Jump to content

one login form 2 tables


fife

Recommended Posts

Right I'm going to try and explain what i'm trying to do and i'll post the code i have at the bottom.  Whatever I do I seem to get a new error and I can't get any closer to getting the script right!!!  I give up myself.  There's only so much one man can take!!!!!!!

 

I have a database with two table.   

 

Members

owners

 

Both tables have the same fields for the login section!

username

password (stored in md5 format)

access_level

 

 

Now I'm trying to make a script that selects both tables and finds the username.  then checks that the md5 of the password entered into the field is equal to the stored md5 password in the database.

 

if details are correct it sends the person to the correct page while updating a table called mem_logins with the email of the user loging in as a feild along with the time,

If there is no account at all it sends them to the create account page,

if the access level is equal to 1 or 50 it sends them to the check_email.php

 

Now I'm very new to php and therefore have most certainly written the script wrong.  I have been tryig to sort the errors for days and now, have given up.  Can anyone help?  Here is the code as it stands and at the minute im getting this error.....

 

mysql_num_rows(): supplied argument is not a valid MySQL result resource in site on line 11

 

<?php
include('Connections/YA1.php');
session_start();

?>
<?php
if(isset($_POST['submit3'])) {

	$qCheckUserInfo = "SELECT * FROM Members, owners WHERE username='".mysql_real_escape_string($_POST['username3'])."'";
	$rCheckUserInfo = mysql_query($qCheckUserInfo);
	$numUsers = mysql_num_rows($rCheckUserInfo);

	if($numUsers == 0) {
		$message = "Incorrect login details";	
		$success = 0;
	}
	else {
		$userInfo = mysql_fetch_array($rCheckUserInfo);
		$password = $userInfo['password'];
		$email = $userInfo ['email'];
		if($password == md5($_POST['password3'])) {
			$success = 1;
			$_SESSION['logged'] = 1;
			$_SESSION['club_id'] = $userInfo['club_id'];
			$_SESSION['username'] = $userInfo['username'];
			$today = date("Y-m-d h:m:s");




			if($_SESSION['access_level'] == 1) {

			 $sql = "INSERT INTO mem_logins `email`, `login` VALUES ('$email','$today')";
			 mysql_query($sql) or die ("could not execute insert.");

				header('Location: check_email.php');
			}
			else if($_SESSION['access_level'] == 2) {
					 $sql = "INSERT INTO mem_logins `email`, `login` VALUES ('$email','$today')";
			 mysql_query($sql) or die ("could not execute insert.");

				header('Location: members/index.php');
			}
			else if($_SESSION['access_level'] ==50) {
					 $sql = "INSERT INTO mem_logins `email`, `login` VALUES ('$email','$today')";
			 mysql_query($sql) or die ("could not execute insert.");

				header('Location: check_email.php');
			}
			else if($_SESSION['access_level'] == 51) {
					  $sql = "INSERT INTO mem_logins `email`, `login` VALUES ('$email','$today')";
			 mysql_query($sql) or die ("could not execute insert.");

				header('Location: clubs/index.php');
			}
			else if($_SESSION['access_level'] == 99) {
					  $sql = "INSERT INTO mem_logins `email`, `login` VALUES ('$email','$today')";
			 mysql_query($sql) or die ("could not execute insert.");

				header('Location: admin/D/index.php');
			}
		}
		else {
			$message = "Incorrect login details";
			$success = 0;
		}
	}

}
?>

<body>
<div id="wrapper">
<div id="title_box">
  <div id="logo"><img src="image/your_arena.jpg" /></div>
  <div id="login_box">
	<?php if($success==0) {
			echo $message;	
		}
		else {
			echo ' ';
		} ?>
              <?php
	if($success != 1 && !($_SESSION['logged'])) {
?><?php

	?>
  <form   METHOD="POST" name="login_form" class="black_text" id="login_form">
  <table width="252" border="0" align="right" cellpadding="0" cellspacing="5" id="login_tab">
  <tr>
    <td width="84"><div align="left">Username:</div></td>
    <td><input name="username3" type="text" class="form_fields" value="<?php echo $_POST['username3']; ?>" id="username3" tabindex="1" /></td>
  </tr>
  <tr>
    <td><div align="left">Password:</div></td>
    <td><input name="password3" type="password" class="form_fields" id="password3" tabindex="2" /></td>
  </tr>
  <tr>
    <td colspan="2"></td>
    </tr>
  <tr>
    <td colspan="2" class="forgotten_pass"><div align="right">Forgotten your password?</div></td>
  </tr>
  <tr>
    <td height="24"><div align="left"></div></td>
    <td><div align="right">
      <input name="submit3" type="submit" id="submit3" tabindex="3" value="Login" />
    </div></td>
  </tr>
</table>

   <?php
	} //end fail if
?>
  </form>
  </div>
</div>
<?php include('nav.php');?>


<div id="test">main page </div>

<?php include('footer.php');?>
</div>
</body>
</html>

Link to comment
Share on other sites

You could do this in 2 ways..  the SQL line is probably your culprit...  so you have to options....

 

1. do this in a join...

2. do this in 2 queries

 

either way much of your code will have to change.. primarily your if statements to do your checking.

Link to comment
Share on other sites

I have a database with two table.   

 

Members

owners

 

Both tables have the same fields for the login section!

username

password (stored in md5 format)

access_level

Why not just have one table that holds all username/password/access_levels, but have an extra field which identifies the user as either a member or an owner. Seems pointless querying two tables for logging in a user.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.