Jump to content

How to store login session in login table?


halpernsiegel

Recommended Posts

I am totally new to php/mysql and need help!!!

 

I created a login and registration form (code below). Everything is working fine. However, I would like to store each user's individual login session (once it is validated) with the date and time of the session in a separate login table. I've created the table and even included a customer id field that is the same primary customer id field that is in the registration table. However, I am at a complete loss as to the code I need to use or where it goes to store the individual login session. (The code below doesn't include any code for this right now because everything I tried produced error messages.) I would appreciate it if someone could guide me with the code and where to place it!

 

 

 

<?php

/* Program: Loginformtesta.php

* Desc:    Script for the User Login

*          application. This is a double form- one form is for already registered logins, while the other form is for new registrants.

*/

   

 

ini_set("display_errors","on");

error_reporting(E_ALL | E_STRICT);

ini_set("include_path","../../includes");

include("dbinfo.inc");

 

                         

 

  $table_name = "CustomerInfo";                             

 

  date_default_timezone_set('America/New_York');

$today=date("Y-m-d h:i:s");

 

  switch (@$_POST['Button'])                           

  {

    case "Login":                                       

      $cxn = mysqli_connect($host,$user,$passwd,$dbname) or die("Can't connect");

 

  $sql = "SELECT user_name FROM $table_name

              WHERE user_name='$_POST[fuser_name]'";     

      $result = mysqli_query($cxn,$sql)

                  or die("Couldn't execute query 1");   

      $num = mysqli_num_rows($result);

      if($num == 1)                                     

      {

        $sql = "SELECT user_name FROM $table_name

                WHERE user_name='$_POST[fuser_name]'

                AND password='$_POST[fpassword]'";

        $result2 = mysqli_query($cxn,$sql)

                  or die("Couldn't execute query 2."); 

        $row = mysqli_fetch_assoc($result2);           

        if($row) 

{

 

     

        $_SESSION['auth']="yes";                       

        $_SESSION['logname'] = $_POST['fuser_name'];

           

        include("storedloga.inc");

}

 

         

else                                           

        {

          $message_1="The Login Name, '$_POST[fuser_name]'

                  exists, but you have not entered the

                  correct password! Please try again.<br>";

          extract($_POST);

          include("arrays.inc");

          include("logintest_form.inc");

            }                                     

          }                                 

      elseif ($num == 0)  // login name not found       

      {

        $message_1 = "The User Name you entered does not

                      match. Please try again.<br>";

        include("arrays.inc");

        include("logintest_form.inc");

      }

 

 

    break;                                             

    case "Register":                                   

      /* Check for blanks */

      foreach($_POST as $field => $value)               

      {

        if ($field != "fax")

        {

          if ($value == "")

          {

              $blanks[] = $field;

          }

        }

      }                                                 

      if(isset($blanks))                               

      {

          $message_2 = "The following fields are blank.

                Please enter the required information:  ";

          foreach($blanks as $value)

          {

            $message_2 .="$value, ";

          }

          extract($_POST);

          include("arrays.inc");

          include("logintest_form.inc");

          exit();

      }                                                 

      /* validate data */

      foreach($_POST as $field => $value)               

     

        if(!empty($value))                             

        {

          if(eregi("name",$field) and

            !eregi("user",$field) and !eregi("log",$field))

          {

            if (!ereg("^[A-Za-z' -]{1,50}$",$value))

            {

                $errors[] = "$value is not a valid name.";

            }

          }

          if(eregi("street",$field)or eregi("addr",$field) or

            eregi("city",$field))

          {

            if(!ereg("^[A-Za-z0-9.,' -]{1,50}$",$value))

            {

                $errors[] = "$value is not a valid address

                              or city.";

            }

          }

          if(eregi("state",$field))

          {

            if(!ereg("[A-Za-z]",$value))

            {

                $errors[] = "$value is not a valid state.";

            }

          }

          if(eregi("zip_code",$field))

          {

            if(!ereg("^[0-9]{5,5}(\-[0-9]{4,4})?$",$value))

            {

                $errors[] = "$value is not a valid zipcode.";

  }

  }

  if(eregi("phone",$field) or eregi("fax",$field))

          {

            if(!ereg("^[0-9)(xX -]{7,20}$",$value))

            {

                $errors[] = "$value is not a valid phone

                            number. ";

  }

          }

  if(eregi("email",$field))

          {

            if(!ereg("^.+@.+\\..+$",$value))

            {

                $errors[] = "$value is not a valid email

                            address.";

           

            }

          }

        }                                             

     

      foreach($_POST as $field => $value)             

      {

        if($field != "Button")

        {

          if($field == "password")

          {

              $password = strip_tags(trim($value));

          }

          else

          {

              $fields[]=$field;

              $value = strip_tags(trim($value));

              $values[] = addslashes($value);

              $$field = $value;               

          }

        }

      }

      if(@is_array($errors))                           

      {

        $message_2 = "";

        foreach($errors as $value)

        {

          $message_2 .= $value." Please try again<br />";

        }

        include("arrays.inc");

        include("logintest_form.inc");

        exit();

      }

      $user_name = $_POST['user_name'];                                               

 

      /* check to see if user name already exists */

      $cxn = mysqli_connect($host,$user,$passwd,$dbname) or die("Can't connect");

      $sql = "SELECT user_name FROM $table_name

                WHERE user_name='$user_name'";

      $result = mysqli_query($cxn,$sql)

                or die("Couldn't execute query.");

      $num = mysqli_num_rows($result);                 

      if ($num > 0)                                   

      {

        $message_2 = "$user_name belongs to someone else. Please choose another

                        User Name.";

        include("arrays.inc");

        include("logintest_form.inc");

        exit();

      }

      else                                             

      { 

        date_default_timezone_set('America/New_York');

$today=date("Y-m-d, hh:ii:ss");

                     

       

        $sql = "INSERT INTO $table_name (create_date,user_name,password,last_name,first_name,street,city,state,zip_code,phone,email,fax) VALUES('$today','$user_name','$password','$last_name','$first_name','$street','$city','$state','$zip_code','$phone','$email','$fax')";

        mysqli_query($cxn,$sql) or die(mysqli_error($cxn));               

        $_SESSION['auth']="yes";                       

        $_SESSION['logname'] = $user_name;             

        include("storedreg.inc");

}

 

    break;                                             

 

 

 

    default:                                           

          include("arrays.inc");

          include("logintest_form.inc");

  }

?>

 

 

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.