Php User Authentication Help Anyone Plz

[Resident Evil]

[PHP]<?php

$home_dir = realpath("/www/premiership/");

if ($submit) {

$db = mysql_connect("localhost", "x", "x");
mysql_select_db("premiership", $db);

$query = "SELECT auth_level From registration Where username = '$username' AND password = '$password' ";

$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {
$auth_level = $row['auth_level'];
}

if (!mysql_num_rows($result)) { echo "You Are not Authorised For Access.";

}
else { setcookie('username', $_POST['username'], (time()2592000), '/', '', 0);
setcookie ('auth_level', $_POST['auth_level'], (time()2592000), '/' ''. 0);
}

if ($auth_level == "1") {
echo "You Are now Logged In as A Guest. <br /> <a href="next.php">Click For Options</a>";

} elseif ($auth_level == "2") {
echo "member. <br /> <a href="next.php">Click Here For Options</a>";

}elseif ($auth_level == "3") {
echo "Editor. <br /> <a href="next.php">Click Here For Options</a>";

}elseif ($auth_level == "4") {
echo "Admin. <br /> <a href="next.php>Click Here For Options</a>";
}

?>

<html>
<head>
<title><?php echo $title ?></title>
<link rel="stylesheet" href="$home_dir/Styles/index.css" type="text/css">
</head>

<form*method="POST"*action="<?php*echo*$GLOBALS*['PHP_SELF'];?>">
Nameinput*type="text"*name="username"><br*/>
Password:*<input*type="password"*name="password"><br*/>
<input*type="submit"*name="submit"*value="Login">
</form>
[/PHP

Can Anyone See Any Problems Above?? I Keep Getting a Blank Screen When I Add The Code, and also the same problem with this below

PHP Code:

<?php

if ($submit) {
setcookie('username', '', time() - 3600);
setcookie('auth_level', '', time() - 3600);
echo "Successfully Logged Out.";

} else{
if (!$_COOKIE['username']) {
echo "You Are not Authorised.";
exit;
}
?>

<html>
<head>
<title>You</title>
</head>

<table width="70%" cellpadding="0" cellspacing="0" border="1" bordercolor="#000000">
<tr><td>Your Username:<?php echo $_COOKI['auth_level'];?></td></tr>
<br /><br />
<form method="post" action="<?php echo $GLOBALS ['PHP_SELF'];?">
<input type="submit" value="LogOut" name="submit">
</form>

Can Anyone See Any Problems Above??? I Keep Getting A Blank Screen

[coiL]

You have a couple of typing errors, check your code carefully.

Try using

PHP Code:

if (isset($submit)) 


instead of

PHP Code:

 if ($submit) 


- isset tests whether a variable has been set or not

You also need to escape your quotation marks " " in yoru echo statements

PHP Code:

 echo "<a href=""\"link.html\">Link</a>"; 


(ignore those 2 "" before the slash - the forums are putting those in )

In your stylesheet path your have a variable $home_dir - you need to have that in php

you're not using any <body></body> tags

Are all those asterixes * actually in your code? if they are, get rid of them all.

in your second form,

Code:

 action="<?php echo $GLOBALS ['PHP_SELF'];?">

shuold be

Code:

action="<?php echo $GLOBALS ['PHP_SELF'];?>"

[img]images/smilies/smile.gif[/img]

[coiL]

gees they make it hard to copy and paste bits
I'll rewrite that above post [img]images/smilies/xeye.gif[/img]

[rutters]

gees they make it hard to copy and paste bits
I'll rewrite that above post images/smilies/xeye.gif

with that user authentication script - can you password protect directories, or sections of a website?

how do you set the permissions on those pages?

Jake

[peanuts]

You do that at the beginning of your pages ...

IE

PHP Code:

<?
require('security.inc.php')
secure('level1');
.....

And then in the script you have a check on security and bounce the user if the security isn't correct...

[rutters]

You do that at the beginning of your pages ...

IE

PHP Code:

<?
require('security.inc.php')
secure('level1');
.....

And then in the script you have a check on security and bounce the user if the security isn't correct...

wow thats awesome....

so you dont need to use .htaccess to restrict access?