pedro84 Posted February 22, 2008 Share Posted February 22, 2008 Hi all, I wrote quite simple script to allow users to log in but got problem that I can't fix myself. For begining, some data: function user_login function user_login($username, $password) { // Try and get the salt from the database using the username $query = "select salt from users where username='$username' limit 1"; $result = mysql_query($query); $user = mysql_fetch_array($result); // Using the salt, encrypt the given password to see if it // matches the one in the database $encrypted_pass = md5(md5($password).$user['salt']); // Try and get the user using the username & encrypted pass $query = "select userid, username from users where username='$username' and password='$encrypted_pass'"; $result = mysql_query($query); $user = mysql_fetch_array($result); $numrows = mysql_num_rows($result); // Now encrypt the data to be stored in the session $encrypted_id = md5($user['userid']); $encrypted_name = md5($user['username']); // Store the data in the session $_SESSION['userid'] = $userid; $_SESSION['username'] = $username; $_SESSION['encrypted_id'] = $encrypted_id; $_SESSION['encrypted_name'] = $encrypted_name; if ($numrows == 1) { return 'Correct'; } else { return false; } } login.php file <?php // Include init file include 'init.php'; if (!isset($_POST['submit'])) { // Show the form include 'login_form.inc.php'; exit; } else { // Try and login with the given username & pass $result = user_login($_POST['username'], $_POST['password']); if ($result != 'Correct') { // Reshow the form with the error $login_error = $result; include 'login_form.inc.php'; } else { echo 'Thank you for logging in, <a href="usercp.php?'; } } ?> Ok. Script works quite correctly, only one bug. How can I get user ID from database? I need this to make this link <a href="usercp.php? like that <a href="usercp.php?username=USERID_FROM_DATABASE ? I do not need code, only tips;) Any help will be appreciated. Cheers! Pedro Quote Link to comment Share on other sites More sharing options...
revraz Posted February 22, 2008 Share Posted February 22, 2008 You already get it here $query = "select userid, username from users where username='$username' and password='$encrypted_pass'"; Quote Link to comment Share on other sites More sharing options...
pedro84 Posted February 22, 2008 Author Share Posted February 22, 2008 Yes, I know. But when I try to echo $userid or echo $_SESSION['userid'] Nothing happen ??? Quote Link to comment Share on other sites More sharing options...
pedro84 Posted February 22, 2008 Author Share Posted February 22, 2008 You already get it here $query = "select userid, username from users where username='$username' and password='$encrypted_pass'"; I turned on notices and got Notice: Undefined variable: userid in www\system\functions.php on line 38 Quote Link to comment Share on other sites More sharing options...
peranha Posted February 22, 2008 Share Posted February 22, 2008 You never actuall assign $userid in the code you gave us. $userid = $user['userid']; You will have to do something like that, or $_SESSION['userid'] = $user['userid']; Quote Link to comment Share on other sites More sharing options...
pedro84 Posted February 22, 2008 Author Share Posted February 22, 2008 Thanks for reply:) Just...did it without reading your post:) Since few days I totally felt in love eith php:) Thanks! Cheers mate! Pedro Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.