Code: Select all
if(!$_POST['username'] | !$_POST['pass']) {
$loginErr1 = "One or more of the password fields needs to be filled in.!";
header('Location: login.php');
}Then I am redirected to the login page again right?
If this is true how does my $loginErr1 find it's way down here:
Code: Select all
if($loginErr1 || $loginErr2 || $loginErr3 || $loginErr4){
if($loginErr1){
$_SESSION['loginErr'] = $loginErr1;
}else if(loginErr2){
$_SESSION['loginErr'] = $loginErr2;
}else if ($loginErr3) {
$_SESSION['loginErr'] = $loginErr3;
header('location: login.php');
} else if ($loginErr4) {
$_SESSION['loginErr'] = $loginErr4;
header('location: login.php');
}else{
unset($_SESSION['loginErr']);
}
}//if $loginErrWhat is happening is that if $loginErr1 occurs it is echo'd to my page using a session variable.
And if this error does occur it does echo, so does $loginErr2, but loginErr3, and 4 don't work for some reason. Here is the complete code, but I should probably say that might have to completely rewrite this page as it stands as something is very amiss.
The complete code less the html:
Code: Select all
<?php
//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted
// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
$loginErr1 = "One or more of the password fields needs to be filled in.!";
header('Location: login.php');
}
// checks it against the database
if (!get_magic_quotes_gpc()) {
$_POST['username'] = addslashes($_POST['username']);
}
$check = mysql_query("SELECT * FROM user WHERE username = '".$_POST['username']."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
$loginErr2 = "Please try again! Either you mistyped or your username or password is not on file!";
header('location: login.php');
}
while($info = mysql_fetch_array( $check ))
{
$formpass = stripslashes($_POST['pass']);
$formpass = md5($formpass);
$dbpass = stripslashes($info['password']);
$confirmIDFlag = $info['confirmIDFlag'];
}
//gives error if the password is wrong
if ($formpass != $dbpass){
$loginErr3 = "Please try again! Either you mistyped or your username or password are not on file";
}else if (!$confirmIDFlag){
$loginErr4 = "You have completed registration but have not been added to the database, please be patient!";
}else{
$_SESSION['visitor'] = $info['fName'];
setcookie("userId", $info['id'], time()+60480000);
header('Location: index.php');
}
if($loginErr1 || $loginErr2 || $loginErr3 || $loginErr4){
if($loginErr1){
$_SESSION['loginErr'] = $loginErr1;
}else if(loginErr2){
$_SESSION['loginErr'] = $loginErr2;
}else if ($loginErr3) {
//echo "hello world"; exit;
$_SESSION['loginErr'] = $loginErr3;
header('location: login.php');
} else if ($loginErr4) {
$_SESSION['loginErr'] = $loginErr4;
header('location: login.php');
}else{
unset($_SESSION['loginErr']);
}
}//if $loginErr
} else { // if (!isset($_POST['submit'])) display the webpage
?>Code: Select all
<div align="center"><strong><?php echo $_SESSION['loginErr']; ?></strong></div>Kevin Raleigh