Page 1 of 1
User Authentication
Posted: Thu Oct 07, 2004 1:21 pm
by moiseszaragoza
Hi Everyone.
I was wandering if anyone cold help me.
I have a web page were in PHP connected to a Data base in MySQL.
When the User Logs in with there Username and Password it dose NOT return witch User Log in..
I tryed a Session. But It dose not work when I combine it With the log in Script.
For the End Resolt I want to Display all of that User Personal information bact.
THANKS
Posted: Thu Oct 07, 2004 1:23 pm
by twigletmac
Could we see some code please?
Mac
P.S. Please don't cross-post, one post in one forum is plenty (please read the first link in my signature).
Posted: Thu Oct 07, 2004 1:25 pm
by Draco_03
show us some code (use php tags)
The Code I have
Posted: Thu Oct 07, 2004 1:43 pm
by moiseszaragoza
Login.PHP
Code: Select all
<?php require_once('../../Connections/iaOnline.php'); ?>
<?php
mysql_select_db($database_iaOnline, $iaOnline);
$query_Recordset1 = "SELECT * FROM Users";
$Recordset1 = mysql_query($query_Recordset1, $iaOnline) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?><?php
// *** Validate request to login to this site.
session_start();
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($accesscheck)) {
$GLOBALS['PrevUrl'] = $accesscheck;
session_register('PrevUrl');
}
if (isset($_POST['UserName'])) {
$loginUsername=$_POST['UserName'];
$password=$_POST['Password'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "Courses.php";
$MM_redirectLoginFailed = "LogInFaild.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_iaOnline, $iaOnline);
$LoginRS__query=sprintf("SELECT UserName, Password FROM Users WHERE UserName='%s' AND Password='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));
$LoginRS = mysql_query($LoginRS__query, $iaOnline) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = "";
//declare two session variables and assign them
$GLOBALS['MM_Username'] = $loginUsername;
$GLOBALS['MM_UserGroup'] = $loginStrGroup;
//register the session variables
session_register("MM_Username");
session_register("MM_UserGroup");
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Log In</title>
</head>
<body>
<table width="760" border="0" align="center">
<tr>
<td><img src="../../Images/SkyBG.jpg" width="760" height="96" /></td>
</tr>
<tr>
<td valign="top"><table width="760" border="0" cellspacing="0" cellpadding="0">
<tr>
<td class="style22 style23"> <div align="center" class="style24">IA SESSION LOGIN PAGE</div></td>
</tr>
<tr>
<td colspan="2"><div align="center"></div>
<form ACTION="<?php echo $loginFormAction; ?>" METHOD="POST" name="LogOn" id="LogOn">
<table width="760" border="0" cellspacing="0" cellpadding="3">
<tr>
<td width="300"><div align="right"><strong>IA Name: </strong></div></td>
<td width="448"><input name="UserName" type="text" id="UserName" /></td>
</tr>
<tr>
<td><div align="right"><strong>Password: </strong></div></td>
<td><input name="Password" type="password" id="Password" /></td>
</tr>
<tr>
<td> </td>
<td align="left"><input type="submit" name="Submit" value="Start My Session" /></td>
</tr>
</table>
</form></td>
</tr>
</table>
<table width="100%" border="0">
<tr>
<td> </td>
<td width="24%"><div align="center"><a href="../page2.php"><strong>GO BACK</strong></a></div></td>
<td> </td>
</tr>
</table> <p align="center"> </p> </td>
</tr>
<tr>
<td> </td>
</tr>
</table>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>
------------------------
Page I retrive the Info
Code: Select all
<?php
session_start();
session_register("UserName");
$UserName = $HTTP_POST_VARS['UserName'];
?>
Code: Select all
<?php
$colname_Recordset1 = "1";
if (isset($_POST['Id'])) {
$colname_Recordset1 = (get_magic_quotes_gpc()) ? $_POST['Id'] : addslashes($_POST['Id']);
}
$colname_Recordset1 = "1";
if (isset($_SESSION['UserName'])) {
$colname_Recordset1 = (get_magic_quotes_gpc()) ? $_SESSION['UserName'] : addslashes($_SESSION['UserName']);
}
mysql_select_db($database_iaOnline, $iaOnline);
$query_Recordset1 = sprintf("SELECT * FROM Users WHERE UserName = '%s'", $colname_Recordset1);
$Recordset1 = mysql_query($query_Recordset1, $iaOnline) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
Posted: Thu Oct 07, 2004 4:02 pm
by Draco_03
first thing session_start should be at top the page (befor ANYTHING else)
Posted: Thu Oct 07, 2004 4:43 pm
by feyd
session_register and $_SESSION don't mix well.
I'd suggest recoding the usage of session_register to $_SESSION.