Login Form
Posted: Mon Oct 29, 2007 2:33 am
feyd | Please use
This is my login Script: login.php[/syntax]
feyd | Please use
Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
This is my login script i thought i cant get it to work.
if the userStatus from the user table = accountJ then i need it to go to the accountJ.php
if the userStatus from the user table = accountM then i need it to go to the accountM.php
if the userStatus from the user table = accountE then i need it to go to the accountE.php
i am recieveing this error,
Invalid query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Resource id #4' at line 1 Whole query:
this is my login form: loginForm.php
[syntax="html"]
<form action="login.php" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
This is my login Script: login.php[/syntax]
Code: Select all
<?php
// Connects to your Database
include('dbConnect.php');
//if the login form is submitted
if (isset($_POST['submit']))
{ // if form has been submitted
// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass'])
{
die('You did not fill in a required field.');
}
// checks it against the database
if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database.
<a href=index.php>Click Here to retry</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);
//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else
{
$result = mysql_query($check);
// Check result
// This shows the actual query sent to MySQL, and the error. Useful for debugging.
if (!$result) {
$message = 'Invalid query: ' . mysql_error() . "\n";
$message .= 'Whole query: ' . $query;
die($message);
}
// Use result
// Attempting to print $result won't allow access to information in the resource
// One of the mysql result functions must be used
// See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc.
while ($row = mysql_fetch_assoc($result))
{
$userStatus=$row['userStatus'];
echo $userStatus;
//echo("<p><h4>" . $row['journ_fname'] . $row['journ_lname'] . "</h4></p>");
//echo "<a href=article.php?art=" . $row['art_id'] . ">" . $row['journ_fname'] . $row['journ_lname'] . "</a>";
}
// if login is ok then we add a cookie
//$_POST['username'] = stripslashes($_POST['username']);
//$hour = time() + 3600;
//setcookie(ID_my_site, $_POST['username'], $hour);
//setcookie(Key_my_site, $_POST['pass'], $hour);
// If userStatus = acountJ then user is a journalist. add user to the journalist table and user table
if ($userStatus == "accountJ")
{
$location= "accountJ.php";
header("Location: $location");
}
else {
// If userStatus = acountE then user is a Editor. add user to the editor table and user table
if ($userStatus == "accountE")
{
$location= "accountE.php";
header("Location: $location");
}//2nd if statement
else {
// If userStatus = acountJ then user is a manager. add user to the Manager table and user table
if ($userStatus == "accountM")
{
$location= "accountM.php";
header("Location: $location");
} // !mysql_query($query)
}
}
}
}
}
?>feyd | Please use
Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]