Ell20 Posted December 2, 2007 Share Posted December 2, 2007 Hi, I had a working registration page however I decided that I didn't want the user to be able to login unless the Administrator has accepted. I added a new field to the users table called validate, this is pre-set as 0 on registration, then once accepted an UPDATE statement is used to change it to 1. My problem comes when logging in, I have obviously had to adapt my login page to mirror the changes. I have it working in that if validate = 1 they can login and if validate = 0 they cant but I have so far failed in creating a error message to display on screen saying "You were could not be logged in because your account has not yet been accepted" Here is my code: /* If username and password entered query database to check they match in database */ if ($u && $p) { $query = "SELECT user_id, club_id, validate FROM users WHERE username='$u' AND password=PASSWORD('$p') AND validate = '1'"; $result = @mysql_query($query); $row = mysql_fetch_array ($result, MYSQL_NUM); /* If they match create session */ if ($row) { $_SESSION['user_id']=$row[0]; $_SESSION['club_id']=$row[1]; ob_end_clean(); /* Redirect to main.php when logged in */ header ("Location: http://" .$_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "main.php"); exit(); } else { echo '<p><font color="red" size="+1">The username and password do not match</font></p>'; } mysql_close(); I really appreciate any help Quote Link to comment Share on other sites More sharing options...
revraz Posted December 2, 2007 Share Posted December 2, 2007 You need to seperate this $query = "SELECT user_id, club_id, validate FROM users WHERE username='$u' AND password=PASSWORD('$p') AND validate = '1'"; You are selecting the users that have all three match. So if my uname and pw are right, but I'm not validating, you are saying my PW is wrong. Have it select on just the uname/pw first. After you get that row,then deteremine if validate = 1. Quote Link to comment Share on other sites More sharing options...
Ell20 Posted December 2, 2007 Author Share Posted December 2, 2007 I kind of understand what your saying but not 100% would you be able to expand a bit please? Thanks Quote Link to comment Share on other sites More sharing options...
revraz Posted December 2, 2007 Share Posted December 2, 2007 You should be able to make this work, or see what I'm doing. <?php /* If username and password entered query database to check they match in database */ if ($u && $p) { $query = "SELECT user_id, club_id, validate FROM users WHERE username='$u' AND password=PASSWORD('$p')";// AND validate = '1'"; $result = @mysql_query($query); $row = mysql_fetch_array ($result, MYSQL_NUM); /* If they match create session */ if ($row) { $_SESSION['user_id']=$row[0]; $_SESSION['club_id']=$row[1]; $validate=$row[2]; ob_end_clean(); if ($validate = 1) { /* Redirect to main.php when logged in */ header ("Location: http://" .$_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "main.php"); exit(); } else { echo "You are not validated yet, please try back later"; exit; } } else { echo '<p><font color="red" size="+1">The username and password do not match</font></p>'; } mysql_close(); } ?> [/close] Quote Link to comment Share on other sites More sharing options...
Ell20 Posted December 2, 2007 Author Share Posted December 2, 2007 Thanks for your help. It works - ish. I get the error message when I try and log in with an account with validate = 0 however if I click the "Back" button in the browser it logs into the account? Also is there anyway in which I can get the message to display on the login page simular to the way the "The username and password do not match" message does? Thanks again Quote Link to comment Share on other sites More sharing options...
revraz Posted December 2, 2007 Share Posted December 2, 2007 See if this helps <?php /* If username and password entered query database to check they match in database */ if ($u && $p) { $query = "SELECT user_id, club_id, validate FROM users WHERE username='$u' AND password=PASSWORD('$p')";// AND validate = '1'"; $result = @mysql_query($query); $row = mysql_fetch_array ($result, MYSQL_NUM); /* If they match create session */ if ($row) { $validate=$row[2]; ob_end_clean(); if ($validate = 1) { /* Redirect to main.php when logged in */ $_SESSION['user_id']=$row[0]; $_SESSION['club_id']=$row[1]; header ("Location: http://" .$_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "main.php"); exit(); } else { echo '<p><font color="red" size="+1">You are not validated yet, please try back later</font></p>'; exit; } } else { echo '<p><font color="red" size="+1">The username and password do not match</font></p>'; } mysql_close(); } ?> Quote Link to comment Share on other sites More sharing options...
Ell20 Posted December 2, 2007 Author Share Posted December 2, 2007 Getting there, that solves the "Back" issue, is there anyway to get the error message to display on the same pages rather than a plain white page? Thanks Quote Link to comment Share on other sites More sharing options...
Ell20 Posted December 2, 2007 Author Share Posted December 2, 2007 Anyone got any ideas on this? Ive been playing around but cant get the message to display on the index.php page like the other error messages in the code. Thanks Quote Link to comment Share on other sites More sharing options...
revraz Posted December 2, 2007 Share Posted December 2, 2007 ob_end_clean(); is probably doing it. Quote Link to comment Share on other sites More sharing options...
Ell20 Posted December 2, 2007 Author Share Posted December 2, 2007 Solved, I wasnt expecting it to be that as its not even in the same statement. Ive taken it out and also tinkered in other places, is it ok to remove ob_end_clean();? Cheers Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.