1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.
  2. Better Analytics for WordPress Get It Free

User Authentication system

Discussion in 'PHP' started by simnorwebdesign, Feb 7, 2008.

  1. #1
    Hi, I am currently working on a site at the moment where the user has to log in, I am working with code from here: http://www.php-mysql-tutorial.com/user-authentication/database.php


    <?php
    session_start();
    
    $errorMessage = '';
    if (isset($_POST['username']) && isset($_POST['password'])) {
    include 'mysql_connect.php';
    
       $userId = $_POST['username'];
       $password = $_POST['password'];
    
      
       $sql = "SELECT username FROM profile WHERE username = '$userId' AND password = PASSWORD('$password')";
    
       $result = mysql_query($sql)
                 or die('Query failed. ' . mysql_error());
    
       if (mysql_num_rows($result) == 1) {
          $_SESSION['db_is_logged_in'] = true;
          header('Location: memberhome.php');
          exit;
       } else {
          $errorMessage = 'Sorry, wrong user id / password';
       }
    
       mysql_close($conn);
    }
    ?>
    
    <html>
    <head>
    <title>Basic Login</title>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    </head>
    
    <body>
    <?php include 'header.php'; ?>
    	
    	
    		<div id="contentarea">
    			<div id="advert"><a href="#"><img src="images/ad.png" alt="advertisement" /></a></div>	
    			<div id="contentarea_padding">	
    				<div class="content">
    				
    				<?php if ($errorMessage != '') { ?>
    				<?php echo $errorMessage; ?>
    				<?php } ?>
    				
    				<div class="bannertitles">				
    				<font color="#b7fd3d">log</font><font color="#fded36">in</font>
    				</div><br/><br/>
    				
    				<form method="post" name="frmLogin" id="frmLogin">
    				<div class="inputcontainer">
    				<div class="label">Username:</div><input type="text" name="username" size="60" maxlength="60" /> </div>
    				<div class="inputcontainer">
    				<div class="label">Password:</div><input type="password" name="password" size="60" maxlength="60" /> </div>
    				<br/><br/>
    				<div class="inputcontainer"><div align="right">
    					<input type="submit" name="btnLogin" value="Login"></div></div>
    				</form>
    
    
    			</div>
    		</div></div>
    		
    <?php include 'sidebar.php'; ?>
    <?php include 'footer.php'; ?>
    </body>
    </html>
    Code (markup):
    and the memberhome.php:

    <?php
    session_start();
    
    if (!isset($_SESSION['db_is_logged_in'])
       || $_SESSION['db_is_logged_in'] !== true) {
    
       header('Location: login.php');
       exit;
    }
    
    ?>
    
    <?php include 'header.php'; ?>
    	
    	
    		<div id="contentarea">
    			<div id="advert"><a href="#"><img src="images/ad.png" alt="advertisement" /></a></div>	
    			<div id="contentarea_padding">	
    				<div class="content">
    				success
    			</div>
    		</div></div>
    		
    		<?php include 'sidebar.php'; ?>
    		<?php include 'footer.php'; ?>
    	
    Code (markup):
    The code all looks fine to me, only it doesn't go to memberhome.php when I put in the correct log in details. Is there something I need to change? Any help will be greatly appreciated.

    Thanks

    Simon
     
    simnorwebdesign, Feb 7, 2008 IP
  2. CreativeClans

    CreativeClans Peon

    Messages:
    128
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #2
    CreativeClans, Feb 7, 2008 IP
  3. simnorwebdesign

    simnorwebdesign Peon

    Messages:
    595
    Likes Received:
    8
    Best Answers:
    0
    Trophy Points:
    0
    #3
    I set the action to login.php which is the page with the php and form code, however I still get the same problem. If i set the action to memberhome.php it just goes to that page whatever values I put in.
     
    simnorwebdesign, Feb 7, 2008 IP
  4. Alley Cat

    Alley Cat Peon

    Messages:
    41
    Likes Received:
    1
    Best Answers:
    0
    Trophy Points:
    0
    #4
    This is the code that I have on my site to redirect a member after they have logged in,
    
    							
    			// Start defining the URL.
    			$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
    			// Check for a trailing slash.
    			if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
    				$url = substr ($url, 0, -1); // Chop off the slash.
    			}
    			// Add the page.
    			$url .= '/index.php';
    
    Code (markup):
    This I then follow up with what should happen if login is not successful.
    			
    			ob_end_clean(); // Delete the buffer.
    			header("Location: $url");
    			exit(); // Quit the script.
    				
    		} else { // No match was made.
    			echo '<p>Either the email address and password entered do not match those on file or you have not yet activated your account.</p>'; 
    		}
    		
    	} else { // If everything wasn't OK.
    		echo '<p>Please try again.</p>';		
    	}
    	
    	mysql_close(); // Close the database connection.
    
    Code (markup):
    I hope you find this useful.
     
    Alley Cat, Feb 7, 2008 IP
  5. simnorwebdesign

    simnorwebdesign Peon

    Messages:
    595
    Likes Received:
    8
    Best Answers:
    0
    Trophy Points:
    0
    #5
    I dont want to be changing the whole code and the code I have looks fine when I read through it, any ideas???
     
    simnorwebdesign, Feb 7, 2008 IP
  6. simnorwebdesign

    simnorwebdesign Peon

    Messages:
    595
    Likes Received:
    8
    Best Answers:
    0
    Trophy Points:
    0
    #6
    Hi, I am now following this script here: http://www.phpeasystep.com/workshopview.php?id=6

    However it only allows me to recognise a password written in text format

    <input type="text">
    Code (markup):
    rather than

    <input type="password">
    Code (markup):
    Which obviously isnt the right thing to do on a site, so does anybody know how I get the php/mysql to recognise the text of the password.

    Thanks
     
    simnorwebdesign, Feb 8, 2008 IP
  7. simnorwebdesign

    simnorwebdesign Peon

    Messages:
    595
    Likes Received:
    8
    Best Answers:
    0
    Trophy Points:
    0
    #7
    No matter, I sorted it, I didnt set the action to the right page. Thanks
     
    simnorwebdesign, Feb 8, 2008 IP