Help with check

blesseld · January 14, 2010

Hey,

Just creating a login for admins,

if administrator is 0 your not an admin otherwise if its 1 let em in.

here is my code,

I'm missing something, it just doesn't let me in even if administrator = 1

Thanks in advance

<?php
$sheet_name = "ad-member-login";
include ("../inc/crash-course-control.php"); //main inc dir.
include ("inc/ad-member-functions.php"); //users inc dir.
include ("inc/ad-member-header.php");
include ("../inc/login-top.php");
echo $content;

if (isset($_POST['username'])) {
    $username = sanitizeString($_POST['username']);
    $password = sanitizeString($_POST['password']);
    if ($username == "" || $password == "") {
        $error = "<div id=\"warning-box-login\"><center><p class=\"main-text\">Not all fields were entered.<br /><br /></p></center></div>";
    } else {
        $query = "SELECT username,password FROM adccmembers WHERE username = '$username' AND password = MD5('$password')";
        if (mysql_num_rows(queryMysql($query)) == 0) {
            $error = "<div id=\"warning-box-login\"><p class=\"main-text\">Username/Password invalid.<br /><br /></p></div>";
        } elseif ($query = "SELECT administrator FROM adccmembers WHERE username = '$username' AND administrator = '$administrator'")
            if (mysql_num_rows(queryMysql($query)) == 0) {
                $error1 = "<div id=\"warning-box-login\"><p class=\"main-text\">You are not an Administrator<br /><br /></p></div>";
            } else {
                $_SESSION['username'] = $username;
                $_SESSION['password'] = $password;
                header('Location: http://www.affiliatedeveloper.com/crash-course/index.php');
                die("");
            }
    }
}
echo <<< _END
<div id="login-box">
<div id="login-box-left">
	<center>
		<br />
		<h2>Welcome To The Members Area</h2>
		<br />
		<img src="http://www.affiliatedeveloper.com/images/login-logo.jpg" alt="Affiliate Developer" />
	</center>
</div>
<div id="login-box-right">
	<br />
	<center><p>Welcome to the Affiliate Developer Member Panel!</p></center>
	<br />
	<div class="user-login-form">
	<form method='post' action='ad-member-admin-login.php'>
		<ul class="single">
			<li><label>Username</label><input type='text' maxlength='16' name='username' value='$username' /></li>
			<li><label>Password</label><input type='password' maxlength='32' name='password' value='$password' /></li>
			<li><a href="ad-member-forgot-password.php">Forgot Password</a></li>
			<li><input type='submit' value='Login' /></li>
		</ul>
	</form>
	</div>
	<div class="clear"></div>
	$error
	$error1
</div>
</div>
_END;
include ("../inc/login-bot.php");
?>

blesseld · January 14, 2010

Ok, Been trying for a couple hours now

This is my login page that will check if there is a blank field, or if the User/Pass is wrong form the database

I have a column called administrator, by default it's 0, If I create an admin account it's 1

All I would like it to do is check that. I can either get it to not log me in at all, or it logs any user in.

Anyone?

<?php
$sheet_name = "ad-member-login";
include ("../inc/crash-course-control.php"); //main inc dir.
include ("inc/ad-member-functions.php"); //users inc dir.
include ("inc/ad-member-header.php");
include ("../inc/login-top.php");
echo $content;

if (isset($_POST['username'])) {
    $username = sanitizeString($_POST['username']);
    $password = sanitizeString($_POST['password']);
    if ($username == "" || $password == "") {
        $error = "<div id=\"warning-box-login\"><center><p class=\"main-text\">Not all fields were entered.<br /><br /></p></center></div>";
    } else {
        $query = "SELECT username,password FROM adccmembers WHERE username = '$username' AND password = MD5('$password')";
        if (mysql_num_rows(queryMysql($query)) == 0) {
            $error = "<div id=\"warning-box-login\"><p class=\"main-text\">User/Pass invalid<br /><br /></p></div>";
        } else {
                $_SESSION['username'] = $username;
                $_SESSION['password'] = $password;
                header('Location: http://www.affiliatedeveloper.com/crash-course/index.php');
                die("");
            }
        }
    }

echo <<< _END
<div id="login-box">
<div id="login-box-left">
	<center>
		<br />
		<h2>Welcome To The Members Area</h2>
		<br />
		<img src="http://www.affiliatedeveloper.com/images/login-logo.jpg" alt="Affiliate Developer" />
	</center>
</div>
<div id="login-box-right">
	<br />
	<center><p>Welcome to the Affiliate Developer Member Panel!</p></center>
	<br />
	<div class="user-login-form">
	<form method='post' action='ad-member-admin-login.php'>
		<ul class="single">
			<li><label>Username</label><input type='text' maxlength='16' name='username' value='$username' /></li>
			<li><label>Password</label><input type='password' maxlength='32' name='password' value='$password' /></li>
			<li><a href="ad-member-forgot-password.php">Forgot Password</a></li>
			<li><input type='submit' value='Login' /></li>
		</ul>
	</form>
	</div>
	<div class="clear"></div>
	$error
	$error1
</div>
</div>
_END;
include ("../inc/login-bot.php");
?>

Thanks

Sign In

Help with check

Recommended Posts

blesseld

Link to comment

Share on other sites

blesseld

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information