ublapach Posted May 2, 2008 Share Posted May 2, 2008 <?php require_once "../tracking/db_connx.php"; session_start(); if (isset ($_POST['submit'])) { if (preg_match('/[!@#$%^&*()-+=`~<>,.?}{|]/', $_POST['username'])) { echo "Illegal Characters In Username"; } else { if (preg_match('/[!@#$%^&*()-+=`~<>,.?}{|]/', $_POST['passwd'])) { echo "Illegal Characters In Password"; } else { $username = $_POST['username']; $password = $_POST['passwd']; $sql = "SELECT * FROM webusers WHERE username='$username' AND passwd='$passwd'"; if ($r = mysql_query ($sql)) { $row = mysql_fetch_array ($r); $num = mysql_num_rows ($r); if ($num > 0) { @$_SESSION['username'] = $row['username']; @$_SESSION['fname'] = $row['fname']; @$_SESSION['lname'] = $row['lname']; @$_SESSION['email'] = $row['email']; @$_SESSION['accesslvl'] = $row['accesslvl']; @$_SESSION['logged_in'] = TRUE; $cookiename = 'ceiscorp.com'; $cookievalue=rand(100000,999999); $_SESSION['cookieverify'] = $cookievalue; setcookie($cookiename,$cookievalue,time()+3600,"/"); $today=date('r'); mysql_query("UPDATE webusers SET logged_in = '$today' WHERE username = '$username'") or die (mysql_error()); if($_SESSION['accesslvl'] = 'admin') { header("Location:../indexadmin.php"); exit; } else if($_SESSION['accesslvl'] = 'ceis') { header("Location:../indexceis.php"); exit; } else if($_SESSION['accesslvl'] = 'cust') { header("Location:../indexcust.php"); exit; } } else { @$_SESSION['problem'] ="Username or Password are Incorrect Please Try again"; header ('Location: ../indexlog.php'); exit; } } } } } ?> I have this to authenticate a user and send them to different pages based on user access level and this on the top of each page to check to see if the user is logged in <?php session_start(); if (isset($_COOKIE["ceiscorp.com"])) { if($_COOKIE['ceiscorp.com']==@$_SESSION['cookieverify']) { if($_SESSION['logged_in'] == TRUE) { header("Location: indexin.php"); } else{header("Location:indexlog.php");}//not logged in } else{header("Location:indexlog.php");}//validationfailed } else{header("Location:indexlog.php");} //nocookies ?> Link to comment https://forums.phpfreaks.com/topic/103891-will-this-work-for-a-login-system/ Share on other sites More sharing options...
revraz Posted May 2, 2008 Share Posted May 2, 2008 Test it and find out? Link to comment https://forums.phpfreaks.com/topic/103891-will-this-work-for-a-login-system/#findComment-531824 Share on other sites More sharing options...
ublapach Posted May 2, 2008 Author Share Posted May 2, 2008 it just goes back to the login page and i cant figure out why Link to comment https://forums.phpfreaks.com/topic/103891-will-this-work-for-a-login-system/#findComment-531827 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.