DeanWhitehouse Posted April 22, 2008 Share Posted April 22, 2008 Can anyone see how to fix my login form. It now redirects striaght away. this is the code <?php require_once 'db_connect.php'; if ($_SESSION['is_valid'] == false){ if(isset($_POST['login'])){ $user_name = $_POST["user_name"]; $user_password = $_POST["user_password"]; $cookiename = forumcookie; $verify_username = strlen($user_name); $verify_pass = strlen($user_password); if ($verify_pass > 0 && $verify_username > 0) { $salt = substr($user_password, 0, 2); $userPswd = crypt($user_password, $salt); $sql = "SELECT * FROM `$user` WHERE user_name='$user_name' AND user_password='$userPswd' LIMIT 1;"; $result = mysql_query($sql); if (mysql_num_rows($result) == 1){ $row = mysql_fetch_assoc($result); $user_level = $row['userlevel']; if ($user_level == 1) { $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); if(isset($_POST['remember_me'])){ setcookie("$cookiename", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("$cookiename", $_SESSION['user_password'], time()+60*60*24*100, "/"); header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); } elseif ($user_level == 2){ $login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'")); $userright = array($login_check['user_name'], $login_check['userlevel']); $s_userpass = serialize($userpass); $_SESSION['username'] = $row['user_name']; $_SESSION['user_password'] = $row['user_password']; $_SESSION['user_level'] = $row['userlevel']; $_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files if(isset($_POST['remember_me'])){ setcookie("$cookiename", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("$cookiename", $_SESSION['user_password'], time()+60*60*24*100, "/"); header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); } else { header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); } } } else{ echo "Login failed. Username and Password did not match database entries."; } } else { echo "Form was not completed. Please go back and make sure that the form was fully completed."; } } ?> <html> <table bgcolor='#999999' align='right'><form action="<?php $_SERVER['PHP_SELF']; ?>" method='POST'> <tr><td>Username: </td><td><input type='text' name='user_name' /><br /></td></tr> <tr><td>Password:</td><td> <input type='password' name='user_password' /><br /></td></tr> <tr><td><input type="hidden" name="login" value="true"><input type="submit" value="Submit"></td></tr> <tr><td><input type="checkbox" value="1" name="remember_me"> Remember Me </td></tr><tr><td><a href="register.php">[Register]</a></td></tr><tr><td><a href="forgot_password.php">[Forgot Password?]</a></td></tr></table> </form> </html> <?php mysql_close(); } else { header("Location:http://".$_SERVER[HTTP_HOST]); } } ?> i added this if(isset($_POST['remember_me'])){ setcookie("$cookiename", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("$cookiename", $_SESSION['user_password'], time()+60*60*24*100, "/"); header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]); } for the remeber me feature Quote Link to comment Share on other sites More sharing options...
jonsjava Posted April 22, 2008 Share Posted April 22, 2008 I'm not seeing where you define $user is that in db_connect.php ? Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted April 22, 2008 Author Share Posted April 22, 2008 yer its in an include in the db_connect. It worked fine before i added the remember me Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted April 22, 2008 Author Share Posted April 22, 2008 anyone?? Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted April 22, 2008 Author Share Posted April 22, 2008 Anyideas accepted, i really want to finish it today. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.