Jump to content

Archived

This topic is now archived and is closed to further replies.

chrismiska

User Login's and selecting recordsets

Recommended Posts

I have created a basic username and password log in screen, it connects to the database authenticates just fine. But I'm trying to select a record form the database based on who logged in to display with dynamic test for instance there names. Well everytime I do it, it displays nothing where it should display the users name. I know I need to filter the record set down to one record based on the username. Any suggestions? Below is the code I used for the log in screen, what am I missing?

LOGIN PAGE:

<?php require_once('Connections/UserLogIn.php'); ?>
<?php
// *** Start the session
if (!session_id()) session_start();
// *** Validate request to log in to this site.
$FF_LoginAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING']) && $HTTP_SERVER_VARS['QUERY_STRING']!="") $FF_LoginAction .= "?".htmlentities($HTTP_SERVER_VARS['QUERY_STRING']);
if (isset($HTTP_POST_VARS['IFIDCardName'])) {
$FF_valUsername=$HTTP_POST_VARS['IFIDCardName'];
$FF_valPassword=$HTTP_POST_VARS['IFIDCardPassword'];
$FF_fldUserAuthorization="Permissions";
$FF_redirectLoginSuccess="user/home.php";
$FF_redirectLoginFailed="fail.htm";
$FF_rsUser_Source="SELECT IFIDCardName, IFIDCardNamePassword ";
if ($FF_fldUserAuthorization != "") $FF_rsUser_Source .= "," . $FF_fldUserAuthorization;
$FF_rsUser_Source .= " FROM chathosts WHERE IFIDCardName='" . $FF_valUsername . "' AND IFIDCardNamePassword='" . $FF_valPassword . "'";
mysql_select_db($database_UserLogIn, $UserLogIn);
$FF_rsUser=mysql_query($FF_rsUser_Source, $UserLogIn) or die(mysql_error());
$row_FF_rsUser = mysql_fetch_assoc($FF_rsUser);
if(mysql_num_rows($FF_rsUser) > 0) {
// username and password match - this is a valid user
$MM_Username=$FF_valUsername;
session_register("MM_Username");
if ($FF_fldUserAuthorization != "") {
$MM_UserAuthorization=$row_FF_rsUser[$FF_fldUserAuthorization];
} else {
$MM_UserAuthorization="";
}
session_register("MM_UserAuthorization");
if (isset($HTTP_SESSION_VARS['priorUrl']) && false) {
$FF_redirectLoginSuccess = $HTTP_SESSION_VARS['priorUrl'];
}
mysql_free_result($FF_rsUser);
session_register("FF_login_failed");
$FF_login_failed = false;
header ("Location: $FF_redirectLoginSuccess");
exit;
}
mysql_free_result($FF_rsUser);
session_register("FF_login_failed");
$FF_login_failed = true;
header ("Location: $FF_redirectLoginFailed");
exit;
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Chathosts Only!</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="styles.css" rel="stylesheet" type="text/css">
</head>

<body>
<table width="800" border="0" cellspacing="2" cellpadding="2">
<tr>
<td colspan="3"><div align="center"><img src="images/header.jpg" width="800" height="170"></div></td>
</tr>
<tr>
<td width="25%">&nbsp;</td>
<td><div align="center"><br>
<br>
<br>
<table width="270" border="1" cellspacing="2" cellpadding="2">
<tr>
<td><div align="center" class="body">Please enter your ID Card Name to log in. </div></td>
</tr>
<tr>
<td><form action="<?php echo $FF_LoginAction?>" method="POST" name="UserLogin" id="UserLogin">
<table width="100%" border="0" cellspacing="0" cellpadding="2">
<tr>
<td width="50%" align="right" valign="middle" class="body">ID Card Name </td>
<td width="50%"><input name="IFIDCardName" type="text" class="body" id="IFIDCardName" value="<?php echo $_GET['IFIDCardName']; ?>" size="27" maxlength="16"></td>
</tr>
<tr>
<td width="50%" align="right" valign="middle">&nbsp;</td>
<td width="50%">&nbsp;</td>
</tr>
<tr>
<td width="50%" align="right" valign="middle" class="body">Password</td>
<td width="50%"><input name="IFIDCardPassword" type="password" class="body" id="IFIDCardPassword" size="27" maxlength="16"></td>
</tr>
</table>
<div align="center" class="body"><br>
<input type="submit" name="Submit" value="Log In">
<br>
<br>
<input type="checkbox" name="checkbox" value="checkbox">
Remember my ID Card Name.<br>
</div>
</form></td>
</tr>
<tr>
<td><div align="center" class="body">I forgot my ID Card Name or Password.</div></td>
</tr>
</table>
<br>
<br>
<br>
</div></td>
<td width="25%">&nbsp;</td>
</tr>
<tr>
<td colspan="3"><div align="center" class="footer">Copyright &copy; 2006 by Moonlight Enterprises<br>
Last Update: Monday, June 12th, 2006 </div></td>
</tr>
</table>
</body>
</html>

FIRST PAGE AFTER LOGIN:

