Jump to content

Login script problems

rudy507

By rudy507
in PHP Coding Help

 Share

Recommended Posts

rudy507 Newbie

rudy507

Posted
Posted
hey all,
I'm having a pretty big problem with a login script that I can't figure out.

The login page is here: [a href=\"http://www.areacodebook.com/login.php\" target=\"_blank\"]www.areacodebook.com/login.php[/a]

Here's the issue: You you try to login to a personal account (first name & last name), the script works perfectly. If it is a valid login, where the names & passwords match up, the person logs in and goes to the control panel just fine. If it is invalid, the person is not able to get in.

Here's where it gets strange. If you try to login to a business account, if it is a valid login, then you are logged in just fine - BUT for some reason, you are directed to the personal control panel. (Actually, the business & personal control panel are on the same php script - I'm just using a lot of if/else statements to figure out what type of account the person is using).

If it is an INvalid login, the first time it fails. But if you try to login again with the same invalid login info, my script thinks that it is a valid login (and takes you to the personal control panel section of the script).

Of course, b/c it's an invalid login AND because it's taking you to the wrong section, when you try to login as a business, one of the tests that I'm running to try to narrow this down - outputting the User ID number - the ID is blank.

If this is confusing, maybe the following code will help you. I have copied the code for login.php as well as control.php.

Any help would be appreciated.

Thanks,
David

[b]login.php:[/b]
[code]<?PHP
// ini_set('error_reporting', E_ALL);
// ini_set('display_errors', true);

require('library.php');
if (isset($_SESSION['fname']) && isset($_SESSION['bname'])) {

    unset($_SESSION['fname']);
    unset($_SESSION['bname']);
    $relogin = 'true';
}
else if (isset($_SESSION['fname']) || isset($_SESSION['bname'])) {
       header("Location: control.php");
    exit();
    }
else {
     $verlogin = isset($_POST['login']) ? $_POST['login'] : "";

     if ($verlogin == 'submitted') {


     if ($_POST['fname'] && $_POST['bname']) {
         $duplicate = 'yes';
     }
     else {
        if (!empty($_POST['fname'])) {
             $fname = $_POST['fname'];
             $lname = $_POST['lname'];
             $password = $_POST['password'];
             $qType = 'per';
            }
        else if (!empty($_POST['bname'])) {
            $bname = $_POST['bname'];
            $password = $_POST['password'];
            $qType = 'bus';
            }
        else {
            echo '<br /><b><center>We are sorry, but there seems to have been an error. Please contact us for assistance';
        }
       if ($qType=='per') {
            $password = md5($password);
            $sql = mysql_query("SELECT * FROM user WHERE fname='$fname' AND lname='$lname' AND password='$password'");
              if (!$sql) {
                echo 'Query failed. Error: ', mysql_error();
                exit();
                }
            }
        else if ($qType=='bus') {
            $password = md5($password);
            $sql = mysql_query("SELECT * FROM buser WHERE name='$bname' AND password='$password'");
            if (!$sql) {
                   echo 'Query failed. Error: ', mysql_error();
                   exit();
                }
            $_SESSION['bname'] = $_POST['bname'];
            }
        else {
            echo '<br /><b><center>We are sorry, but there seems to have been an error. Please contact us for assistance';
            exit();
        }
        $login_check = mysql_num_rows($sql);
        if($login_check > 0){
            while($row = mysql_fetch_array($sql)) {
            foreach( $row AS $key => $val ) {
                $$key = stripslashes( $val );
                }
           /* Testing purposes only
            echo "$fname";
            echo "$bname";
            exit();
           End Test */
            $_SESSION['bname'] = $bname;
            $_SESSION['fname'] = $fname;
            $_SESSION['lname'] = $lname;
            $_SESSION['email'] = $email;
            $_SESSION['user_id'] = $user_id;
            header("Location: control/control.php");
            exit();
            }
        }
        else {
            echo '<center><br /><b>You were not able to be logged in. Please verify that all required fields are filled in. If you need assistance, please contact us.</b><br /><br />';
            echo '<hr></center>';
            }
        }
      }
    }
?>
[/code]

[b]control.php[/b]
[code]
    <?PHP

        // Testing Purposes Only
        // echo $_SESSION['fname'];
        // echo $_SESSION['bname'];
        //

        if (isset($_SESSION['fname'])) {
            echo '<center><h2><b><u>User Control Panel</u></h2></center>';
            echo 'Hello, '.$_SESSION['fname'].' '.$_SESSION['lname'].'! You are now logged in.<br /><br /><hr>';
            /* echo 'Your ID number is: '.$_SESSION['user_id'].'.<br />'; */
            echo 'Here you can do multiple actions, such as add a phone number. Just click on the links below!<hr><br /><br />';
            echo '<a class="class2" href="addphone.php">Add a phone number</a>&nbsp;•&nbsp;<a class="class2" href="addaddress.php">Add/Modify Mailing Address</a>
                <br /><br />
                <a class="class2" href="../logout.php">Logout of your control panel</a><br><br>';
            }
        else if (isset($_SESSION['bname'])) {
            echo '<center><h2><b><u>Business Control Panel</u></h2></center>';
            echo 'Hello, '.$_SESSION['bname'].'! You are now logged in.<br /><br /><hr>';
            // Testing
                echo 'Your ID number is: '.$_SESSION['user_id'].'.<br /><br /><hr>';
            // End Testing
            echo 'Here you can do multiple actions, such as add a phone number. Just click on the links below!<hr><br /><br />';
            echo '<a class="class2" href="addbizphone.php">Add a phone number</a>&nbsp;•&nbsp;<a class="class2" href="addbizaddress.php">Add/Modify Mailing Address</a>
            <br /><br />
            <a class="class2" href="../logout.php">Logout of your control panel</a><br><br>';
        }
        else {
            echo '<center><b>You currently are not logged in. Please <a class="class2" href="../login.php">login</a> now.<br></b></center>';
            }
    ?>
[/code]

Thanks,
David
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.