halpernsiegel Posted October 31, 2008 Share Posted October 31, 2008 I am totally new to php/mysql and need help!!! I created a login and registration form (code below). Everything is working fine. However, I would like to store each user's individual login session (once it is validated) with the date and time of the session in a separate login table. I've created the table and even included a customer id field that is the same primary customer id field that is in the registration table. However, I am at a complete loss as to the code I need to use or where it goes to store the individual login session. (The code below doesn't include any code for this right now because everything I tried produced error messages.) I would appreciate it if someone could guide me with the code and where to place it! <?php /* Program: Loginformtesta.php * Desc: Script for the User Login * application. This is a double form- one form is for already registered logins, while the other form is for new registrants. */ ini_set("display_errors","on"); error_reporting(E_ALL | E_STRICT); ini_set("include_path","../../includes"); include("dbinfo.inc"); $table_name = "CustomerInfo"; date_default_timezone_set('America/New_York'); $today=date("Y-m-d h:i:s"); switch (@$_POST['Button']) { case "Login": $cxn = mysqli_connect($host,$user,$passwd,$dbname) or die("Can't connect"); $sql = "SELECT user_name FROM $table_name WHERE user_name='$_POST[fuser_name]'"; $result = mysqli_query($cxn,$sql) or die("Couldn't execute query 1"); $num = mysqli_num_rows($result); if($num == 1) { $sql = "SELECT user_name FROM $table_name WHERE user_name='$_POST[fuser_name]' AND password='$_POST[fpassword]'"; $result2 = mysqli_query($cxn,$sql) or die("Couldn't execute query 2."); $row = mysqli_fetch_assoc($result2); if($row) { $_SESSION['auth']="yes"; $_SESSION['logname'] = $_POST['fuser_name']; include("storedloga.inc"); } else { $message_1="The Login Name, '$_POST[fuser_name]' exists, but you have not entered the correct password! Please try again.<br>"; extract($_POST); include("arrays.inc"); include("logintest_form.inc"); } } elseif ($num == 0) // login name not found { $message_1 = "The User Name you entered does not match. Please try again.<br>"; include("arrays.inc"); include("logintest_form.inc"); } break; case "Register": /* Check for blanks */ foreach($_POST as $field => $value) { if ($field != "fax") { if ($value == "") { $blanks[] = $field; } } } if(isset($blanks)) { $message_2 = "The following fields are blank. Please enter the required information: "; foreach($blanks as $value) { $message_2 .="$value, "; } extract($_POST); include("arrays.inc"); include("logintest_form.inc"); exit(); } /* validate data */ foreach($_POST as $field => $value) if(!empty($value)) { if(eregi("name",$field) and !eregi("user",$field) and !eregi("log",$field)) { if (!ereg("^[A-Za-z' -]{1,50}$",$value)) { $errors[] = "$value is not a valid name."; } } if(eregi("street",$field)or eregi("addr",$field) or eregi("city",$field)) { if(!ereg("^[A-Za-z0-9.,' -]{1,50}$",$value)) { $errors[] = "$value is not a valid address or city."; } } if(eregi("state",$field)) { if(!ereg("[A-Za-z]",$value)) { $errors[] = "$value is not a valid state."; } } if(eregi("zip_code",$field)) { if(!ereg("^[0-9]{5,5}(\-[0-9]{4,4})?$",$value)) { $errors[] = "$value is not a valid zipcode."; } } if(eregi("phone",$field) or eregi("fax",$field)) { if(!ereg("^[0-9)(xX -]{7,20}$",$value)) { $errors[] = "$value is not a valid phone number. "; } } if(eregi("email",$field)) { if(!ereg("^.+@.+\\..+$",$value)) { $errors[] = "$value is not a valid email address."; } } } foreach($_POST as $field => $value) { if($field != "Button") { if($field == "password") { $password = strip_tags(trim($value)); } else { $fields[]=$field; $value = strip_tags(trim($value)); $values[] = addslashes($value); $$field = $value; } } } if(@is_array($errors)) { $message_2 = ""; foreach($errors as $value) { $message_2 .= $value." Please try again<br />"; } include("arrays.inc"); include("logintest_form.inc"); exit(); } $user_name = $_POST['user_name']; /* check to see if user name already exists */ $cxn = mysqli_connect($host,$user,$passwd,$dbname) or die("Can't connect"); $sql = "SELECT user_name FROM $table_name WHERE user_name='$user_name'"; $result = mysqli_query($cxn,$sql) or die("Couldn't execute query."); $num = mysqli_num_rows($result); if ($num > 0) { $message_2 = "$user_name belongs to someone else. Please choose another User Name."; include("arrays.inc"); include("logintest_form.inc"); exit(); } else { date_default_timezone_set('America/New_York'); $today=date("Y-m-d, hh:ii:ss"); $sql = "INSERT INTO $table_name (create_date,user_name,password,last_name,first_name,street,city,state,zip_code,phone,email,fax) VALUES('$today','$user_name','$password','$last_name','$first_name','$street','$city','$state','$zip_code','$phone','$email','$fax')"; mysqli_query($cxn,$sql) or die(mysqli_error($cxn)); $_SESSION['auth']="yes"; $_SESSION['logname'] = $user_name; include("storedreg.inc"); } break; default: include("arrays.inc"); include("logintest_form.inc"); } ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.