[SOLVED] Login php script with 3 items (Username,Password,Member Type)

[Rinxsona]

I want to make a login page using 3 variables ....Member type, Username and password. But i have problems in my code. Does Any one can help me?I am in urgent need. I will be very much great full if some one can help me.

 

In my Data Base

I have; Member_ID,Name,Password,Member_Type.

and in my form

Form name Usertype=Member_Type in database

Form name MemberCode=Member_ID in Database

Form name Password=Password in Database

I couldn't find the solution. Need your help please.

 

This is my code.

 

<?php 
// Connects to your Database 
mysql_connect("localhost", "root", "") or die(mysql_error()); 
mysql_select_db("kmsystem") or die(mysql_error()); 

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directes you to the members page
{ 
$UserType = $_COOKIE['ID_my_site'];
$MemberCode = $_COOKIE['Key_my_site']; 
$Password = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM memberlogin WHERE Member_ID = '$MemberCode'")or die(mysql_error());
while($info = mysql_fetch_array( $check )) 
{
if ($Password != $info['Password']) 
{
header("Location: ../HTML Files/Home.htm");
}
else
{
header("Location: Welcome.htm");
}

//if the login form is submitted
if (isset($_POST['Submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['MemberCode'] | !$_POST['Password']) {
die('You did not fill in a required field.');
}

// checks it against the database
if (!get_magic_quotes_gpc()) {
$_POST['Email_ID'] = addslashes($_POST['Email_ID']);
}
$check = mysql_query("SELECT * FROM memberlogin WHERE Member_ID = '".$_POST['MemberCode']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <br>Do Quick Guest Registration</a>');
}
while($info = mysql_fetch_array( $check )) 
{
$_POST['Password'] = stripslashes($_POST['Password']);
$info['Password'] = stripslashes($info['Password']);
$_POST['Password'] = md5($_POST['Password']);

//gives error if the password is wrong
if ($_POST['Password'] != $info['Password']) {
die('Incorrect password, please try again.');
}
else 
{ 

// if login is ok then we add a cookie 
$_POST['MemberCode'] = stripslashes($_POST['MemberCode']); 
$hour = time() + 3600; 
setcookie(ID_my_site, $_POST['MemberCode'], $hour); 
setcookie(Key_my_site, $_POST['Password'], $hour);	

//then redirect them to the members area 
header("Location: Welcome.htm"); 
} 
} 
} 
else 
{	
header("Location: ../HTML Files/Home.htm");
} 
<?php
}
?>

 

EDITTED BY WILDTEEN88: Please use code tags

when posting code

 

[attachment deleted by admin]

[Rinxsona]

  Quote

I want to make a login page using 3 variables ....Member type, Username and password. But i have problems in my code. Does Any one can help me?I am in urgent need. I will be very much great full if some one can help me.

 

In my Data Base

I have; Member_ID,Name,Password,Member_Type.

and in my form

Form name Usertype=Member_Type in database

Form name MemberCode=Member_ID in Database

Form name Password=Password in Database

I couldn't find the solution. Need your help please.

 

I counldn't direct to my member page...ie to welcome page even when i entered correct things in the forms. It is directly opening home page.

 

This is my code.

 

<?php 
// Connects to your Database 
mysql_connect("localhost", "root", "") or die(mysql_error()); 
mysql_select_db("kmsystem") or die(mysql_error()); 

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directes you to the members page
{ 
$UserType = $_COOKIE['ID_my_site']; 
$MemberCode = $_COOKIE['Key_my_site'];
$password = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM memberlogin WHERE Member_Type = '$UserType'")or die(mysql_error());
while($info = mysql_fetch_array( $check )) 
{
if (($MemberCode!=$info['Member_ID']) && ($password != $info['Password'])) 
{
}
else
{
header("Location: ../HTML Files/Welcome.htm");

}
}
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['MemberCode'] | !$_POST['password']) {
die('You did not fill in a required field.');
}

// checks it against the database

if (!get_magic_quotes_gpc()) {
$_POST['Email_ID'] = addslashes($_POST['Email_ID']);
}
$check = mysql_query("SELECT * FROM memberlogin WHERE Member_ID = '".$_POST['MemberCode']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=registration.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check )) 
{
$_POST['password'] = stripslashes($_POST['password']);
$info['Password'] = stripslashes($info['Password']);
$_POST['password'] = md5($_POST['password']);

//gives error if the password is wrong
if ($_POST['password'] != $info['Password']) {
die('Incorrect password, please try again.');
}
else 
{ 

// if login is ok then we add a cookie 
$_POST['MemberCode'] = stripslashes($_POST['MemberCode']); 
$hour = time() + 3600; 
setcookie(ID_my_site, $_POST['MemberCode'], $hour); 
setcookie(Key_my_site, $_POST['password'], $hour);	

//then redirect them to the members area 
header("Location: ../HTML Files/Welcome.htm"); 
} 
} 
} 
else 
{	
// if they are not logged in 
header("Location: ../HTML Files/Home.htm");  
} 
?>

 

EDITTED BY WILDTEEN88: Please use code tags

when posting code

[cooldude832]

Why would u need member type in the login for any reason beyond security?

 

Once they login you can query off that row for member type right?

[Rinxsona]

Hi cooldude832..thanks for your re.

You are right in one way but...my project is for many colleges ..i mean i am developing a Knowledge Management System for many colleges under single administrator. So...for every colleges there will be different type of users for which features and function of the website will be different. So i have to specified Member_Type in the login page itself in order to direct the member according to their member type rights.So i need Member_Type also.

I have modified the code but still i am having the problem.Plz' can you find it out and help me...!!

 

[cooldude832]

But you don't need member type because you can pull it off the database!

 

The only reason you would need that member type is if you needed to find their credentials based on that member type (which you don't)

 

 

The only working example of using this third "member type" var I know of that is useful is in phpmyadmin systems using multiple servers otherwise I don't see it being useful especially in your case.

 

 

example

<?php
$user = input_clean($_POST['user']);
$pass = md5($_POST['pass']);
$q = "
SELECT
users.UserID, 
users.AccountType
accounts.Homepage 

FROM `users`
LEFT JOIN accounts USING(AccountType)
WHERE Username = '".$user."' and Password = '".$pass."'";
$r = mysql_query($q) or die(mysql_error()."<br /><br />".$q);
if(mysql_num_rows($r) >0){
$row = mysql_fetch_assoc($r);
$_SESSION['UserData']['UserID'] = $row['UserID'];
$_SESSION['UserData']['AccountType'] = $row['AccountType'];
die(header("location: ".$row['Homepage']));
}
else{
#Invalid credentials
}
?>

 

I don't see the need for it when designed effectively

[Rinxsona]

Once more thank you very much cooldude832...for your time and re...i will try to follow your suggestion too.The problem i have right now is i have prepared the forms in that way and also many other javascripting functions are already being added...any way...i will always remember your suggestion.Thanks a lot...and also if you can find other simple php coding for login session using 3rd variable plz' let me know..

Thanks a lot

and Have a great time.