Jump to content

log-in/out operations

halm1985

By halm1985
in PHP Coding Help

 Share

Recommended Posts

halm1985 Member

halm1985

Posted
Posted

I have three questions :

 

1) How to execuse an SQL query when a user clicks a specific link

 

2) How can i execuse an SQL query upon broswer window close

 

2) When a users logs into his page .. an attribute in his credentials record (named "logged" ) is changed to 1 to indicate that he's logged in now, what i need to do .. is to restrict access to all other pages based on the value of this attribute ..

 

in other words ..

 

When a user opens any page, do the following

 

SLELECT Logged FROM Credenials

Where id = $loginusername

 

If logged = 1

then Open page

 

If logged = 0

then go to Log-in.php

 

 

 

 

 

 

Link to comment
Share on other sites
chrisprse Newbie

chrisprse

Posted
Posted

Personally I feel sessions would be far easier.

 

You wouldn't need to worry about executing a MySQL query on the brower window closing. You can then add a piece of code at the top of each page to see if the session is set. If so, let them view the page. If not, direct them to the login form.

 

Chris.

Link to comment
Share on other sites
chrisprse Newbie

chrisprse

Posted
Posted

You would need a form that can collect a username and password.

 

You then need a table called 'members' which stores the usernames and md5 passwords of all members.

 

When they submit the login form you check the details supplied against those in the database. If all is correct you create a "loggedIn" session as well as storing their username and md5'd password in a session.

 

There are better ways of going about this but it's a quick example to show you!

 

<?php

			if(isset($_POST['login'])) {

				$username = $_POST['username'];
				$password = md5($_POST['password']);

				$result = mysql_query("select * from `members` where `username` = '$username'");

				if(mysql_num_rows($result) == 0) {

					$error = 1;
					$message = "The username you entered does not exist.";

				}

				else {

					$a_row = mysql_fetch_array($result);

					if($password != $a_row['password']) {

						$error = 1;
						$message = "The password you entered is incorrect.";

					}

					else {

						$_SESSION['loggedIn'] = 1;
						$_SESSION['sessionUsername'] = $username;
						$_SESSION['sessionPassword'] = $password;

						echo '<Meta HTTP-EQUIV=Refresh Content="0; URL=membersArea/index.php">'; exit;

					}

				}

			}

		?>

 

If all is ok, they get directed to the members area.

 

Have this at the top of each private page:

 

<?php
if(isset($_SESSION['loggedIn'])) {

	$sessionUsername = $_SESSION['sessionUsername'];
	$sessionPassword = $_SESSION['sessionPassword'];

	$result = mysql_query("select * from `members` where `username` = '$sessionUsername'");

	if(mysql_num_rows($result) == 0) {

		$error = 1;

	}

	else {

		$a_row = mysql_fetch_array($result);

		if($sessionPassword != $a_row['password']) {

			$error = 1;

		}

		else {

			//Logged in Ok - let them see the page

		}

	}

}

if(!isset($_SESSION['loggedIn'])) {

	include("logout.php"); exit;

}

if($error == 1) {

	include("logout.php"); exit;

}

?>

 

Hth in some way.

 

Chris.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.