Page 1 of 1

now it's a structure problem - *sighs*

Posted: Thu Mar 06, 2003 12:19 pm
by VisionsOfCody
Hi - me again, with another very basic problem (honestly, i've got two books about php and they're not much help :? ).

This time it's about structuring a password check - this is how it goes:

- the administrator inserts a login and password into the mysql table
- the index page checks for a cookie called 'user' (with a header redirect if it's true) and doesn't find it, so it displays the login form.
- the user puts in the login and password & clicks send
- the check password page does a mysql query to compare the login and password, and .....

.... then what ?
I think my problem is that i've done too much Flash actionScript (sorry if i've offended anyone, lol!) and keep expecting to use a php equivalent of getURL to send the user on to the right page.

As far as i can see, if i use a mysql query to check the password i can't then use a header (location : page) to send the user on to the next page. I had thought of making the php write some <META REFRESH> tags in the html, but that seems like a crap way out when there must surely be a more elegant way of doing it with php.

can anyone help me with this - sorry to be a php oaf !
:oops:

Posted: Thu Mar 06, 2003 12:35 pm
by rodrigocaldeira
To use a header information during the script, I use the following syntax:

if (<something>)
{
?>
<script>
location = "the page";
</script>
<?
}
...

You can execute a query using the cookies values and so use the syntax above!!!

Posted: Thu Mar 06, 2003 2:21 pm
by daven
for redirects:
header("Location: your_url");

If the user is in the Database (username & Password check out), send them to whatever your main index is (the page they should see after logging in).

I would also suggest using a session variable to check against for all your pages. If the variable is not set or incorrect, send the user to the login page. Similar to your cookie thing, but use it for all the pages, not just the index. Otherwise someone could just type the url in and bypass the check

Posted: Thu Mar 06, 2003 4:23 pm
by VisionsOfCody
thanks fellas
just one thing though - is it true that session variables don't work (or not very well anyway) with AOL users?
thanks again

Posted: Thu Mar 06, 2003 9:07 pm
by daven
As far as I know, sessions work fine with AOL users. But anything relating to IP addresses does not. A single session for an AOL user should function fine. But trying to do anything which spans sessions or checks their IP is rather impossible, since AOL gives new IPs every login.

Posted: Fri Mar 07, 2003 1:49 am
by VisionsOfCody
ah OK
that must be the AOL issue i'd heard about concerning sessions, as i'm not using the ip number then everything's peachy.... until the next problem, lol