SitePoint Sponsor

User Tag List

Results 1 to 2 of 2
  1. #1
    SitePoint Member victorvp's Avatar
    Join Date
    Dec 2004
    Location
    Kelowna, BC, Canada
    Posts
    5
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    PHP/MySQL login system, stuck

    I've been working on a login system, and it's coming along great. When you log in you set a session, etc. Cookies also work. Whenever a page is loaded it checks if the session is valid, and if its not will unset the session. I need a way to tell the rest of the page whether or not the user is logged in. It might explain better if I post the code:

    PHP Code:
    <?php

    class login {
        
        var 
    $display;
        var 
    $error;
        
        function 
    login($array$mysql){
            if(
    $array['submit'] == 'Login'){
                
    $rows $mysql->numrows('SELECT id FROM u_users WHERE uname = \'' addslashes($array['uname']) . '\' LIMIT 1');
                
    $err0 $rows != '<br />Invalid Username' NULL;
                
    $rows $mysql->numrows('SELECT id FROM u_users WHERE uname = \'' addslashes($array['uname']) . '\' AND pass = \'' md5($array['pass']) . '\' LIMIT 1');
                
    $err1 $rows != '<br />Invalid Password' NULL;
                
    $rows $mysql->numrows('SELECT level FROM u_users WHERE uname = \'' addslashes($array['uname']) . '\' AND level > 0 LIMIT 1');
                
    $err2 = empty($err0) && $rows != '<br />Please activate your account and retry' NULL;
                
    $this->error = isset($err0) || isset($err1) || isset($err2)
                ? 
    '<div class="error"><strong class="error">Error(s):' $err0 $err1 $err2 '</strong></div>' NULL;
                if(!empty(
    $this->error)){
                    return 
    $this->error;
                    }
                else{
                    
    $row $mysql->result('SELECT id, level, rand FROM u_users WHERE uname = \'' addslashes($array['uname']) . '\'');
                    
    $rand md5(mt_rand());
                    
    $_SESSION['userinfo'] = $row[0];
                    
    $_SESSION['userinfo'][2] = $rand;
                    
    $mysql->query('UPDATE u_users SET rand = \'' $rand '\' WHERE id = \'' $row[0][0] . '\'');
                    if(
    $array['remember'] == 'checked'){
                        
    setcookie('userinfo'$row[0][0] . ', ' $row[0][1] . ', ' $row[0][2], time()+3600*24*30'/');
                        }
                    return 
    header('location: /account/');
                    }
                }
            }
        function 
    display($array$mysql){
            
    $this->display '<div class="top">Login</div>' "\n"
            
    '<form action="/login/" method="post">' "\n"
            
    $this->login($array$mysql) . "\n"
            
    '<div class="reglcol">' "\n"
            
    'Username:<br />' "\n"
            
    'Password:<br />' "\n"
            
    'Remember Info: <input class="checkbox" type="checkbox" name="remember" value="checked" />' "\n"
            
    '</div>' "\n"
            
    '<div class="regrcol">' "\n"
            
    '<input type="text" name="uname" maxlength="20" /><br />' "\n"
            
    '<input type="password" name="pass" maxlength="32" /><br />' "\n"
            
    '<input class="button" type="submit" name="submit" value="Login" />' "\n"
            
    '</form>' "\n";
            return 
    $this->display;
            }
                
        }

    class 
    sessions {
        
        function 
    sessions($mysql){
            
    session_start();
            if(empty(
    $_SESSION['userinfo'])){
                if(isset(
    $_COOKIE['userinfo'])){
                    
    $userinfo explode(', '$_COOKIE['userinfo']);
                    
    $_SESSION['userinfo'] = $userinfo;
                    return 
    true;
                    }
                return 
    false;
                }
            else{
                
    $row $mysql->result('SELECT id, level, rand FROM u_users WHERE id = \'' addslashes($_SESSION['userinfo'][0]) . '\'');
                if(
    $row[0] == $_SESSION['userinfo']){
                    return 
    true;
                    }
                unset(
    $_SESSION['userinfo']);
                return 
    false;
                }
            }
        
        }

    ?>
    In the sessions function, whenever it returns true I also need it to output something to tell the page that the user is logged in. I could use a global variable, but would rather not. Any suggestions?

  2. #2
    SitePoint Enthusiast
    Join Date
    Mar 2005
    Posts
    40
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by victorvp
    In the sessions function, whenever it returns true I also need it to output something to tell the page that the user is logged in. I could use a global variable, but would rather not. Any suggestions?
    if (sessions($mysql)) echo 'logged in';


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •