SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    SitePoint Member mattstrife's Avatar
    Join Date
    Aug 2003
    Location
    Moosetreal, Quebec, Canada, eh!
    Posts
    21
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    login page included in another file...

    ok here is my problem...
    i got, for exemple, main.php and init is included menu.php which contains the login form and a menu. the menu has to show only if the login was successful. right now the way i did it it doesn't show the menu when the login is successful and shows the login form twice...

    here is a rough look at the code:

    function printmenu(){
    do the stuff...
    }

    function printlogin() {
    login form...
    }

    if (isset($submit)):
    blahblahblah;
    ..db connection checked...
    if the username doesn't match:
    show error message;
    printlogin();
    else:
    if password doesn't match:
    show error message;
    printlogin();
    else:
    stuff it all in the session variables;
    first();
    endif;
    endif;
    endif;

    function first(){
    if no user in the session variable:
    printlogin();
    else:
    printmenu();
    endif;

    first();

    and if you need to see the coding bug in action: http://col.theforsakenones.com/bedwy...4x768/main.php
    just try a random combination...

    Thanks in advance for any help provided

    also i'm sorry if some parts of what i wrote at the top look jibberish... it is 1 something in the am and i'm lacking sleep. and my english is not perfect.

  2. #2
    Sultan of Ping jofa's Avatar
    Join Date
    Mar 2002
    Location
    SvÝ■jˇ­
    Posts
    4,080
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by mattstrife
    ...if you need to see the coding bug in action...
    Yep, seeing the bug in action was really helpful. When you wrote "shows the login form twice", I thought you meant "user has to submit the login form twice"...
    Isn't the problem that you ...
    1. check if the username doesn't match:
    2. check if password doesn't match
    ... but both conditions should be tested in the same if statement, something like:
    if(incorrect_user || incorrect_password) ...

    Or if you prefer this:
    if(!(correct_user && correct_password)) ...

    But the fact that you have these two conditions is a bit confusing to me. Why supply someone that is trying to login with the info "incorrect username" or "incorrect password" - or both? Isn't "incorrect username or password" enough?
    What does the sql query look like? I guess it's not a simple "select count(*) from user where uname=$uname and pwd=$pwd" (only possible return values should be 0 or 1).


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •