SUNIL16 Posted September 21, 2009 Share Posted September 21, 2009 Hi Friends, I am having a field user_activated in my table. I want to check whether it is active or not. once the user click on the activation link the user_activated becomes "1". I am using below code <?php require "config.php"; if ($_POST['Submit']=='Login') { $username = mysql_real_escape_string($_POST['uname']); $md5pass = md5($_POST['password']); $sql1 = mysql_query("SELECT user_activated FROM users WHERE username = '$username' AND password = '$md5pass'"); $checkactive = mysql_num_rows($sql1); if ($checkactive != 1) { header("Location: login.php?msg=Your account not active"); exit(); } else { $sql = "SELECT usersid,username FROM users WHERE username = '$username' AND password = '$md5pass' "; $result = mysql_query($sql) or die (mysql_error()); $num = mysql_num_rows($result); if ( $num != 0 ) { // A matching row was found - the user is authenticated. session_start(); list($user_id,$usernamel) = mysql_fetch_row($result); // this sets variables in the session $_SESSION['user']= $username; if (isset($_GET['ret']) && !empty($_GET['ret'])) { header("Location: $_GET[ret]"); } else { header("Location: myaccount.php"); } //echo "Logged in..."; exit(); } } header("Location: login.php?msg=Invalid Login"); echo "Error:"; exit(); } ?> here if the user not active if ($checkactive != 1) { header("Location: login.php?msg=Your account not active"); exit(); } this condition is not executing. where i went wrong please let me know. I want to display " user not active " if user_activated is other than 1. now this code showing invalid login only. Please help me out in this. Link to comment https://forums.phpfreaks.com/topic/174993-solved-in-login-script-to-check-user-activation/ Share on other sites More sharing options...
waynew Posted September 21, 2009 Share Posted September 21, 2009 Try this: <?php session_start(); require "config.php"; if (isset($_POST['Submit']) && $_POST['Submit']=='Login') { $username = mysql_real_escape_string($_POST['uname']); $md5pass = md5($_POST['password']); $sql1 = mysql_query("SELECT usersid,username,user_activated FROM users WHERE username = '$username' AND password = '$md5pass'") or trigger_error(mysql_error()); if(mysql_num_rows($sql1) != 1){ //Login details incorrect header("Location: login.php?msg=Invalid Login"); exit; } else{ list($user_id,$username,$is_active) = mysql_fetch_row($sql1); if($is_active == 0){ header("Location: login.php?msg=Your account not active"); exit; } //all good so far $_SESSION['user']= $username; if (isset($_GET['ret']) && !empty($_GET['ret'])){ header("Location: $_GET[ret]"); exit; } else{ header("Location: myaccount.php"); exit; } } } ?> Link to comment https://forums.phpfreaks.com/topic/174993-solved-in-login-script-to-check-user-activation/#findComment-922281 Share on other sites More sharing options...
ozestretch Posted September 21, 2009 Share Posted September 21, 2009 Food for thought... header("Location: login.php?msg=Your account not active"); exit(); Although nothing serious, placing exit(); after header is pointless. header("Location: login.php?msg=Invalid Login"); echo "Error:"; exit(); Like using exit(); after a header output, echo will not work either as the script has exited to load the "location" in the header call Link to comment https://forums.phpfreaks.com/topic/174993-solved-in-login-script-to-check-user-activation/#findComment-922284 Share on other sites More sharing options...
waynew Posted September 21, 2009 Share Posted September 21, 2009 Although nothing serious, placing exit(); after header is pointless. I wouldn't agree with that. If two conditional statements that both cause a redirect are proved true, things can get messy. Plus; I'm pretty sure I heard somebody on this forum talk about the ability to stop a browser from noting a redirect. Link to comment https://forums.phpfreaks.com/topic/174993-solved-in-login-script-to-check-user-activation/#findComment-922290 Share on other sites More sharing options...
trq Posted September 21, 2009 Share Posted September 21, 2009 Although nothing serious, placing exit(); after header is pointless. To be safe, exit() should always be called after a redirect. Your script will continue to execute otherwise and may result in things you don't want happening being executed. Link to comment https://forums.phpfreaks.com/topic/174993-solved-in-login-script-to-check-user-activation/#findComment-922296 Share on other sites More sharing options...
ozestretch Posted September 21, 2009 Share Posted September 21, 2009 thorpe waynewex, 4 months ago I stopped using it like that because someone (I thought knew a heck of a lot more about php) told me not to bother. After seeing how you answer/respond to forum posts for help here, I am taking your words over his (sorry nameless) and going back to my old ways. This only hours after reading on phpfreaks my opinion is program for the worst, hope for the best. I guess that is the logic in still using exit() as mentioned. Link to comment https://forums.phpfreaks.com/topic/174993-solved-in-login-script-to-check-user-activation/#findComment-922310 Share on other sites More sharing options...
SUNIL16 Posted September 21, 2009 Author Share Posted September 21, 2009 Hi thorpe waynewex, Thanks for your response. Its working nice. Thank you all for your conversation. to be safer i continue using exit after header. Link to comment https://forums.phpfreaks.com/topic/174993-solved-in-login-script-to-check-user-activation/#findComment-922389 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.