@ Weird and ifying_circus....
Here is the "login.php", "login-exec.php", and "testpage.php"
Login page...
Code: Select all
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Cornerstone - Login</title>
<link href="oblogin.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
oblogin {
background-image: url(images/Plant_growing_on_coins__194479.jpg);
margin: 15px;
padding: 15px;
float: left;
height: 200px;
width: 300px;
}
oblogin {
height: 10px;
width: 300px;
}
#footer {
background-color: #CC0000;
height: 30px;
margin: 5px;
padding: 5px;
color: #FFFFFF;
width: 930px;
}
#footer {
}
-->
</style>
<link href="oblogin.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
.style1 {
color: #FFFFFF;
font-weight: normal;
}
.style2 {
font-family: "Times New Roman", Times, serif
}
.style3 {
color: #000000
}
.style7 {font-family: "Arno Pro Caption"; font-weight: bold; }
-->
</style>
</head>
<body>
<div id="one"><a href="index.html"><img src="xxxxx.jpg" width="699" height="99" /></a></div>
<div class="style1" id="two">
<div align="center" class="style3">Welcome to Cornerstone</div>
</div>
<div id="onlogin">
<form id="loginForm" name="loginForm" method="post" action="login-exec.php">
<p align="center">Please enter your User ID and <br />
Password to log in.</p>
<table width="300" border="0" align="center" cellpadding="2" cellspacing="0">
<tr>
<td width="112"><span class="style7">User ID</span></td>
<td width="188"><input name="login" type="text" class="textfield" id="login" /></td>
</tr>
<tr>
<td><span class="style7">Password</span></td>
<td><input name="password" type="password" class="textfield" id="password" /></td>
</tr>
<tr>
<td> </td>
<td><input type="submit" name="Submit" value="Login" /></td>
</tr>
</table>
</form></div>
</div>
<p> </p>
<p> </p>
<div class="style2" id="footer"> Copyrights © Cornerstone 2011-2012. All Rights Reserved.</div>
</body>
</html>
Here is the login-exec.php
Code: Select all
<?php
//Start session
session_start();
//Include database connection details
require_once('config.php');
//Array to store validation errors
$errmsg_arr = array();
//Validation error flag
$errflag = false;
//Connect to mysql server
$link = mysql_connect($hostname, $username, $password);
if(!$link) {
die('Failed to connect to server: ' . mysql_error());
}
//Select database
$db = mysql_select_db($dbname);
if(!$db) {
die("Unable to select database");
}
//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
//Sanitize the POST values
$login = clean($_POST['login']);
$password = clean($_POST['password']);
//Input Validations
if($login == '') {
$errmsg_arr[] = 'Login ID missing';
$errflag = true;
}
if($password == '') {
$errmsg_arr[] = 'Password missing';
$errflag = true;
}
//If there are input validations, redirect back to the login form
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: login.php");
exit();
}
//Create query
$qry="SELECT * FROM bslogin WHERE username='$login' AND password='".md5($_POST['password'])."'";
$result=mysql_query($qry);
//Check whether the query was successful or not
$data=array("fazilah07"=>array("url"=>"insideonbanking.php","password"=>"binti2011"),
"norendb7"=>array("url"=>"insideonbanking-1.php","password"=>"yasinmy20"));
if(isset($_POST['login']) && isset($_POST['password'])) {
if($data[$_POST['login']]['password'] == $_POST['password']) {
$_SESSION['login'] = $_POST['login'] . " " . $_POST['password'];
header('Location: ' . $data[$_POST['login']]['url']);
exit();
}else {
//Login failed
header("location: login.php");
exit();
}
}else {
die("Query failed");
}
?>
And here is the test page.....
Code: Select all
<?php
//Start session
session_start();
//Check whether the session variable SESS_MEMBER_ID is present or not
if(!isset($_SESSION['login']) xor (trim($_SESSION['login']) == '')) {
header("location: login.php");
exit();
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Home</title>
<style type="text/css">
<!--
#header {
background-color: #000000;
height: 120px;
width: 930px;
}
#navigation {
height: 50px;
width: 930px;
padding: 2px;
margin: 2px;
}
-->
</style>
<script src="SpryAssets/SpryMenuBar.js" type="text/javascript"></script>
<link href="SpryAssets/SpryMenuBarHorizontal.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
.style2 {color: #FFFFFF; font-family: "Times New Roman", Times, serif;}
-->
</style>
<link href="insideon.css" rel="stylesheet" type="text/css" />
<style type="text/css">
<!--
.style4 {color: #FF0000; font-size: 36px;}
.style10 {
font-family: "Times New Roman", Times, serif;
font-size: 28px;
font-weight: bold;
}
.style13 {
color: #000000;
font-size: 13px;
}
.style14 {font-size: 13px}
.style15 {color: #000000}
.style16 {font-family: "Times New Roman", Times, serif}
.style17 {
color: #FFFFFF;
font-weight: bold;
}
-->
</style>
</head>
<body>
<div align="justify"><a href="logout.php">Logout</a>
</div>
<br />
<div id="header"><img src="xxxx.jpg" width="510" height="118" /></div>
</div>
<div id="navigation">
<ul id="MenuBar1" class="MenuBarHorizontal">
<li><a href="home.html" class="style2">Home</a> </li>
<li><a href="myaccount.html">Manage Account</a></li>
<li><a href="personaldetails.html">Account Holder's Details</a> </li>
<li><a href="account.html" class="MenuBarItemSubmenu">Transfers credit</a>
<ul>
<li><a href="localtransfer.html">Local </a></li>
<li><a href="foreign.html">International </a></li>
</ul>
</li>
</ul>
</div>
<div id="body">
<div id="menu">
<p align="center" class="style17">Home</p>
</div>
<div class="style4" id="insidebody">
<p align="right" class="style10"><img src="file:///C|/Users/Kingsberry/Desktop/fazilah.jpg" width="126" height="94" /></p>
<p class="style10">Welcome Fazilah Binti Ismail! </p>
<p class="style14"><span class="style13">You are successfully logged in on
<script type="text/javascript">var d=new Date();
document.write(d);
</script>
</span></p>
<p class="style14"> </p>
<table width="641" height="346" border="1" cellpadding="2" cellspacing="2" bgcolor="#F0F0F0">
<tr>
<tr>
</tr>
</table>
<p class="style14"> </p>
</div>
<p> </p>
<p> </p>
<div class="style16" id="footer">
<div align="center">Copyrights © Cornerstone . All Rights Reserved. </div>
</div>
</div>
<script type="text/javascript">
<!--
var MenuBar1 = new Spry.Widget.MenuBar("MenuBar1", {imgDown:"SpryAssets/SpryMenuBarDownHover.gif", imgRight:"SpryAssets/SpryMenuBarRightHover.gif"});
//-->
</script>
</body>
</html>
And here is the logout.php
Code: Select all
<?php
//Start session
session_start();
//Unset the variables stored in session
unset($_SESSION['login']);
unset($_SESSION['login']);
unset($_SESSION['login']);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Logged Out</title>
</head>
<body bgcolor="#CCCCCC">
<h1> </h1>
<p align="center"> </p>
<h4 align="center" class="err style3 style5">Thank You for Banking with Standard Alliance Bank.</h4>
<h4 align="center" class="err style1 style4">You have been successfully logged out.</h4>
<p align="center" class="style1"><span class="style2">Click <a href="login.php">here</a> to continue banking or close the page</span></p>
</body>
</html>
So guys...please is there anywhere i gone wrong in the coding?? If I do, please correct me with the correct codings.
Thanks so much in advance.