PHP Syntax

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
quadoc
Forum Contributor
Posts: 137
Joined: Fri Jul 01, 2005 5:33 pm
Location: Atlanta, GA

PHP Syntax

Post by quadoc »

I've the following code, when I logged in as either an "admin" or an user, it didn't do anything. It supposed to load either an "admin" page or "member" page like in the script but it doesn't. Could someone take a look and see what I'm missing. Thanks... :?

Code: Select all

<?php

ob_start();
include("config.php");

/* $connection = mysql_connect($hostname, $sqlname, $sqlpass) or die("Couldn't select database.");
$db = mysql_select_db($mysqldb, $connection) or die("Couldn't select database.");
*/

MSSQL_CONNECT($hostname,$username,$password) or DIE("DATABASE FAILED TO RESPOND."); 
mssql_select_db($dbName) or DIE("Table unavailable"); 

if(isset($_POST["submit"])){
	$email = htmlspecialchars($_POST["user"]);
	$email = strtolower($email);
	$tkey = htmlspecialchars($_POST["tkey"]);
	$tkey = strtoupper($tkey);

	if ($email == ""){

			header('Location: index.php?x=login&error=Error, You have entered an invalid email or tix key1');
	
	}else{
	
/*		$userinfo = mysql_query("SELECT * FROM `users` WHERE email='$email' LIMIT 1");
		$row = mysql_fetch_array($userinfo);
*/

		$query = "SELECT * FROM users WHERE email ='".$email."'"; 
		
		$result = MSSQL_QUERY($query); 

        $nRow = MSSQL_NUM_ROWS($result); 
       echo "Number of rows returned: ", mssql_num_rows($result);
	   //$tbl_key = mssql_result($result,"1","tkey");

	   
       while ($row = mssql_fetch_array($result)) {
         $tbl_tkey = $row["tkey"];
		 $tbl_admin = $row["admin"];
       }


		if($nRow == 0){
		
			header('Location: index.php?x=login&error=Error, You have entered an invalid email or tix key2');
		} else {

//			if($row["tkey"] == $tkey) {
			if($tbl_tkey == $tkey) {
				$_SESSION["email"] = $email;
				$_SESSION["admin"] = $row["admin"];
				$_SESSION["name"] = $row["name"];
				$_SESSION["tkey"] = $tkey;
				$_SESSION["logged_in"] = true;

				if($_SESSION["admin"] == 1)
				{

					//header('Location: index.php?x=admin&a=show&dep=1&tixstatus=1');
					header('Location: index.php?x=admin&a=show&dep=-1&tixstatus=1');
				}
				else
				{
					header('Location: index.php?x=member');
				}
			} else {

				header('Location: index.php?x=login&error=deepdoo, You have entered an invalid email or tix key3');
			}
		}
	}
}

ob_end_flush();
	
	?>
feyd | you can start using

Code: Select all

tags at any time now...[/color]
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

  1. Your header redirects need some adjustment. The error ones specifically.. you need to have URL safe escaped text: RawUrlEncode()
  2. If you are testing this in IE, which I imagine you are, and you hit enter, instead of clicking/thumping the submit button, you won't see $_POST['submit']. Instead of looking for that, look for a field that will always be submitted with the form..
User avatar
quadoc
Forum Contributor
Posts: 137
Joined: Fri Jul 01, 2005 5:33 pm
Location: Atlanta, GA

Post by quadoc »

"you won't see $_POST['submit']. Instead of looking for that, look for a field that will always be submitted with the form.."

How do I look for fields? I'm lost... :?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

$_POST['submit'] is a field name (in this case a button) on the form you are using. The username input, or a hidden input may be good to look for... post your form HTML code..
User avatar
quadoc
Forum Contributor
Posts: 137
Joined: Fri Jul 01, 2005 5:33 pm
Location: Atlanta, GA

Post by quadoc »

Ok, here is my form code.

Code: Select all

table width="600" border="0" align="center" cellpadding="1" cellspacing="1">
  <tr> 
	  <td><table width="600" border="0" cellspacing="0" cellpadding="0">
        <tr> 
          <td><strong>Please log in<br>
            </strong><img src="images/login.png" width="54" height="54"></td>
          <td width="45" align="center" valign="top"><a href="index.php?x=home"><img src="images/back.png" width="54" height="54" border="0"><br>
            Back</a></td>
        </tr>
      </table></td>
	</tr>
	<tr> 
	  <td><font color="#FF0000"><?php if(isset($_GET["error"])) { echo htmlspecialchars($_GET["error"]); } ?></font><form name="login" method="post" action="logon.php">
        <table width="300" border="0" cellspacing="0" cellpadding="0">
          <tr> 
            <td>E-mail</td>
            <td><input name="user" type="text" id="user2" value="<?php if(isset($_SESSION["email"])){ echo $_SESSION["email"]; } ?>"></td>
          </tr>
          <tr> 
            <td>Password</td>
            <td><input name="tkey" type="password" id="pass2" value="<?php if(isset($_SESSION["tkey"])){ echo $_SESSION["tkey"]; } ?>"></td>
          </tr>
          <tr> 
            <td>&nbsp;</td>
            <td><input name="submit" type="submit" id="submit" value="Submit"></td>
          </tr>
        </table>
        <p>Forgot your password? (<a href="index.php?x=pwdforgot">Click Here</a>)</p>
      </form></td>
	</tr>
</table>

feyd | seriously, start posting php code in

Code: Select all

tags. [/color][/size]
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

use $_POST['user'] instead of $_POST['submit']
Post Reply