PHP authentiction
Posted: Fri Sep 13, 2002 12:37 pm
Can someone help me with this code, its driving me insane for about 4 weeks its obviously that im new to PHP so help would be much appecitated as its what make PHP what it is today.
My problem is with my code for an login script using sessions, mysql and php. Could someone look over this code and possibably get back to me as soon as possible stating whats the errors with it. heres the code in order it used in:-
THIS IS THE LOGIN SCRIPT - NOT THAT I NEED TO TELL YOU
<html>
<head><title>Login to members area</title></head>
<body bgcolor="white">
<h2>Please Login</h2>
<form action="protected.php" method="post">
Username: <input type="text" name="user"><br>
Password: <input type="password" name="pass"><br>
<input type="submit" value="Log In">
</form>
</body>
</html>
PROTECTED PAGE
<?php
include('auth.php');
?>
<html>
<head><title>This is protected</title></head>
<body>
This is protected
</body>
</html>
AUTH PAGE THIS IS WHAT DOES ALL THE WORK MOST PROBABLY THIS IS WHERE THE ERROR IS
<?php
// Start Sessions
session_start();
// Variables for mysql connection
$host="cant give you this";
$user="this";
$pass="and this";
$db="and this";
if (empty($HTTP_SESSION_VARS['user']))
{
// Connect to database
$connection=mysql_connect("cant give u this sorry", "or this", "and this")
or die("Could not connect to the database");
// Select database
$dbselect=mysql_select_db("this to", $connection)
or die("Could not select the database please try again later");
// Query the database
$result=mysql_query("SELECT COUNT(*) AS numfound FROM users WHERE
user='{$HTTP_POST_VARS['user']}' AND pass='{$HTTP_POST_VARS['pass']}'");
// Say what is going to be accepted as a correct login
$result_ar=mysql_fetch_array($result);
if ($result_ar['numfound'] < 1) // Login has failed
include('errorlog.html'); // Include file thats tell user he has not logged in correctly
exit;
// This user has logged in and set 'user' in session vars
$user = $HTTP_POST_VARS['user'];
session_register('user');
}
?>
THANKYOU CAN YOU HELP
My problem is with my code for an login script using sessions, mysql and php. Could someone look over this code and possibably get back to me as soon as possible stating whats the errors with it. heres the code in order it used in:-
THIS IS THE LOGIN SCRIPT - NOT THAT I NEED TO TELL YOU
<html>
<head><title>Login to members area</title></head>
<body bgcolor="white">
<h2>Please Login</h2>
<form action="protected.php" method="post">
Username: <input type="text" name="user"><br>
Password: <input type="password" name="pass"><br>
<input type="submit" value="Log In">
</form>
</body>
</html>
PROTECTED PAGE
<?php
include('auth.php');
?>
<html>
<head><title>This is protected</title></head>
<body>
This is protected
</body>
</html>
AUTH PAGE THIS IS WHAT DOES ALL THE WORK MOST PROBABLY THIS IS WHERE THE ERROR IS
<?php
// Start Sessions
session_start();
// Variables for mysql connection
$host="cant give you this";
$user="this";
$pass="and this";
$db="and this";
if (empty($HTTP_SESSION_VARS['user']))
{
// Connect to database
$connection=mysql_connect("cant give u this sorry", "or this", "and this")
or die("Could not connect to the database");
// Select database
$dbselect=mysql_select_db("this to", $connection)
or die("Could not select the database please try again later");
// Query the database
$result=mysql_query("SELECT COUNT(*) AS numfound FROM users WHERE
user='{$HTTP_POST_VARS['user']}' AND pass='{$HTTP_POST_VARS['pass']}'");
// Say what is going to be accepted as a correct login
$result_ar=mysql_fetch_array($result);
if ($result_ar['numfound'] < 1) // Login has failed
include('errorlog.html'); // Include file thats tell user he has not logged in correctly
exit;
// This user has logged in and set 'user' in session vars
$user = $HTTP_POST_VARS['user'];
session_register('user');
}
?>
THANKYOU CAN YOU HELP