mike177 Posted January 21, 2008 Share Posted January 21, 2008 Hi, I am having some trouble with my user authentication. On login I set 2 cookies. 1 is the users email address and the other is an md5 login_ID instead of the user's password. That works fine but I now need to authenticate the user, e.g. on a restricted page. I am using the following: auth.php include("database.php"); $cookemail = $_COOKIE['email']; $cookloginID = $_COOKIE['login_ID']; if($database->checkLoginID($_COOKIE['email'], $_COOKIE['login_ID']) !=0){ header("Location: accessdenied.php"); } database.php function checkLoginID($cookemail, $cookloginID){ /*Verify use in DB*/ $q = "SELECT login_ID FROM ".TBL_MEMBERS." WHERE email = '$cookemail'"; $result = mysql_query($q, $this->connection); if(!$result || (mysql_num_rows($result) < 1)){ return 1;// failure } /*retreieve loginID from result*/ $dbarray = mysql_fetch_array($result); $dbarray['login_ID'] = stripslashes($dbarray['login_ID']); $login_ID = stripslashes($cookloginID); /*Validate login_ID is correct*/ if($cooklogin_ID == $dbarray['login_ID']){ return 0; //success } else{ return 2; //login_ID invalid } } Note: That is not the entire database.php file. The connecton ect are places in it also. Any suggestions on what I'm doing wrong & Thanks in advance for any help. Link to comment https://forums.phpfreaks.com/topic/87137-solved-user-authentication/ Share on other sites More sharing options...
Daukan Posted January 22, 2008 Share Posted January 22, 2008 The variable name use in the function argument is $cookloginID, The one use to test it is $cooklogin_ID Link to comment https://forums.phpfreaks.com/topic/87137-solved-user-authentication/#findComment-445713 Share on other sites More sharing options...
mike177 Posted January 22, 2008 Author Share Posted January 22, 2008 Cheers Daukan, Works like a charm. Link to comment https://forums.phpfreaks.com/topic/87137-solved-user-authentication/#findComment-445718 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.