[SOLVED] Login Help Needed

[kaye079]

Hello all,

 

I've made a login script and everything works fine, registration, database and admin all work great, what I need to be able to do is -  when user logs in I need the data in stored in the db to be checked/verified and return with a statement

 

if unset "You have not filled in your information" - redirect to user info page, else redirect to index2.php

 

I have no idea how to do this so any hint in the right direction would be of great help

[jackpf]

What are you asking? I'm not entirely sure.

 

Data in the db to verified against what?

[kaye079]

Sorry not making myself clear!

 

User registers! and has the option to add his address, phone number etc on a seperate form.

 

Next time the user logs in the db needs to be checked to see if the user has filled his account details (eg, address, age, phone number) if they have not the user needs to be redirected to the form where they can fill the extra info, if the db contains the info for that user then the user needs to be redirected to a different page.

 

I hope this is clearer.

 

 

[premiso]

Do you have any code? It sounds like you want us to code this for you. Show us you at least put effort into trying or post in the Freelance section.

[AE117]

Sorry not making myself clear!

 

User registers! and has the option to add his address, phone number etc on a seperate form.

 

Next time the user logs in the db needs to be checked to see if the user has filled his account details (eg, address, age, phone number) if they have not the user needs to be redirected to the form where they can fill the extra info, if the db contains the info for that user then the user needs to be redirected to a different page.

 

I hope this is clearer.

 

So let me get this straight, You want a person to register without haveing to put in Address, age, phone etc.

 

But when they login to there account they need to fill in this information to continue to their homepage, correct??

[kaye079]

<?

include("database.php");

include("mailer.php");

include("form.php");

 

class Session

{

  var $username;   

  var $userid;     

  var $userlevel;   

  var $time;       

  var $logged_in;   

  var $userinfo = array(); 

  var $url;         

  var $referrer;   

 

  /* Class constructor */

  function Session(){

      $this->time = time();

      $this->startSession();

  }

 

 

  function startSession(){

      global $database;  //The database connection

      session_start();  //Tell PHP to start the session

 

      /* Determine if user is logged in */

      $this->logged_in = $this->checkLogin();

 

 

      if(!$this->logged_in){

        $this->username = $_SESSION['username'] = GUEST_NAME;

        $this->userlevel = GUEST_LEVEL;

        $database->addActiveGuest($_SERVER['REMOTE_ADDR'], $this->time);

      }

 

      else{

        $database->addActiveUser($this->username, $this->time);

      }

     

      $database->removeInactiveUsers();

      $database->removeInactiveGuests();

     

      if(isset($_SESSION['url'])){

        $this->referrer = $_SESSION['url'];

      }else{

        $this->referrer = "/";

      }

 

      /* Set current url */

      $this->url = $_SESSION['url'] = $_SERVER['PHP_SELF'];

  }

 

 

  function checkLogin(){

      global $database;  //The database connection

      /* Check if user has been remembered */

      if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookid'])){

        $this->username = $_SESSION['username'] = $_COOKIE['cookname'];

        $this->userid  = $_SESSION['userid']  = $_COOKIE['cookid'];

      }

 

      /* Username and userid have been set and not guest */

      if(isset($_SESSION['username']) && isset($_SESSION['userid']) &&

        $_SESSION['username'] != GUEST_NAME){

        /* Confirm that username and userid are valid */

        if($database->confirmUserID($_SESSION['username'], $_SESSION['userid']) != 0){

            /* Variables are incorrect, user not logged in */

            unset($_SESSION['username']);

            unset($_SESSION['userid']);

            return false;

        }

 

        /* User is logged in, set class variables */

        $this->userinfo  = $database->getUserInfo($_SESSION['username']);

        $this->username  = $this->userinfo['username'];

        $this->userid    = $this->userinfo['userid'];

        $this->userlevel = $this->userinfo['userlevel'];

        return true;

      }

      /* User not logged in */

      else{

        return false;

      }

  }

 

  /**

    * login

    */

  function login($subuser, $subpass, $subremember){

      global $database, $form;  //The database and form object

 

      /* Username error checking */

      $field = "user";  //Use field name for username

      if(!$subuser || strlen($subuser = trim($subuser)) == 0){

        $form->setError($field, "* Username not entered");

      }

      else{

        /* Check if username is not alphanumeric */

        if(!eregi("^([0-9a-z])*$", $subuser)){

            $form->setError($field, "* Username not alphanumeric");

        }

      }

 

      /* Password error checking */

      $field = "pass";  //Use field name for password

      if(!$subpass){

        $form->setError($field, "* Password not entered");

      }

     

      /* Return if form errors exist */

      if($form->num_errors > 0){

        return false;

      }

 

      $subuser = stripslashes($subuser);

      $result = $database->confirmUserPass($subuser, md5($subpass));

