1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Database problem?

Discussion in 'PHP' started by whateveritis, Oct 26, 2010.

  1. #1
    it's me again asking question :eek:

    i downloaded this code from other website so here's the thing, i tried to login based from the given username & password but it only went to another page with the login form, then i tried to login again purposely using a random username & password but instead of returning something like "No such login exist..." it just went back to the same login page. I wonder if this has anything to do with the database or its query?

    <?
    
       include("header.php"); 
       include("functions.php");
    
    ?>
    
    
    <?
        // FILE DOCUMENTATION
        // Filename    : processlogin.php
        // Description : This file accepts a login and a password from the form
        //               in login.php. It compares the login and password against
        //               employee records in the employee table. If there is a match
        //               it authenticates the user and set session variables for this
        //               admin session
        //   
        // License : GPL
        // Date    : 11/04/2001
        // Related Files : logininc.php,personalpageinc.php,login.php
        
    ?>
    
    
    
    <?
    
    $r=getenv(http_referer);
    
    // If user is not logged in and accesses processlogin.php 
    // directly without being called from login.php then,
    // Display login Screen
    //
    // $session[auth]= x {x=1 : Loggged in | x=0 Not Logged in }
    
    if (($r=="") and ($session[auth]!=1))
    {
    
           include("logininc.php");
    
    }
    
    // Otherwise if user is not logged in
    // and processlogin has been accesed from another script
    
    else if ($session[auth]!=1)
    {
    
           // Query to get employee informatiob based on login and password entered
           
           $query = "select empid,login,password,firstname,lastname,email,admin,superadmin,deptid,parentid from employee where login='$formlogin'";
    
           $result = MYSQL_QUERY($query) or die("SQL Error Occured : ".mysql_error().':'.$query);
     
           $number = MYSQL_NUMROWS($result);
    
    
           $session[auth]=0;
           $session[admin]=0;
           $session[superadmin]=0;
     
           if ($number==0)
           {
     
                 echo "<h3>Error !!</h3><br><h4>No such login exist in our system.</h4><br>$back<br>";
    
                 $session[auth]=0;
                 $session[admin]=0;
                 $session[superadmin]=0;
                 $session[login]=$loginch;
                 $session[starttime]=date("Y-m-d H:i:s"); 
                 session_register("session");    
     
           }
           else if ($number>0)
           {
     
                 $loginch = mysql_result($result,0,"login");
                 $passwordch = mysql_result($result,0,"password");
                 $empid=mysql_result($result,0,"empid");
                 $admin=mysql_result($result,0,"admin");
                 $superadmin=mysql_result($result,0,"superadmin");
                 $firstname=mysql_result($result,0,"firstname");
                 $lastname=mysql_result($result,0,"lastname");
                 $deptid=mysql_result($result,0,"deptid");
                 $parentid=mysql_result($result,0,"parentid");
                 $email=mysql_result($result,0,"email");
     
     
                 // Checking if password entered matches database password
                 // If passwords do not march, display error message
                 if ($formpassword!=$passwordch)
                 {
      
                     echo "<h2>Wrong Password ! $back <br></h2>";
                     $session[auth]=0;
                     session_register("session");
     
                 }
                 // If passwords match
                 // Then Authentification is allright
                 // Set Session Variables to authenticate user
                 else if ($formpassword==$passwordch)
                 {
                 
                     // Setting Session Variables
                     // These session variables can be used from any page
                     // where a session is started. Syntax for session variable use
                     //    $session[variable]
                     // where variable can be ny one of the following
                     //
                     // auth       { 1, Authenticated | 0, Not authenticated}
                     // login      { login of the user }
                     // startime   { time the user started this session }
                     // empid      { Employee ID }
                     // deptid     { Department ID }
                     // parentid   { Parent (Boss) of this employee, another employee }
                     // lastname   { Employee Last Name } 
                     // firstname  { Employee First Name }
                     // email      { Employee Email Address }
                     // admin      { 0, No Admin Access | 1, Admin Access }  
                     // superadmin { 0, No SuperAdmin Access | 1, Super Admin Access }
                      
                     $session[auth]=1; 
                     $session[login]=$loginch;
                     $session[starttime]=date("Y-m-d H:i:s");
                     $session[empid]=$empid;
                     $session[deptid]=$deptid;
                     $session[parentid]=$parentid;
                     $session[lastname]=$lastname;
                     $session[firstname]=$firstname;             
                     $session[email]=$email;
                 
                     // User has Super Admin Privileges
                     if ($superadmin==1)
                     {
                     
