cruzbullit Posted April 18, 2007 Share Posted April 18, 2007 I'm looking for an example of a login system that has multiple fields (2 to be exact) + password. e.g username, company name and password, the user, company and password are checked against a mysql database. I have it working with just the username field but I'm confused on how to go about adding another field. I'm pretty new to PHP so don't beat me up too much for this example code, I borrowed and hacked it together in a very short period of time. <?php include 'db.php'; //Checks if there is a login cookie if(isset($_COOKIE['ID_user'])) //if there is, it logs you in and directs you to the members page //shopname is used to select the correct database { $shopname = $_COOKIE['ID_fitsheetshop']; $username = $_COOKIE['ID_fitsheetuser']; $pass = $_COOKIE['Key_fitsheet']; $checkuser = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); $checkshop = mysql_query("SELECT * FROM users WHERE shopname = '$shopname'")or die(mysql_error()); while($info = mysql_fetch_array($checkuser)) { if ($pass != $info['password']) { die('something is wrong'); } else { header("Location: members.php"); } } while($info = mysql_fetch_array($checkshop)) { if ($pass != $info['password']) { die('something is wrong'); } else { header("Location: members.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['shopname'] | !$_POST['username'] | !$_POST['pass']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['username'] = addslashes($_POST['username']); $_POST['shopname'] = addslashes($_POST['shopname']); } $checkuser = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error()); $checkshop = mysql_query("SELECT * FROM users WHERE shopname = '".$_POST['shopname']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($checkuser); if ($check2 == 0) { die('Something is wrong'); } $check3 = mysql_num_rows($checkshop); if ($check3 == 0) { die('Something is wrong'); } while($info = mysql_fetch_array($checkuser)) while($info = mysql_fetch_array($checkshop)) { $_POST['pass'] = stripslashes($_POST['pass']); $info['password'] = stripslashes($info['password']); $_POST['pass'] = md5($_POST['pass']); //gives error if the password is wrong if ($_POST['pass'] != $info['password']) { die('Something is wrong'); } else { // if login is ok then we add a cookie $_POST['shopname'] = stripslashes($_POST['shopname']); $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_shop, $_POST['shopname'], $hour); setcookie(ID_user, $_POST['username'], $hour); setcookie(Key_shop, $_POST['pass'], $hour); //then redirect them to the members area header("Location: members.php"); } } } else { // if they are not logged in //code removed for privacy <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Shop Name:</td><td> <input type="text" name="shopname" size="60" maxlength="60"> <tr><td>Username:</td><td> <input type="text" name="username" size="2" maxlength="60"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="pass" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> //code removed <?php } ?> Each company will have its own database, once the user logs in I was going to check their cookie for the company name and use that to select the correct database. Does anyone have any better ideas? Thanks for your time. Link to comment https://forums.phpfreaks.com/topic/47623-solved-multiple-field-login-and-a-related-question/ Share on other sites More sharing options...
cruzbullit Posted April 19, 2007 Author Share Posted April 19, 2007 Bump Link to comment https://forums.phpfreaks.com/topic/47623-solved-multiple-field-login-and-a-related-question/#findComment-233194 Share on other sites More sharing options...
cruzbullit Posted April 23, 2007 Author Share Posted April 23, 2007 Bump ??? Link to comment https://forums.phpfreaks.com/topic/47623-solved-multiple-field-login-and-a-related-question/#findComment-236160 Share on other sites More sharing options...
MadTechie Posted April 23, 2007 Share Posted April 23, 2007 its a bit of a mess, why don't you search the quickcode ? Link to comment https://forums.phpfreaks.com/topic/47623-solved-multiple-field-login-and-a-related-question/#findComment-236173 Share on other sites More sharing options...
trq Posted April 23, 2007 Share Posted April 23, 2007 An example. <?php if (isset($_POST['submit'])) { $uname = isset($_POST['uname']) ? mysql_real_escape_string($_POST['uname'] : ''; $upass = isset($_POST['upass']) ? mysql_real_escape_string($_POST['upass'] : ''; $compname = isset($_POST['compname']) ? mysql_real_escape_string($_POST['compname'] : ''; $sql = " SELECT uname,upass,compname FROM users WHERE uname = '$uname' && upass = '$upass' && compname = '$compname'; "; if ($result = mysql-query($sql)) { if (mysql_num-rows($result)) { // user is valid. } else { // user is NOT valid. } } } ?> Link to comment https://forums.phpfreaks.com/topic/47623-solved-multiple-field-login-and-a-related-question/#findComment-236193 Share on other sites More sharing options...
MadTechie Posted April 23, 2007 Share Posted April 23, 2007 or thorpe could write one in 0.2 of a second for you Link to comment https://forums.phpfreaks.com/topic/47623-solved-multiple-field-login-and-a-related-question/#findComment-236204 Share on other sites More sharing options...
cruzbullit Posted April 24, 2007 Author Share Posted April 24, 2007 Thanks a bunch for the example, that's exactly what I needed to get me moving in the right direction. Link to comment https://forums.phpfreaks.com/topic/47623-solved-multiple-field-login-and-a-related-question/#findComment-236603 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.