mike177 Posted January 21, 2008 Share Posted January 21, 2008 Hi, I am having some trouble with my user authentication. On login I set 2 cookies. 1 is the users email address and the other is an md5 login_ID instead of the user's password. That works fine but I now need to authenticate the user, e.g. on a restricted page. I am using the following: auth.php include("database.php"); $cookemail = $_COOKIE['email']; $cookloginID = $_COOKIE['login_ID']; if($database->checkLoginID($_COOKIE['email'], $_COOKIE['login_ID']) !=0){ header("Location: accessdenied.php"); } database.php function checkLoginID($cookemail, $cookloginID){ /*Verify use in DB*/ $q = "SELECT login_ID FROM ".TBL_MEMBERS." WHERE email = '$cookemail'"; $result = mysql_query($q, $this->connection); if(!$result || (mysql_num_rows($result) < 1)){ return 1;// failure } /*retreieve loginID from result*/ $dbarray = mysql_fetch_array($result); $dbarray['login_ID'] = stripslashes($dbarray['login_ID']); $login_ID = stripslashes($cookloginID); /*Validate login_ID is correct*/ if($cooklogin_ID == $dbarray['login_ID']){ return 0; //success } else{ return 2; //login_ID invalid } } Note: That is not the entire database.php file. The connecton ect are places in it also. Any suggestions on what I'm doing wrong & Thanks in advance for any help. Quote Link to comment Share on other sites More sharing options...
Daukan Posted January 22, 2008 Share Posted January 22, 2008 The variable name use in the function argument is $cookloginID, The one use to test it is $cooklogin_ID Quote Link to comment Share on other sites More sharing options...
mike177 Posted January 22, 2008 Author Share Posted January 22, 2008 Cheers Daukan, Works like a charm. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.