                         $session[superadmin]=1;
                         $session[admin]=1;
                         
                         echo "<h2>Admin User</h2>";
                         
                     }
                     // User had regular Admin Privileges
                     else if ($admin==1)
                     {
                         
                         $session[superadmin]=0;
                         $session[admin]=1;
                         
                         echo "<h2>Admin User</h2>";
                         
                     }
                     // User is a Regular user
                     else
                     {
                     
                         $session[superadmin]=0;
                         $session[admin]=0;
                         
                         
                         echo "<h2>Regular User</h2>";
    
                     }
    
                     // Saving Session Variabls to Server
                     session_register("session");
    
                     // Query to update employee login data
                     $queryu="update employee set numlogins=numlogins+1,lastlogindate='$datetime',loginip='$ipaddress' where empid='$empid';"; 
    
                     $resultu = MYSQL_QUERY($queryu) or die("SQL Error Occured : ".mysql_error().':'.$queryu);
    
                        // If user has superadmin status
       // then display super admin Home Page   
       if ($superadmin==1)
       {
       	
           echo "<meta http-equiv=\"Refresh\" content=\"2; url=$siteaddress/admin/index.php\">\n\n<br><br><h3>You will now be transported to the Administrator Account Management Page.If nothing happens or your browser does not support Refresh Meta Tags, please click <a href=\"$siteaddress/admin/index.php\">here</a> to continue. Thanks.</h3>";	
         
       }
       // If user has Admin status
       // then display Admin Home Page   
       else if ($admin==1)
       {
    
           echo "<meta http-equiv=\"Refresh\" content=\"2; url=$siteaddress/admin/index.php\">\n\n<br><br><h3>You will now be transported to the Administrator Account Management Page.If nothing happens or your browser does not support Refresh Meta Tags, please click <a href=\"$siteaddress/admin/index.php\">here</a> to continue. Thanks.</h3>";	
         
       }
       // If user has no admin privileges
       // then display regular user Home Page 
       else
       {
           echo "<meta http-equiv=\"Refresh\" content=\"2; url=$siteaddress/accountmanager.php\">\n\n<br><br><h3>You will now be transported to your Account Management Page.If nothing happens or your browser does not support Refresh Meta Tags, please click <a href=\"$siteaddress/accountmanager.php\">here</a> to continue. Thanks.</h3>";		 
       }
          } // end of else if ($formpassword==$passwordch)
           } // else if number > 0 
    
    
    }//end if session[auth]!=1
    // User is already logged on
    // So no need for further authentification
    // Just transport to user home page
    else
    {
     
        // User is already logged in
        // Just Transport them to their home page
          // If user has superadmin status
       // then display super admin Home Page   
       if ($session[superadmin]==1)
       {
       	
           echo "<meta http-equiv=\"Refresh\" content=\"1; url=$siteaddress/admin/index1.php\">\n\n<br><br><h2>You are already logged in</h2><h3>You will now be transported to your Account Management Page.If nothing happens or your browser does not support Refresh Meta Tags, please click <a href=\"$siteaddress/admin/index.php\">here</a> to continue. Thanks.</h3>";	
         
       }
       // If user has Admin status
       // then display Admin Home Page   
       else if ($session[admin]==1)
       {
    
           echo "<meta http-equiv=\"Refresh\" content=\"1; url=$siteaddress/admin/index1.php\">\n\n<br><br><h2>You are already logged in</h2><h3>You will now be transported to your Account Management Page.If nothing happens or your browser does not support Refresh Meta Tags, please click <a href=\"$siteaddress/admin/index.php\">here</a> to continue. Thanks.</h3>";	
         
       }
       // If user has no admin privileges
       // then display regular user Home Page 
       else
       {
           echo "<meta http-equiv=\"Refresh\" content=\"1; url=$siteaddress/index1.php\">\n\n<br><br><h2>You are already logged in</h2><h3>You will now be transported to your Account Management Page.If nothing happens or your browser does not support Refresh Meta Tags, please click <a href=\"$siteaddress/index1.php\">here</a> to continue. Thanks.</h3>";		   
       }                                  
     
    } // end of else
    
    ?>
    
    
    <? include("footer.php"); ?>
    
    PHP:
     
    whateveritis, Oct 26, 2010 IP
  2. krdzal

    krdzal Peon

    Messages:
    105
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #2
    Try clearing your browser cache
     
    krdzal, Oct 26, 2010 IP
  3. whateveritis

    whateveritis Peon

    Messages:
    41
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #3
    ^ still not working :(
     
    whateveritis, Oct 27, 2010 IP