now it's a structure problem - *sighs*

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
VisionsOfCody
Forum Commoner
Posts: 30
Joined: Sat Mar 01, 2003 1:19 pm
Location: France

now it's a structure problem - *sighs*

Post by VisionsOfCody »

Hi - me again, with another very basic problem (honestly, i've got two books about php and they're not much help :? ).

This time it's about structuring a password check - this is how it goes:

- the administrator inserts a login and password into the mysql table
- the index page checks for a cookie called 'user' (with a header redirect if it's true) and doesn't find it, so it displays the login form.
- the user puts in the login and password & clicks send
- the check password page does a mysql query to compare the login and password, and .....

.... then what ?
I think my problem is that i've done too much Flash actionScript (sorry if i've offended anyone, lol!) and keep expecting to use a php equivalent of getURL to send the user on to the right page.

As far as i can see, if i use a mysql query to check the password i can't then use a header (location : page) to send the user on to the next page. I had thought of making the php write some <META REFRESH> tags in the html, but that seems like a crap way out when there must surely be a more elegant way of doing it with php.

can anyone help me with this - sorry to be a php oaf !
:oops:
rodrigocaldeira
Forum Commoner
Posts: 27
Joined: Wed Mar 05, 2003 6:40 pm
Location: Brazil
Contact:

Post by rodrigocaldeira »

To use a header information during the script, I use the following syntax:

if (<something>)
{
?>
<script>
location = "the page";
</script>
<?
}
...

You can execute a query using the cookies values and so use the syntax above!!!
User avatar
daven
Forum Contributor
Posts: 332
Joined: Tue Dec 17, 2002 1:29 pm
Location: Gaithersburg, MD
Contact:

Post by daven »

for redirects:
header("Location: your_url");

If the user is in the Database (username & Password check out), send them to whatever your main index is (the page they should see after logging in).

I would also suggest using a session variable to check against for all your pages. If the variable is not set or incorrect, send the user to the login page. Similar to your cookie thing, but use it for all the pages, not just the index. Otherwise someone could just type the url in and bypass the check
VisionsOfCody
Forum Commoner
Posts: 30
Joined: Sat Mar 01, 2003 1:19 pm
Location: France

Post by VisionsOfCody »

thanks fellas
just one thing though - is it true that session variables don't work (or not very well anyway) with AOL users?
thanks again
User avatar
daven
Forum Contributor
Posts: 332
Joined: Tue Dec 17, 2002 1:29 pm
Location: Gaithersburg, MD
Contact:

Post by daven »

As far as I know, sessions work fine with AOL users. But anything relating to IP addresses does not. A single session for an AOL user should function fine. But trying to do anything which spans sessions or checks their IP is rather impossible, since AOL gives new IPs every login.
VisionsOfCody
Forum Commoner
Posts: 30
Joined: Sat Mar 01, 2003 1:19 pm
Location: France

Post by VisionsOfCody »

ah OK
that must be the AOL issue i'd heard about concerning sessions, as i'm not using the ip number then everything's peachy.... until the next problem, lol
Post Reply