SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    SitePoint Zealot
    Join Date
    Jul 2000
    Posts
    132
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hey AGAIN!

    Thanks for all your help so far (esp. Freddydoesphp).

    Now, with your help, and various other sources, I am getting the hang of sessions.
    At the moment, on my system, i am doing the login bit.
    Now, it works by having an index.php (with basically just a form on, and it displays stuff like how many times you have attempted to login : therefore if it is over 5 failed attempts in one sess it will 'lock the username')
    and it also has a login.php which validates the form etc.

    Now, they are both working absolutely perfectly except for one thing..
    The code to login.php is:
    Code:
    <?php
    session_start();
    $doctitle = "Advertiser Login";
    require("univars.php");
    require("headers.php");
    
    
    if (!$loginsubmit or !$loginpwsubmit) {
    
    
    echo("	$mainhead
    	$stylehead
    	$tableheadplain
    ");
    
    echo("
    <table><tr><td>&nbsp;&nbsp;&nbsp;</td><td>
    <table cellpadding=2 cellspacing=1 bgcolor=#000000><tr bgcolor=#FFFFCE><td>
    <font face=arial size=4 color=000099>&nbsp;&nbsp;&nbsp;<b>ERROR!</b></font><br><br>
    ");
    
    if (!$loginsubmit) {
    echo("
    <font class=tenpt>&nbsp;&nbsp;&nbsp;<img src=$arrow>&nbsp;&nbsp;&nbsp;
    You did not enter a  <b>Login Name</b></font>&nbsp;&nbsp;<br>
    ");
    } 
    
    if (!$loginpwsubmit)  {
    echo("
    <font class=tenpt>&nbsp;&nbsp;&nbsp;<img src=$arrow>&nbsp;&nbsp;&nbsp;
    You did not enter a  <b>Password</b></font>&nbsp;&nbsp;<br>
    ");
    }
    
    echo("<br></td></tr></table>
    </td></tr></table>
    <br>
    $backhtml
    ");
    
    } else {
    /* Check login against database */
    
    mysql_connect("$mysqlusername","$connection","$mysqlpassword");
    mysql_select_db("$eliterdb");
    
    $findlogin = mysql_query("SELECT * FROM advertisers WHERE login='$loginsubmit' "); 
    if (mysql_num_rows($findlogin) == 0) { 
    
    
    echo("	$mainhead
    	$stylehead
    	$tableheadplain
    ");
    
    echo ("
    <table><tr><td>&nbsp;&nbsp;&nbsp;</td><td>
    <table cellpadding=2 cellspacing=1 bgcolor=#000000><tr bgcolor=#FFFFCE><td>
    <font face=arial size=4 color=000099>&nbsp;&nbsp;&nbsp;<b>ERROR!</b></font><br><br>
    &nbsp;&nbsp;&nbsp;<img src=$arrow>
    &nbsp;&nbsp;<font class=tenpt>Please enter a valid <b>Login Name</b></font>&nbsp;&nbsp;<br>
    <br></td></tr></table>
    </td></tr></table>
    <br>
    $backhtml
    ");
    
    } elseif (mysql_num_rows($findlogin) == 1) {
    
    $getpass = mysql_query("SELECT adpassword FROM advertisers WHERE login='$loginsubmit' ");
    
    while ( $details = mysql_fetch_array($getpass) ) {
    
    $adpassword = $details["adpassword"];
    
    }
    
    
    if ('$loginpwsubmit' == '$adpassword') {
    
    $phpsessid = session_id();
    
    		session_register('login');
    		session_register('loginpw');
    
    header ("Location: $advertiserhome?$phpsessid");
    
    } else {
    
    		session_register('logintries');
    
    $logintries++;
    
    echo("	$mainhead
    	$stylehead
    	$tableheadplain
    ");
    
    
    echo ("
    <table><tr><td>&nbsp;&nbsp;&nbsp;</td><td>
    <table cellpadding=2 cellspacing=1 bgcolor=#000000><tr bgcolor=#FFFFCE><td>
    <font face=arial size=4 color=000099>&nbsp;&nbsp;&nbsp;<b>ERROR!</b></font><br><br>
    &nbsp;&nbsp;&nbsp;<img src=$arrow>
    &nbsp;&nbsp;<font class=tenpt>Invalid <b>Login Name</b> / <b>Password</b> combination.</font>&nbsp;&nbsp;<br>
    <br></td></tr></table>
    </td></tr></table>
    <br>
    $backhtml
    ");
    
    }
    
    }
    }
    
    ?>
    (sorry it is so long).
    Ok, well it is working really well, apart from one thing.
    When I enter a VALID username and password, it will not redirect me to $advertiserhome (i have specified this in an include file). Instead, every time, it gives me a invalid username/pw combination. Any ideas?
    Cheers.
    =aj

  2. #2
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    AJ,

    Well there are defintely a few things I would do differently

    ONe thing
    is this part

    } elseif (mysql_num_rows($findlogin) == 1) {

    $getpass = mysql_query("SELECT adpassword FROM advertisers WHERE login='$loginsubmit' ");

    while ( $details = mysql_fetch_array($getpass) ) {

    $adpassword = $details["adpassword"];

    }

    You can't use elseif without an else and you already queried the db once for this info this instead should be

    } else {

    while ( $details = mysql_fetch_array($findlogin) ) {

    $adpassword = $details["adpassword"];

    }

    if ($loginpwsubmit == $adpassword) {

    session_register('login');
    session_register('loginpw');

    header ("Location: $advertiserhome");

    } else {

    session_register('logintries');

    $logintries++;

    echo(" $mainhead
    $stylehead
    $tableheadplain
    ");


    echo ("
    <table><tr><td>&nbsp;&nbsp;&nbsp;</td><td>
    <table cellpadding=2 cellspacing=1 bgcolor=#000000><tr bgcolor=#FFFFCE><td>
    <font face=arial size=4 color=000099>&nbsp;&nbsp;&nbsp;<b>ERROR!</b></font><br><br>
    &nbsp;&nbsp;&nbsp;<img src=$arrow>
    &nbsp;&nbsp;<font class=tenpt>Invalid <b>Login Name</b> / <b>Password</b> combination.</font>&nbsp;&nbsp;<br>
    <br></td></tr></table>
    </td></tr></table>
    <br>
    $backhtml
    ");

    }



    Please don't PM me with questions.
    Use the forums, that is what they are here for.

  3. #3
    AdSpeed.com Son Nguyen's Avatar
    Join Date
    Aug 2000
    Location
    Silicon Valley
    Posts
    2,241
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Instead of

    if ('$loginpwsubmit' == '$adpassword')

    you could use this:

    if ($loginpwsubmit == $adpassword)

    That is one thing I found, and yes, since it's long, don't have enough time to look deeper. Try it, if not the case then post again, probably freddy will give you more help!
    Have to admit that freddy is very very helpful with PHP posts! Great job, freddy!
    - Son Nguyen
    AdSpeed.com - Ad Serving and Ad Management Made Easy

  4. #4
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Just my way of keeping my skills up guys, since my current eomployer can't keep me busy enough!!!
    Please don't PM me with questions.
    Use the forums, that is what they are here for.

  5. #5
    SitePoint Zealot
    Join Date
    Jul 2000
    Posts
    132
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Freddy! You are a genius!
    Thanks v. much.

    -aj


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •