[SOLVED] User Authentication

mike177 · January 21, 2008

Hi, I am having some trouble with my user authentication.

On login I set 2 cookies. 1 is the users email address and the other is an md5 login_ID instead of the user's password. That works fine but I now need to authenticate the user, e.g. on a restricted page.

I am using the following:

auth.php

include("database.php");
$cookemail = $_COOKIE['email'];
$cookloginID = $_COOKIE['login_ID'];

	if($database->checkLoginID($_COOKIE['email'], $_COOKIE['login_ID']) !=0){
		header("Location: accessdenied.php");
	}

database.php

function checkLoginID($cookemail, $cookloginID){
	/*Verify use in DB*/
	$q = "SELECT login_ID FROM ".TBL_MEMBERS." WHERE email = '$cookemail'";
	$result = mysql_query($q, $this->connection);
	if(!$result || (mysql_num_rows($result) < 1)){
		return 1;// failure
	}
	/*retreieve loginID from result*/
	$dbarray = mysql_fetch_array($result);
	$dbarray['login_ID'] = stripslashes($dbarray['login_ID']);
	$login_ID = stripslashes($cookloginID);
	/*Validate login_ID is correct*/
	if($cooklogin_ID == $dbarray['login_ID']){
		return 0; //success
	}
	else{
		return 2; //login_ID invalid
	}
}

Note: That is not the entire database.php file. The connecton ect are places in it also.

Any suggestions on what I'm doing wrong & Thanks in advance for any help.

Daukan · January 22, 2008

The variable name use in the function argument is $cookloginID, The one use to test it is $cooklogin_ID

mike177 · January 22, 2008

Cheers Daukan, Works like a charm.

Sign In

[SOLVED] User Authentication

Recommended Posts

mike177

Link to comment

Share on other sites

Daukan

Link to comment

Share on other sites

mike177

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information