Hey AGAIN!
Thanks for all your help so far (esp. Freddydoesphp).
Now, with your help, and various other sources, I am getting the hang of sessions.
At the moment, on my system, i am doing the login bit.
Now, it works by having an index.php (with basically just a form on, and it displays stuff like how many times you have attempted to login : therefore if it is over 5 failed attempts in one sess it will 'lock the username')
and it also has a login.php which validates the form etc.
Now, they are both working absolutely perfectly except for one thing..
The code to login.php is:
(sorry it is so long).Code:<?php session_start(); $doctitle = "Advertiser Login"; require("univars.php"); require("headers.php"); if (!$loginsubmit or !$loginpwsubmit) { echo(" $mainhead $stylehead $tableheadplain "); echo(" <table><tr><td> </td><td> <table cellpadding=2 cellspacing=1 bgcolor=#000000><tr bgcolor=#FFFFCE><td> <font face=arial size=4 color=000099> <b>ERROR!</b></font><br><br> "); if (!$loginsubmit) { echo(" <font class=tenpt> <img src=$arrow> You did not enter a <b>Login Name</b></font> <br> "); } if (!$loginpwsubmit) { echo(" <font class=tenpt> <img src=$arrow> You did not enter a <b>Password</b></font> <br> "); } echo("<br></td></tr></table> </td></tr></table> <br> $backhtml "); } else { /* Check login against database */ mysql_connect("$mysqlusername","$connection","$mysqlpassword"); mysql_select_db("$eliterdb"); $findlogin = mysql_query("SELECT * FROM advertisers WHERE login='$loginsubmit' "); if (mysql_num_rows($findlogin) == 0) { echo(" $mainhead $stylehead $tableheadplain "); echo (" <table><tr><td> </td><td> <table cellpadding=2 cellspacing=1 bgcolor=#000000><tr bgcolor=#FFFFCE><td> <font face=arial size=4 color=000099> <b>ERROR!</b></font><br><br> <img src=$arrow> <font class=tenpt>Please enter a valid <b>Login Name</b></font> <br> <br></td></tr></table> </td></tr></table> <br> $backhtml "); } elseif (mysql_num_rows($findlogin) == 1) { $getpass = mysql_query("SELECT adpassword FROM advertisers WHERE login='$loginsubmit' "); while ( $details = mysql_fetch_array($getpass) ) { $adpassword = $details["adpassword"]; } if ('$loginpwsubmit' == '$adpassword') { $phpsessid = session_id(); session_register('login'); session_register('loginpw'); header ("Location: $advertiserhome?$phpsessid"); } else { session_register('logintries'); $logintries++; echo(" $mainhead $stylehead $tableheadplain "); echo (" <table><tr><td> </td><td> <table cellpadding=2 cellspacing=1 bgcolor=#000000><tr bgcolor=#FFFFCE><td> <font face=arial size=4 color=000099> <b>ERROR!</b></font><br><br> <img src=$arrow> <font class=tenpt>Invalid <b>Login Name</b> / <b>Password</b> combination.</font> <br> <br></td></tr></table> </td></tr></table> <br> $backhtml "); } } } ?>
Ok, well it is working really well, apart from one thing.
When I enter a VALID username and password, it will not redirect me to $advertiserhome (i have specified this in an include file). Instead, every time, it gives me a invalid username/pw combination. Any ideas?
Cheers.
=aj
Bookmarks