Jump to content

Login Script help


PRodgers4284

Recommended Posts

I need some help with a login script i am using for a website, it works fine and checks the username and password against the database "users" and outputs the appropriate error messages. I have added another table to the database called "employers" and i want the same checks to be done on this table but not sure how to do it. Can anyone please help me, im really stuck on this, i would really appreciate it

 

My code is:

 

<?php

$validation = "";

/**
* Checks whether or not the given username is in the
* database, if so it checks if the given password is
* the same password in the database for that user.
* If the user doesn't exist or if the passwords don't
* match up, it returns an error code (1 or 2). 
* On success it returns 0.
*/
function confirmUser($username, $password){
   global $conn;
   /* Add slashes if necessary (for query) */
   if(!get_magic_quotes_gpc()) {
$username = addslashes($username);
   }

   /* Verify that user is in database */
   $q = "select password from users where username = '$username'";
   $result = mysql_query($q,$conn);
   if(!$result || (mysql_numrows($result) < 1)){
      return 1; //Indicates username failure
   }

   /* Retrieve password from result, strip slashes */
   $dbarray = mysql_fetch_array($result);
   $dbarray['password']  = stripslashes($dbarray['password']);
   $password = stripslashes($password);

   /* Validate that password is correct */
   if($password == $dbarray['password']){
      return 0; //Success! Username and password confirmed
   }
   else{
      return 2; //Indicates password failure 
   } 
   }
   
/**
* checkLogin - Checks if the user has already previously
* logged in, and a session with the user has already been
* established. Also checks to see if user has been remembered.
* If so, the database is queried to make sure of the user's 
* authenticity. Returns true if the user has logged in.
*/
function checkLogin(){
   /* Check if user has been remembered */
   if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
      $_SESSION['username'] = $_COOKIE['cookname'];
      $_SESSION['password'] = $_COOKIE['cookpass'];
   }

   /* Username and password have been set */
   if(isset($_SESSION['username']) && isset($_SESSION['password'])){
      /* Confirm that username and password are valid */
      if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
         /* Variables are incorrect, user not logged in */
         unset($_SESSION['username']);
         unset($_SESSION['password']);
         return false;
      }
      return true;
   }
   /* User not logged in */
   else{
      return false;
   }
}



/**
* Determines whether or not to display the login
* form or to show the user that he is logged in
* based on if the session variables are set.
*/
function displayLogin(){
global $validation;
   global $logged_in;
   if($logged_in){
      echo "Welcome <b>$_SESSION[username]</b>
      	<br>
	<br><a href=\"viewemployeedetails.php\">User Account Details</a>
	<br>
	<br><a href=\"viewcv.php\">CV Page</a></li>
	<br>
	<br><a href=\"logout.php\">Logout</a>";
   }
   else{
   
include "loginform.php";
echo "<p>$validation</p>";

   }
}


/**
* Checks to see if the user has submitted his
* username and password through the login form,
* if so, checks authenticity in database and
* creates session.
*/
if(isset($_POST['sublogin'])){
$_POST['user'] = trim($_POST['user']);
   /* Checks that username is in database and password is correct */
   $md5pass = md5($_POST['pass']);
   $result = confirmUser($_POST['user'], $md5pass);

   /* Check that all fields were typed in */
   if(!$_POST['user'] || !$_POST['pass']){
$validation = "You didn't fill in a required field";
   }
   
   /* Check that all fields were typed in */
   if(!$_POST['user']){
$validation = "Please enter a username";
   }
   
   /* Check that all fields were typed in */
   if(!$_POST['pass']){
$validation = "Please enter a password";
   }

if($result == 1 || ($result == 2) || ($result == 3)){
$validation = "Incorrect username and password";
}

   /* Check error codes */
   else if($result == 1){
$validation = "Username doesn't exist";
        }
   else if($result == 2){
$validation = "Incorrect Password";
       }
       
   else if($result == 3){
$validation = "Inactive Password";
       }
    
       

   /* Username and password correct, register session variables */
   $_POST['user'] = stripslashes($_POST['user']);
   $_SESSION['username'] = $_POST['user'];
   $_SESSION['password'] = $md5pass;

   /**
    * This is the cool part: the user has requested that we remember that
    * he's logged in, so we set two cookies. One to hold his username,
    * and one to hold his md5 encrypted password. We set them both to
    * expire in 100 days. Now, next time he comes to our site, we will
    * log him in automatically.
    */
   if(isset($_POST['remember'])){
      setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
      setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
   }


}

/* Sets the value of the logged_in variable, which can be used in your code */
$logged_in = checkLogin();

?>

Link to comment
https://forums.phpfreaks.com/topic/90988-login-script-help/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.