Page 1 of 1

Help with keeping login details into variables

Posted: Wed Apr 09, 2008 8:49 am
by tinkywonk
I need help with my php lgin function I am trying to make it possible to save certain login details throughout my site while logged in. These fields are to be used to veify what parts of site the user can access.

the fields i need access to all the time are
uk
austria etc
price

these fields are in my user table

here is the code for my main page

Code: Select all

<?php session_start();
  if (isset($_GET["order"])) $order = @$_GET["order"];
  if (isset($_GET["type"])) $ordtype = @$_GET["type"];
 
  if (!isset($order) && isset($_SESSION["order"])) $order = $_SESSION["order"];
  if (!isset($ordtype) && isset($_SESSION["type"])) $ordtype = $_SESSION["type"];
?>
 
<html>
<head>
<title>Naturana Ltd Main Menu</title>
<meta name="generator" http-equiv="content-type" content="text/html">
<style type="text/css">
  body {
    background-color: #3b506b;
    color: #FFFFFF;
    font-family: Arial;
    font-size: 12px;
  }
  .bd {
    background-color: #3b506b;
    color: #FFFFFF;
    font-family: Arial;
    font-size: 12px;
  }
  .tbl {
    background-color: #FFFFFF;
  }
  a:link { 
    color: #FFFFFF;
    font-family: Arial;
    font-size: 12px;
  }
  a:active { 
    color: #FFFFFF;
    font-family: Arial;
    font-size: 12px;
  }
  a:visited { 
    color: #FFFFFF;
    font-family: Arial;
    font-size: 12px;
  }
  .hr {
    background-color: #506588;
    color: #FFFFFF;
    font-family: Arial;
    font-size: 12px;
  }
  a.hr:link {
    color: #FFFFFF;
    font-family: Arial;
    font-size: 12px;
  }
  a.hr:active {
    color: #FFFFFF;
    font-family: Arial;
    font-size: 12px;
  }
  a.hr:visited {
    color: #FFFFFF;
    font-family: Arial;
    font-size: 12px;
  }
  .ht {
    background-color: #3b506b;
    color: #FFFFFF;
    font-family: Arial;
    font-size: 20px;
  }
  a.ht:link {
    color: #FFFFFF;
    font-family: Arial;
    font-size: 20px;
  }
  a.ht:active {
    color: #FFFFFF;
    font-family: Arial;
    font-size: 20px;
  }
  a.ht:visited {
    color: #FFFFFF;
    font-family: Arial;
    font-size: 20px;
  }  
  .hs {
    background-color: #3b506b;
    color: #FFFFFF;
    font-family: Arial;
    font-size: 20px;
    font-weight: bold;
  }
  a.hs:visited {
    color: #FFFFFF;
    font-family: Arial;
    font-size: 20px;
    font-weight: bold;
  }
  a.hs:link {
    color: #FFFFFF;
    font-family: Arial;
    font-size: 20px;
    font-weight: bold;
  }
  a.hs:active {
    color: #FFFFFF;
    font-family: Arial;
    font-size: 20px;
    font-weight: bold;
  }
  .dr {
    background-color: #FFFFFF;
    color: #000000;
    font-family: Arial;
    font-size: 12px;
  }
  .sr {
    background-color: #FFFFCF;
    color: #000000;
    font-family: Arial;
    font-size: 12px;
  }
 
</style>
 
<table class="bd" width="100%"><tr><td class="bd"><td align=center><h2><a class="ht" href="country.php?a=logout"><img src="images/background.jpg" border=0></a></h2></td></tr></table>
 
</head>
 
<body>
 
<?php
  if (!login()) exit;
?>
 
<?php
  $conn = connect();
?>
 
 
 
 
 
