adam291086 Posted July 22, 2008 Share Posted July 22, 2008 I have created got this script that checks my database for the login details. It works when the user name is inputted. I want it to be able to check for the username or the domain name and use the password in both cases. But nothing happens when the domain is inputted. Here is the class code <?php class sentry { var $loggedin = false; // Boolean to store whether the user is logged in var $userdata; // Array to contain user's data function sentry(){ session_start(); header("Cache-control: private"); } function logout(){ unset($this->userdata); session_destroy(); return true; } // Log in, and either redirect to goodRedirect or badRedirect depending on success function checkLogin($user = '',$pass = '',$group = 10,$goodRedirect = '',$badRedirect = ''){ // Include database and validation classes, and create objects require_once('DbConnector.php'); $loginConnector = new DbConnector(); // If user is already logged in then check credentials if ($_SESSION['user'] && $_SESSION['pass']){ $getUser = $loginConnector->query("SELECT * FROM cmsusers WHERE user = '".$_SESSION['user']."' AND pass = '".$_SESSION['pass']."' AND thegroup <= ".$group.' AND enabled = 1'); if ($loginConnector->getNumRows($getUser) > 0){ // Existing user ok, continue if ($goodRedirect != '') { header("Location: ".$goodRedirect."?".strip_tags(session_id())) ; } return true; }else{ // Existing user not ok, logout $this->logout(); return false; } // User isn't logged in, check credentials }else{ // Look up user in DB $getUser = $loginConnector->query("SELECT * FROM cmsusers WHERE user = '$user' AND pass = PASSWORD('$pass') AND thegroup <= $group AND enabled = 1"); $this->userdata = $loginConnector->fetchArray($getUser); if ($loginConnector->getNumRows($getUser) > 0){ // Login OK, store session details // Log in $_SESSION["user"] = $user; $_SESSION["pass"] = $this->userdata['pass']; $_SESSION["thegroup"] = $this->userdata['thegroup']; if ($goodRedirect) { header("Location: ".$goodRedirect."?".strip_tags(session_id())) ; } return true; } if ($loginConnector->getNumRows($getUser) == 0){ $getUser = $loginConnector->query("SELECT * FROM cmsusers WHERE Domain = '$user' AND pass = PASSWORD('$pass') AND thegroup <= $group AND enabled = 1"); $this->userdata = $loginConnector->fetchArray($getUser); if ($loginConnector->getNumRows($getUser) > 0){ // Login OK, store session details // Log in $_SESSION["user"] = $user; $_SESSION["pass"] = $this->userdata['pass']; $_SESSION["thegroup"] = $this->userdata['thegroup']; if ($goodRedirect) { header("Location: ".$goodRedirect."?".strip_tags(session_id())) ; } return true; } } else{ // Login BAD unset($this->userdata); if ($badRedirect) { header("Location: ".$badRedirect) ; } return false; } } } } ?> and here is where i create an instance of the class [code]<?php require_once("../includes/Sentry.php"); $sentry = new Sentry(); if ($HTTP_POST_VARS['user'] != ''){ $sentry->checkLogin($HTTP_POST_VARS['user'],$HTTP_POST_VARS['pass'],4,'welcome.php','failed.php'); } if ($HTTP_GET_VARS['action'] == 'logout'){ if ($sentry->logout()){ echo '<center>You have been logged out</center><br>'; } } ?> [/code] Quote Link to comment https://forums.phpfreaks.com/topic/116067-solved-php-class-help/ Share on other sites More sharing options...
ignace Posted July 23, 2008 Share Posted July 23, 2008 if ($HTTP_POST_VARS['user'] != '' || $HTTP_POST_VARS['domain'] != '') { $user = $HTTP_POST_VARS['user'] ? $HTTP_POST_VARS['user'] : $HTTP_POST_VARS['domain']; $sentry->checkLogin($user, $HTTP_POST_VARS['.. Quote Link to comment https://forums.phpfreaks.com/topic/116067-solved-php-class-help/#findComment-597361 Share on other sites More sharing options...
adam291086 Posted July 23, 2008 Author Share Posted July 23, 2008 that not quiet what I'm after. There isn't two fields usernam and domain there's just one. So the user can enter either there domain or username into the field login name And a password. then the db is seach to try and find a match with either the username and password or the domain name and password Quote Link to comment https://forums.phpfreaks.com/topic/116067-solved-php-class-help/#findComment-597443 Share on other sites More sharing options...
ignace Posted July 23, 2008 Share Posted July 23, 2008 select * from clients where (username = "foo" or domain = "foo") and password = "bar" something along these lines then? Quote Link to comment https://forums.phpfreaks.com/topic/116067-solved-php-class-help/#findComment-597749 Share on other sites More sharing options...
adam291086 Posted July 23, 2008 Author Share Posted July 23, 2008 perfect thanks Quote Link to comment https://forums.phpfreaks.com/topic/116067-solved-php-class-help/#findComment-597867 Share on other sites More sharing options...
DarkWater Posted July 23, 2008 Share Posted July 23, 2008 Wait, may I ask why you're using PHP 4 OOP syntax (which is horridly deprecated and doesn't quite get the job done) and you're using $HTTP_POST_VARS instead of the appropriate superglobal, $_POST? Quote Link to comment https://forums.phpfreaks.com/topic/116067-solved-php-class-help/#findComment-597870 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.