_connx.php';

   $sql = "SELECT * FROM webusers WHERE username = '$username' AND passwd = '$passwd'" 
   
   or die("error 1");

   $result = mysql_query($sql)
             or die('Query failed. ' . mysql_error());

   $count=mysql_num_rows($result);

     if (isset($_POST['Submit']))
{
if ($_POST['username'] == $username && $_POST['passwd'] == $passwd)
{
	header("location: ../indexin.php");
}
else
{
	header("location: ../indexlog.php");
}
}
?>

[BrianM]

<?php
session_start();

$errorMessage = '';
if (isset($_POST['Submit']))
{
if ($_POST['username'] == $username && $_POST['passwd'] == $passwd)
{
	header("location: ../indexin.php");
}
else
{
	header("location: ../indexlog.php");
}
}
   
   include '../tracking/db_connx.php';

   $sql = "SELECT * FROM webusers WHERE username = '$username' AND passwd = '$passwd'" 

   $result = mysql_query($sql);

   $count=mysql_num_rows($result);

?>

[phpretard]

Hey BrianM,

 

Know anything about Multidimensional Arrays?

[ublapach]

does this check it against the database

[BrianM]

what do you need help with, phpretard?

[BrianM]

and yes, ublapach.

[ublapach]

still getting error

 

Notice: Undefined variable: username in /usr/home/jlytal/public_html/newsite/login/authuser.php on line 22

 

Notice: Undefined variable: passwd in /usr/home/jlytal/public_html/newsite/login/authuser.php on line 22

 

[ublapach]

i think i found out what the problem is the form isnt passing the variables username and passwd on to the auth page any ideas on how to fix this