 
<table class="bd" width="20%" align=center><tr><td class="bd"><td align=left><a class="hs" href="austria.php" style="text-decoration:none"><img src="images/austria.gif" border=0></a></td><td class="bd"><td align=right><a class="hs" href="austria.php">[ Austria ]</a></td></tr></table>
<br>
<table class="bd" width="20%" align=center><tr><td class="bd"><td align=left><a class="hs" href="benelux.php" style="text-decoration:none"><img src="images/belgium.gif" border=0></a></td><td class="bd"><td align=right><a class="hs" href="benelux.php">[ Belgium ]</a></td></tr></table>
<br>
<table class="bd" width="20%" align=center><tr><td class="bd"><td align=left><a class="hs" href="uk.php" style="text-decoration:none"><img src="images/uk.gif" border=0></a></td><td class="bd"><td align=right><a class="hs" href="uk.php">[ UK ]</a></td></tr></table>
<br>
<table class="bd" width="20%" align=center><tr><td class="bd"><td align=left><a class="hs" href="france.php" style="text-decoration:none"><img src="images/france.gif" border=0></a></td><td class="bd"><td align=right><a class="hs" href="france.php">[ France ]</a></td></tr></table>
<br>
<table class="bd" width="20%" align=center><tr><td class="bd"><td align=left><a class="hs" href="mcv.php" style="text-decoration:none"><img src="images/holland.gif" border=0></a></td><td class="bd"><td align=right><a class="hs" href="mcv.php">[ Holland ]</a></td></tr></table>
<br>
<table class="bd" width="20%" align=center><tr><td class="bd"><td align=left><a class="hs" href="natgo.php" style="text-decoration:none"><img src="images/germany.gif" border=0></a></td><td class="bd"><td align=right><a class="hs" href="natgo.php">[ Germany ]</a></td></tr></table>
<br>
<table class="bd" width="20%" align=center><tr><td class="bd"><td align=left><a class="hs" href="poland.php" style="text-decoration:none"><img src="images/poland.gif" border=0></a></td><td class="bd"><td align=right><a class="hs" href="poland.php">[ Poland ]</a></td></tr></table>
<br>
<table class="bd" width="20%" align=center><tr><td class="bd"><td align=left><a class="hs" href="portugal.php" style="text-decoration:none"><img src="images/portugal.gif" border=0></a></td><td class="bd"><td align=right><a class="hs" href="portugal.php">[ Portugal ]</a></td></tr></table>
<br>
<table class="bd" width="20%" align=center><tr><td class="bd"><td align=left><a class="hs" href="spain.php" style="text-decoration:none"><img src="images/spain.gif" border=0></a></td><td class="bd"><td align=right><a class="hs" href="spain.php">[ Spain ]</a></td></tr></table>
<br>
<table class="bd" width="20%" align=center><tr><td class="bd"><td align=left><a class="hs" href="czech.php" style="text-decoration:none"><img src="images/czech.gif" border=0></a></td><td class="bd"><td align=right><a class="hs" href="czech.php">[ Czech Rep ]</a></td></tr></table>
<br>
<table class="bd" width="100%"><tr><td class="bd"><td align=center><a class="hs" href="country.php?a=logout">[ Logout ]</a></td></tr></table>
<br>
<table class="bd" width="100%"><tr><td class="bd"><td align=center><a class="hs" href=".php?a=logout">[ Admin Setup ]</a></td></tr></table>
</body>
 
<?php function login()
{
  global $_POST;
  global $_SESSION;
 
  
 
  global $_GET;
  if (isset($_GET["a"]) && ($_GET["a"] == 'logout')) $_SESSION["logged_in"] = false;
  if (!isset($_SESSION["logged_in"])) $_SESSION["logged_in"] = false;
  if (!$_SESSION["logged_in"]) {
    $login = "";
    $password = "";
    if (isset($_POST["login"])) $login = @$_POST["login"];
    if (isset($_POST["password"])) $password = @$_POST["password"];
 
    if (($login != "") && ($password != "")) {
      $conn = mysql_connect("mysql.streamline.net", "natuk", "");
      mysql_select_db("natukcou1");
      $sql = "select `Password` from `Users` where `user name` = '" .$login ."'";
      $res = mysql_query($sql, $conn) or die(mysql_error());
      $row = mysql_fetch_assoc($res) or $row = array(0 => "");;
      if (isset($row)) reset($row);
 
      if (isset($password) && ($password == trim(current($row)))) {
        $_SESSION["logged_in"] = true;}
    else {
     
?>
<p><b><font color="FFFFFF">Sorry, the login/password combination you have entered is invalid</font></b></p>
<?php } } }if (isset($_SESSION["logged_in"]) && (!$_SESSION["logged_in"])) { ?>
<form action="country.php" method="post">
<table class="bd" border="0" cellspacing="1" cellpadding="4" align="center">
<tr>
<td>Login</td>
<td><input type="text" name="login" value="<?php echo $login ?>"></td>
</tr>
<tr>
<td>Password</td>
<td><input type="password" name="password" value="<?php echo $password ?>"></td>
</tr>
<tr>
<td><input type="submit" name="action" value="Login"></td>
</tr>
</table>
</form>
<?php
  }
  if (!isset($_SESSION["logged_in"])) $_SESSION["logged_in"] = false;
  return $_SESSION["logged_in"];
} ?>
 
<?php function connect()
{
  $conn = mysql_connect("mysql12.streamline.net", "natukcou1", "s132604");
  mysql_select_db("natukcou1");
  return $conn;
}
 
function sqlvalue($val, $quote)
{
  if ($quote)
    $tmp = sqlstr($val);
  else
    $tmp = $val;
  if ($tmp == "")
    $tmp = "NULL";
  elseif ($quote)
    $tmp = "'".$tmp."'";
  return $tmp;
}
 
function sqlstr($val)
{
  return str_replace("'", "''", $val);
}
 
Can anyone help me to work this out one thing I need to be able to do is if for instance the field austria in the user table = no then they cant access the austria menu. This is now upseting me as this is an important part of my site and cant seem to wrk out how to do it thanks for any help