i want to ask bout my login script
sometimes i can login..but sometimes its appear error login
here is my script
o<?php
include('connection/decl.php');
include('connection/atr.php');
session_start();
{
//".md5($_POST['user_password'])."'
$usrname=$_POST['username'];
$passwrd=$_POST['password'];
$username=mysql_query("SELECT username FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$username_ar=mysql_fetch_array($username);
$password=mysql_query("SELECT password FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$password_ar=mysql_fetch_array($password);
$designation=mysql_query("SELECT designation FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$designation_ar=mysql_fetch_array($designation);
$level=mysql_query("SELECT level FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$level_ar=mysql_fetch_array($level);
//$name=mysql_query("SELECT name FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
//$name_ar=mysql_fetch_array($name);
$idStaffS=mysql_query("SELECT idStaff FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$idStaff_ar=mysql_fetch_array($idStaffS);
//$codeCompany=mysql_query("SELECT codecat FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
//$codeCompany_ar=mysql_fetch_array($codeCompany);
if($designation_ar['designation'] == "$designation1")
{
header('Location:spadmin/index.php');
//echo $mainSprAdmin;
}
if($designation_ar['designation'] == "$designation2")
{
header('Location:admin/index.php');
}
if($designation_ar['designation'] == "$designation3")
{
header('Location:staff/index.php');
}
if($designation_ar['designation'] == "$designation4")
{
header('Location:cust/index.php');
}
else {
echo "<meta http-equiv=\"refresh\" content=\"0; URL=mesej.php?msg=ralatLogin\">";
}
$username=$_POST['username'];
$username=$username_ar['username'];
$designation=$designation_ar['designation'];
//$codeCompany=$codeCompany_ar['codecat'];
$idStaffS=$idStaff_ar['idStaff'];
$name=$name_ar['name'];
$level=$level_ar['level'];
session_register('username');
session_register('designation');
//session_register('name');
session_register('level');
session_register('idStaffS');
//session_register('codeCompany');
//
}
?>
login problem
Moderator: General Moderators
Re: login problem
Can you please put [ code ] tags around the PHP? It will make it easier to follow.
A quick glance makes me wonder, first, whether some of those lines could be combined to grab the value you need directly out of the returned array, and also that I usually store session values by simply doing $_SESSION['key'] = "blah";
Also, should you not retrieve your username and password BEFORE you check/authenticate them? I might be reading your code wrong, though...
Good Luck,
OmniUni
A quick glance makes me wonder, first, whether some of those lines could be combined to grab the value you need directly out of the returned array, and also that I usually store session values by simply doing $_SESSION['key'] = "blah";
Also, should you not retrieve your username and password BEFORE you check/authenticate them? I might be reading your code wrong, though...
Good Luck,
OmniUni
Re: login problem
Hi,
Instead of fetching (writing a query) for each variable, you can do it like
Instead of fetching (writing a query) for each variable, you can do it like
Code: Select all
$query = "SELECT * FROM $tbl5
WHERE WHERE username='".mysql_real_escape_string($usrname)."'
AND password='".mysql_real_escape_string($passwrd)."'";
$result = @mysql_query($query) or die("Error: ".mysql_error());
$nbrows = @mysql_num_rows($result); // count rows - number of rows
if ($nbrows == 0) {print 'There is no data';}
if ($nbrows> 0) { // if data exists
while ($rowdata = @mysql_fetch_array($result)) {
$username = $rowdata['username'];
$password = $rowdata['password'];
.......................
........................
} // while ($rowdata = @mysql_fetch_array($result))
} // f ($nbrows> 0)Re: login problem
u mean by replaces this script?
$username=mysql_query("SELECT username FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$username_ar=mysql_fetch_array($username);
$password=mysql_query("SELECT password FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$password_ar=mysql_fetch_array($password);
$designation=mysql_query("SELECT designation FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$designation_ar=mysql_fetch_array($designation);
$level=mysql_query("SELECT level FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$level_ar=mysql_fetch_array($level);
//$name=mysql_query("SELECT name FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
//$name_ar=mysql_fetch_array($name);
$idStaffS=mysql_query("SELECT idStaff FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$idStaff_ar=mysql_fetch_array($idStaffS);
//$codeCompany=mysql_query("SELECT codecat FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
//$codeCompany_ar=mysql_fetch_array($codeCompany);
sory..how to make a page(script) with lines
$username=mysql_query("SELECT username FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$username_ar=mysql_fetch_array($username);
$password=mysql_query("SELECT password FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$password_ar=mysql_fetch_array($password);
$designation=mysql_query("SELECT designation FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$designation_ar=mysql_fetch_array($designation);
$level=mysql_query("SELECT level FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$level_ar=mysql_fetch_array($level);
//$name=mysql_query("SELECT name FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
//$name_ar=mysql_fetch_array($name);
$idStaffS=mysql_query("SELECT idStaff FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$idStaff_ar=mysql_fetch_array($idStaffS);
//$codeCompany=mysql_query("SELECT codecat FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
//$codeCompany_ar=mysql_fetch_array($codeCompany);
sory..how to make a page(script) with lines
Re: login problem
Replace this script
with this one$username=mysql_query("SELECT username FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$username_ar=mysql_fetch_array($username);
$password=mysql_query("SELECT password FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$password_ar=mysql_fetch_array($password);
$designation=mysql_query("SELECT designation FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$designation_ar=mysql_fetch_array($designation);
$level=mysql_query("SELECT level FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$level_ar=mysql_fetch_array($level);
//$name=mysql_query("SELECT name FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
//$name_ar=mysql_fetch_array($name);
$idStaffS=mysql_query("SELECT idStaff FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
$idStaff_ar=mysql_fetch_array($idStaffS);
//$codeCompany=mysql_query("SELECT codecat FROM $tbl5 WHERE username='$usrname' AND password='$passwrd'");
//$codeCompany_ar=mysql_fetch_array($codeCompany);
Code: Select all
$query = "SELECT * FROM $tbl5
WHERE WHERE username='".mysql_real_escape_string($usrname)."'
AND password='".mysql_real_escape_string($passwrd)."'";
$result = @mysql_query($query) or die("Error: ".mysql_error());
$nbrows = @mysql_num_rows($result); // count rows - number of rows
if ($nbrows == 0) {print 'There is no data';}
if ($nbrows> 0) { // if data exists
while ($rowdata = @mysql_fetch_array($result)) {
$username = $rowdata['username'];
$password = $rowdata['password'];
$designation = $rowdata['designation'];
$level = $rowdata['level'];
$name = $rowdata['name'];
$idStaff = $rowdata['idStaff'];
} // while ($rowdata = @mysql_fetch_array($result))
} // if ($nbrows> 0)You just select the text and click Code button on the tophow to make a page(script) with lines