PRodgers4284 Posted February 13, 2008 Share Posted February 13, 2008 I need some help with a login script i am using for a website, it works fine and checks the username and password against the database "users" and outputs the appropriate error messages. I have added another table to the database called "employers" and i want the same checks to be done on this table but not sure how to do it. Can anyone please help me, im really stuck on this, i would really appreciate it My code is: <?php $validation = ""; /** * Checks whether or not the given username is in the * database, if so it checks if the given password is * the same password in the database for that user. * If the user doesn't exist or if the passwords don't * match up, it returns an error code (1 or 2). * On success it returns 0. */ function confirmUser($username, $password){ global $conn; /* Add slashes if necessary (for query) */ if(!get_magic_quotes_gpc()) { $username = addslashes($username); } /* Verify that user is in database */ $q = "select password from users where username = '$username'"; $result = mysql_query($q,$conn); if(!$result || (mysql_numrows($result) < 1)){ return 1; //Indicates username failure } /* Retrieve password from result, strip slashes */ $dbarray = mysql_fetch_array($result); $dbarray['password'] = stripslashes($dbarray['password']); $password = stripslashes($password); /* Validate that password is correct */ if($password == $dbarray['password']){ return 0; //Success! Username and password confirmed } else{ return 2; //Indicates password failure } } /** * checkLogin - Checks if the user has already previously * logged in, and a session with the user has already been * established. Also checks to see if user has been remembered. * If so, the database is queried to make sure of the user's * authenticity. Returns true if the user has logged in. */ function checkLogin(){ /* Check if user has been remembered */ if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){ $_SESSION['username'] = $_COOKIE['cookname']; $_SESSION['password'] = $_COOKIE['cookpass']; } /* Username and password have been set */ if(isset($_SESSION['username']) && isset($_SESSION['password'])){ /* Confirm that username and password are valid */ if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){ /* Variables are incorrect, user not logged in */ unset($_SESSION['username']); unset($_SESSION['password']); return false; } return true; } /* User not logged in */ else{ return false; } } /** * Determines whether or not to display the login * form or to show the user that he is logged in * based on if the session variables are set. */ function displayLogin(){ global $validation; global $logged_in; if($logged_in){ echo "Welcome <b>$_SESSION[username]</b> <br> <br><a href=\"viewemployeedetails.php\">User Account Details</a> <br> <br><a href=\"viewcv.php\">CV Page</a></li> <br> <br><a href=\"logout.php\">Logout</a>"; } else{ include "loginform.php"; echo "<p>$validation</p>"; } } /** * Checks to see if the user has submitted his * username and password through the login form, * if so, checks authenticity in database and * creates session. */ if(isset($_POST['sublogin'])){ $_POST['user'] = trim($_POST['user']); /* Checks that username is in database and password is correct */ $md5pass = md5($_POST['pass']); $result = confirmUser($_POST['user'], $md5pass); /* Check that all fields were typed in */ if(!$_POST['user'] || !$_POST['pass']){ $validation = "You didn't fill in a required field"; } /* Check that all fields were typed in */ if(!$_POST['user']){ $validation = "Please enter a username"; } /* Check that all fields were typed in */ if(!$_POST['pass']){ $validation = "Please enter a password"; } if($result == 1 || ($result == 2) || ($result == 3)){ $validation = "Incorrect username and password"; } /* Check error codes */ else if($result == 1){ $validation = "Username doesn't exist"; } else if($result == 2){ $validation = "Incorrect Password"; } else if($result == 3){ $validation = "Inactive Password"; } /* Username and password correct, register session variables */ $_POST['user'] = stripslashes($_POST['user']); $_SESSION['username'] = $_POST['user']; $_SESSION['password'] = $md5pass; /** * This is the cool part: the user has requested that we remember that * he's logged in, so we set two cookies. One to hold his username, * and one to hold his md5 encrypted password. We set them both to * expire in 100 days. Now, next time he comes to our site, we will * log him in automatically. */ if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/"); } } /* Sets the value of the logged_in variable, which can be used in your code */ $logged_in = checkLogin(); ?> Link to comment https://forums.phpfreaks.com/topic/90988-login-script-help/ Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.