halm1985 Posted May 31, 2007 Share Posted May 31, 2007 I have three questions : 1) How to execuse an SQL query when a user clicks a specific link 2) How can i execuse an SQL query upon broswer window close 2) When a users logs into his page .. an attribute in his credentials record (named "logged" ) is changed to 1 to indicate that he's logged in now, what i need to do .. is to restrict access to all other pages based on the value of this attribute .. in other words .. When a user opens any page, do the following SLELECT Logged FROM Credenials Where id = $loginusername If logged = 1 then Open page If logged = 0 then go to Log-in.php Quote Link to comment https://forums.phpfreaks.com/topic/53716-log-inout-operations/ Share on other sites More sharing options...
chrisprse Posted May 31, 2007 Share Posted May 31, 2007 Personally I feel sessions would be far easier. You wouldn't need to worry about executing a MySQL query on the brower window closing. You can then add a piece of code at the top of each page to see if the session is set. If so, let them view the page. If not, direct them to the login form. Chris. Quote Link to comment https://forums.phpfreaks.com/topic/53716-log-inout-operations/#findComment-265536 Share on other sites More sharing options...
halm1985 Posted May 31, 2007 Author Share Posted May 31, 2007 Sorry but i'm a beginner .. can you show me how exactly should the code look like ? Quote Link to comment https://forums.phpfreaks.com/topic/53716-log-inout-operations/#findComment-265555 Share on other sites More sharing options...
chrisprse Posted May 31, 2007 Share Posted May 31, 2007 You would need a form that can collect a username and password. You then need a table called 'members' which stores the usernames and md5 passwords of all members. When they submit the login form you check the details supplied against those in the database. If all is correct you create a "loggedIn" session as well as storing their username and md5'd password in a session. There are better ways of going about this but it's a quick example to show you! <?php if(isset($_POST['login'])) { $username = $_POST['username']; $password = md5($_POST['password']); $result = mysql_query("select * from `members` where `username` = '$username'"); if(mysql_num_rows($result) == 0) { $error = 1; $message = "The username you entered does not exist."; } else { $a_row = mysql_fetch_array($result); if($password != $a_row['password']) { $error = 1; $message = "The password you entered is incorrect."; } else { $_SESSION['loggedIn'] = 1; $_SESSION['sessionUsername'] = $username; $_SESSION['sessionPassword'] = $password; echo '<Meta HTTP-EQUIV=Refresh Content="0; URL=membersArea/index.php">'; exit; } } } ?> If all is ok, they get directed to the members area. Have this at the top of each private page: <?php if(isset($_SESSION['loggedIn'])) { $sessionUsername = $_SESSION['sessionUsername']; $sessionPassword = $_SESSION['sessionPassword']; $result = mysql_query("select * from `members` where `username` = '$sessionUsername'"); if(mysql_num_rows($result) == 0) { $error = 1; } else { $a_row = mysql_fetch_array($result); if($sessionPassword != $a_row['password']) { $error = 1; } else { //Logged in Ok - let them see the page } } } if(!isset($_SESSION['loggedIn'])) { include("logout.php"); exit; } if($error == 1) { include("logout.php"); exit; } ?> Hth in some way. Chris. Quote Link to comment https://forums.phpfreaks.com/topic/53716-log-inout-operations/#findComment-265566 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.