 

      if($result == 1){

        $field = "user";

        $form->setError($field, "* Username not found");

      }

      else if($result == 2){

        $field = "pass";

        $form->setError($field, "* Invalid password");

      }

     

      /* Return if form errors exist */

      if($form->num_errors > 0){

        return false;

      }

 

      $this->userinfo  = $database->getUserInfo($subuser);

      $this->username  = $_SESSION['username'] = $this->userinfo['username'];

      $this->userid    = $_SESSION['userid']  = $this->generateRandID();

      $this->userlevel = $this->userinfo['userlevel'];

     

      $database->updateUserField($this->username, "userid", $this->userid);

      $database->addActiveUser($this->username, $this->time);

      $database->removeActiveGuest($_SERVER['REMOTE_ADDR']);

 

 

      if($subremember){

        setcookie("cookname", $this->username, time()+COOKIE_EXPIRE, COOKIE_PATH);

        setcookie("cookid",  $this->userid,  time()+COOKIE_EXPIRE, COOKIE_PATH);

      }

 

      /* Login completed successfully */

      return true;

  }

 

  /**

    * logout

    */

  function logout(){

      global $database;  //The database connection

      /**

      * Delete cookies

      */

      if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookid'])){

        setcookie("cookname", "", time()-COOKIE_EXPIRE, COOKIE_PATH);

        setcookie("cookid",  "", time()-COOKIE_EXPIRE, COOKIE_PATH);

      }

 

      unset($_SESSION['username']);

      unset($_SESSION['userid']);

 

      $this->logged_in = false;

     

      $database->removeActiveUser($this->username);

      $database->addActiveGuest($_SERVER['REMOTE_ADDR'], $this->time);

     

      /* Set user level to guest */

      $this->username  = GUEST_NAME;

      $this->userlevel = GUEST_LEVEL;

  }

 

  /**

    * register

    */

  function register($subuser, $subpass, $subemail, $title, $forename, $surname, $street, $city, $county, $post_code, $phone_number){

      global $database, $form, $mailer;  //The database, form and mailer object

     

      /* Username error checking */

      $field = "user";  //Use field name for username

      if(!$subuser || strlen($subuser = trim($subuser)) == 0){

        $form->setError($field, "* Username not entered");

      }

      else{

        /* Spruce up username, check length */

        $subuser = stripslashes($subuser);

        if(strlen($subuser) < 5){

            $form->setError($field, "* Username below 5 characters");

        }

        else if(strlen($subuser) > 30){

            $form->setError($field, "* Username above 30 characters");

        }

 

        else if(!eregi("^([0-9a-z])+$", $subuser)){

            $form->setError($field, "* Username not alphanumeric");

        }

 

        else if(strcasecmp($subuser, GUEST_NAME) == 0){

            $form->setError($field, "* Username reserved word");

        }

 

        else if($database->usernameTaken($subuser)){

            $form->setError($field, "* Username already in use");

        }

 

        else if($database->usernameBanned($subuser)){

            $form->setError($field, "* Username banned");

        }

      }

 

      /* Password error checking */

      $field = "pass";  //Use field name for password

      if(!$subpass){

        $form->setError($field, "* Password not entered");

      }

      else{

 

        $subpass = stripslashes($subpass);

        if(strlen($subpass) < 4){

            $form->setError($field, "* Password too short");

        }

 

        else if(!eregi("^([0-9a-z])+$", ($subpass = trim($subpass)))){

            $form->setError($field, "* Password not alphanumeric");

        }

 

      }

     

      /* Email error checking */

      $field = "email";  //Use field name for email

      if(!$subemail || strlen($subemail = trim($subemail)) == 0){

        $form->setError($field, "* Email not entered");

      }

      else{

        /* Check if valid email address */

        $regex = "^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*"

                ."@[a-z0-9-]+(\.[a-z0-9-]{1,})*"

                ."\.([a-z]{2,}){1}$";

        if(!eregi($regex,$subemail)){

            $form->setError($field, "* Email invalid");

        }

        $subemail = stripslashes($subemail);

      }

 

      if($form->num_errors > 0){

        return 1;  //Errors with form

      }

 

      else{

        if($database->addNewUser($subuser, md5($subpass), $subemail, $title, $forename, $surname, $street, $city, $county, $post_code, $phone_number)){

            if(EMAIL_WELCOME){

              $mailer->sendWelcome($subuser,$subemail,$subpass);

            }

            return 0;  //New user added succesfully

        }else{

            return 2;  //Registration attempt failed

        }

      }

  }

 

  /**

    * editAccount

    */

  function editAccount($subcurpass, $subnewpass, $subemail, $title, $forename, $surname, $street, $city, $county, $post_code, $phone_number){

      global $database, $form;  //The database and form object

 

      if($subnewpass){

 

