login script problems
Posted: Sat Dec 04, 2004 4:45 pm
Hi guys im trying to get this script to do as i want it to. I want it to firstly check if the user is validated which it does correct. Then i want it to check the users rank which it does. However what it does is it checks firstly to see if the users rank is 2 and if it is it outputs the message welcoming the user and given them an admin link. I then want it to finish and not check the next statement. But it carrys on and then it outputs the welcome message again so i get this output on screen
How can i stop it output again. any help would be great!!! code is below
Code: Select all
Welcome, Martin Sandhu using login name: mmc01ms. Your Customer Number is: 123567
Welcome, Martin Sandhu using login name: mmc01ms. Your Customer Number is: 123567
Admin SectionCode: Select all
<?php
session_start();
$admin_script = "./admin.php";
$register_script="./register.php";
if ($_SESSION['customer_id']){
echo "Welcome, ".$_SESSION['first_name']." ".$_SESSION['surname']." using login name: ".$_SESSION['username'].". Your Customer Number is: ".$_SESSION['customer_id']."<br><br>";
}
if ((!isset($_POST['username'])) && (!isset($_POST['password'])))
{
echo "<center><table>
<tr>
<b>»Funky Monkey Login</b>
</tr>
<tr><form name="auth" method="post" action="login3.php?action=login">
<td>Username: </td>
<td><input class="textfield" type="text" name="username" size="10"></td>
</tr>
<tr>
<td>Password: </td>
<td><input class="textfield" type="password" name="password" size="10"></td>
</tr>
<tr>
<td><input type="hidden" name="action" value="login"><input class="button" type="submit" name="Submit" value="Login">
<input type="reset" name="reset" value="Reset"></td>
</tr>
<tr>
<td><a href="$register_script"> Register</a> - if you don't have an account</td>
</tr>
</form>
</table></center>";
}
if ((isset($_POST['username'])) && (isset($_POST['password'])))
{
require ("dbConnect.php");
$connection = mysql_connect("$dbhost","$dbusername", "$dbpasswd")
or die ("Couldn't connect to server.");
$db = mysql_select_db("$database_name", $connection)
or die("Couldn't select database.");
$dbQuery = mysql_query("SELECT * FROM customers WHERE username='".$_POST['username']."'",$connection);
$getUserInfo = mysql_fetch_array($dbQuery);
if ($getUserInfo['validated'] == '0'){
echo '<br>You must Validate your account<br>';
}else
if($_POST['password'] == $getUserInfo['password'])
{
$_SESSION['customer_id'] = $getUserInfo['customer_id'];
session_register("customer_id");
$_SESSION['valid_user'] = $_getUserInfo['customer_id'];
$_SESSION['username'] = $getUserInfo['username'];
$_SESSION['rank'] = $getUserInfo['rank'];
$_SESSION['first_name'] = $getUserInfo['first_name'];
$_SESSION['validated'] = $getUserInfo['validated'];
$_SESSION['surname'] = $getUserInfo['surname'];
if ($_SESSION['validated'] == '0'){
session_unregister('customer_id');
echo '<br>You must Validate your account<br>';
}
if ($_SESSION['rank'] == '2'){
echo "Welcome, ".$_SESSION['first_name']." ".$_SESSION['surname']." using login name: ".$_SESSION['username'].". Your Customer Number is: ".$_SESSION['customer_id']."<br><br>";
echo "<br><a href="$admin_script">Admin Section</a><br>\n";
exit;
}
else
if($_SESSION['rank'] != '2'){
echo "Welcome, ".$_SESSION['first_name']." ".$_SESSION['surname']." using login name: ".$_SESSION['username'].". Your Customer Number is: ".$_SESSION['customer_id']."<br><br>";
echo "<a href="logout.php">Logout</a>";
exit;
}
}
}
?>