<?php require_once('../Connections/UserLogIn.php'); ?>
<?php
// *** Logout the current user.
$FF_Logout = $HTTP_SERVER_VARS['PHP_SELF'] . "?FF_Logoutnow=1";
if (isset($HTTP_GET_VARS['FF_Logoutnow']) && $HTTP_GET_VARS['FF_Logoutnow']=="1") {
if (!session_id()) session_start();
session_unregister("MM_Username");
session_unregister("MM_UserAuthorization");
$FF_logoutRedirectPage = "../index.php";
// redirect with URL parameters (remove the "FF_Logoutnow" query param).
if ($FF_logoutRedirectPage == "") $FF_logoutRedirectPage = $HTTP_SERVER_VARS['PHP_SELF'];
if (!strpos($FF_logoutRedirectPage, "?") && $HTTP_SERVER_VARS['QUERY_STRING'] != "") {
$FF_newQS = "?";
reset ($HTTP_GET_VARS);
while (list ($key, $val) = each ($HTTP_GET_VARS)) {
if($key != "FF_Logoutnow"){
if (strlen($FF_newQS) > 1) $FF_newQS .= "&";
$FF_newQS .= $key . "=" . urlencode($val);
}
}
if (strlen($FF_newQS) > 1) $FF_logoutRedirectPage .= $FF_newQS;
}
header("Location: $FF_logoutRedirectPage");
exit;
}

// *** Restrict Access To Page: Grant or deny access to this page
$FF_authorizedUsers=" 0,1,2";
$FF_authFailedURL="../fail.htm";
$FF_grantAccess=0;
if (!session_id()) session_start();
if (isset($HTTP_SESSION_VARS['priorUrl'])) session_unregister("priorUrl");
if (isset($HTTP_SESSION_VARS["MM_Username"])) {
if (false || !(isset($HTTP_SESSION_VARS["MM_UserAuthorization"])) || $HTTP_SESSION_VARS["MM_UserAuthorization"]=="" || strpos($FF_authorizedUsers, $HTTP_SESSION_VARS["MM_UserAuthorization"])) {
$FF_grantAccess = 1;
}
}
if (!$FF_grantAccess) {
$priorUrl = "http://".$HTTP_SERVER_VARS['HTTP_HOST'].$HTTP_SERVER_VARS['SCRIPT_NAME'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING']) && $HTTP_SERVER_VARS['QUERY_STRING'] != "") $priorUrl .= "?".$HTTP_SERVER_VARS['QUERY_STRING'];
session_register("priorUrl");
$FF_qsChar = "?";
if (strpos($FF_authFailedURL, "?")) $FF_qsChar = "&";
$FF_referrer = "Restricted Area";
$FF_authFailedURL = $FF_authFailedURL . $FF_qsChar . "accessdenied=" . urlencode($FF_referrer);
header("Location: $FF_authFailedURL");
exit;
}

$colname_UserInformation = "1";
if (isset($_GET['IFIDCardName'])) {
$colname_UserInformation = (get_magic_quotes_gpc()) ? $_GET['IFIDCardName'] : addslashes($_GET['IFIDCardName']);
}
mysql_select_db($database_UserLogIn, $UserLogIn);
$query_UserInformation = sprintf("SELECT * FROM chathosts WHERE IFIDCardName = '%s'", $colname_UserInformation);
$UserInformation = mysql_query($query_UserInformation, $UserLogIn) or die(mysql_error());
$row_UserInformation = mysql_fetch_assoc($UserInformation);
$totalRows_UserInformation = mysql_num_rows($UserInformation);
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Chathosts Only!</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="../styles.css" rel="stylesheet" type="text/css">
</head>

<body>
<table width="800" border="0" cellpadding="2" cellspacing="0">
<tr>
<td colspan="3"><div align="center"><img src="../images/header.jpg" width="796" height="170"></div></td>
</tr>
<tr>
<td width="160" align="left" valign="top"><table width="160" border="1" cellpadding="2" cellspacing="0" bordercolor="#FF00FF">
<tr>
<td width="155" height="25" bgcolor="#FFCCFF" class="body"><strong>Home</strong></td>
</tr>
<tr>
<td height="25" bgcolor="#FFCCFF" class="body">Account Info</td>
</tr>
<tr>
<td height="25" bgcolor="#FFCCFF" class="body">Pay History</td>
</tr>
<tr>
<td height="25" bgcolor="#FFCCFF" class="body">Creat New Screenname</td>
</tr>
<tr>
<td height="25" bgcolor="#FFCCFF" class="body">ID Card Manager</td>
</tr>
<tr>
<td height="25" bgcolor="#FFCCFF" class="body">E-Mail Main Office</td>
</tr>
<tr>
<td height="25" bgcolor="#FFCCFF" class="body">E-Mail Fans</td>
</tr>
<tr>
<td height="25" bgcolor="#FFCCFF" class="body">Check E-Mail</td>
</tr>
<tr>
<td height="25" bgcolor="#FFCCFF" class="body"><a href="<?php echo $FF_Logout ?>">Log Out</a></td>
</tr>
</table></td>
<td width="470" align="left" valign="top" class="body">Welcome <?php echo $row_UserInformation['IFIDCardName']; ?></td>
<td width="160">&nbsp;</td>
</tr>
<tr>
<td colspan="3"><div align="center" class="footer">Copyright &copy; 2006 by Moonlight Enterprises<br>
Last Update: Monday, June 12th, 2006 </div></td>
</tr>
</table>
</body>
</html>
<?php
mysql_free_result($UserInformation);
?>

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.