        $field = "curpass";  //Use field name for current password

        if(!$subcurpass){

            $form->setError($field, "* Current Password not entered");

        }

        else{

 

            $subcurpass = stripslashes($subcurpass);

            if(strlen($subcurpass) < 4 ||

              !eregi("^([0-9a-z])+$", ($subcurpass = trim($subcurpass)))){

              $form->setError($field, "* Current Password incorrect");

            }

            /* Password entered is incorrect */

            if($database->confirmUserPass($this->username,md5($subcurpass)) != 0){

              $form->setError($field, "* Current Password incorrect");

            }

        }

       

        /* New Password error checking */

        $field = "newpass";  //Use field name for new password

        /* Spruce up password and check length*/

        $subpass = stripslashes($subnewpass);

        if(strlen($subnewpass) < 4){

            $form->setError($field, "* New Password too short");

        }

        /* Check if password is not alphanumeric */

        else if(!eregi("^([0-9a-z])+$", ($subnewpass = trim($subnewpass)))){

            $form->setError($field, "* New Password not alphanumeric");

        }

      }

      /* Change password attempted */

      else if($subcurpass){

        /* New Password error reporting */

        $field = "newpass";  //Use field name for new password

        $form->setError($field, "* New Password not entered");

      }

     

      /* Email error checking */

      $field = "email";  //Use field name for email

      if($subemail && strlen($subemail = trim($subemail)) > 0){

        /* Check if valid email address */

        $regex = "^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*"

                ."@[a-z0-9-]+(\.[a-z0-9-]{1,})*"

                ."\.([a-z]{2,}){1}$";

        if(!eregi($regex,$subemail)){

            $form->setError($field, "* Email invalid");

        }

        $subemail = stripslashes($subemail);

      }

     

      /* Errors exist, have user correct them */

      if($form->num_errors > 0){

        return false;  //Errors with form

      }

     

      /* Update password since there were no errors */

      if($subcurpass && $subnewpass){

        $database->updateUserField($this->username,"password",md5($subnewpass));

      }

     

      /* Change Email */

      if($subemail){

        $database->updateUserField($this->username,"email",$subemail);

      }

 

  /* Change Info Fields */

      if($title){

        $database->updateUserField($this->username,"title",$title);

      }  

      if($forename){

        $database->updateUserField($this->username,"forename",$forename);

      }  

      if($surname){

        $database->updateUserField($this->username,"surname",$surname);

      }  

      if($street){

        $database->updateUserField($this->username,"street",$street);

      }  

      if($city){

        $database->updateUserField($this->username,"city",$city);

      }

  if($county){

        $database->updateUserField($this->username,"county",$county);

      }  

      if($post_code){

        $database->updateUserField($this->username,"post_code",$post_code);

      }  

      if($phone_number){

        $database->updateUserField($this->username,"phone_number",$phone_number);

      }  

 

      /* Success! */

 

      return true;

  }

 

  /**

    * isAdmin

    */

  function isAdmin(){

      return ($this->userlevel == ADMIN_LEVEL ||

              $this->username  == ADMIN_NAME);

  }

 

  /**

    * generateRandID

    */

  function generateRandID(){

      return md5($this->generateRandStr(16));

  }

 

  /**

    * generateRandStr

    */

  function generateRandStr($length){

      $randstr = "";

      for($i=0; $i<$length; $i++){

        $randnum = mt_rand(0,61);

        if($randnum < 10){

            $randstr .= chr($randnum+48);

        }else if($randnum < 36){

            $randstr .= chr($randnum+55);

        }else{

            $randstr .= chr($randnum+61);

        }

      }

      return $randstr;

  }

};

 

 

/**

* Initialize session object

*/

$session = new Session;

 

/* Initialize form object */

$form = new Form;

 

?>

[kaye079]

the user fills in their data on registration but I need them to fill out a section on "secret questions and answers" to retreive their password details incase they forget them. This "secret" section should only be seen IF they have not already filled them.

[laffin]

it sounds like a profile information page, if a user logs in and have no profile send them to the profile page.

 

U would need:

[*]profile view/edit page

[*]processing page

[*]Edit to login processing page, for redirect to profile page

[AE117]

I would use a simple if else statement

 

if ($value != "") {

 

header("Location: http://yourdomain.com");

}

else { $value == "") {

header("Location: http://yourdomain.com");

}

 

something like that

 

$value would be check the db table so it would need to be a mysql query

[jackpf]

I actually cba to read all that code, but this may suffice:

 

$sql = mysql_query("SELECT * FROM table WHERE username='whatever' AND field1!='' AND field2!=''"); //and so on...
if(mysql_num_rows($sql) == 0)
{
header('Location: profile.php');//or wherever.
}

[kaye079]

Thank you for your help jackpf and AE117! I just couldn't see where I was going wrong both solutions worked, thank you!