Log in script...
Moderator: General Moderators
Log in script...
How would you set up a login script to check username and password from a database, and if there isnt one there make it redirect to a "Bad username/password" page? Is there any good tutorials out there on this topic? Thanks.
-
bionicdonkey
- Forum Contributor
- Posts: 132
- Joined: Fri Jan 31, 2003 2:28 am
- Location: Sydney, Australia
- Contact:
this may give u some ideas:
Code: Select all
<?php
class authenticate extends database {
var $sessionid;
function authenticate() {
parent::database();
$this->sessionid = session_id();
}
//
// Constructor and function that does most of the work
//
function authenticateUser($user, $pass) {
$query = "SELECT * FROM member_data WHERE username='". $user ."' AND password='". $pass ."'";
$result = parent::selectQuery($query, 'numRows');
if($result != 1) { // If the user doesn't exist or the password is incorect (aka if array returns as FALSE)
die("Wrong username and/or password"); // Kill script with message
} else { // If all is OK
$active = authenticate::checkActive($user); // Call checkActive function the see if user is enabled.
if($active == false) { // I user is disabled
die("User account is disabled. Contact Administration"); // Kill script with message
} else { // If user is active
return true; // Function returns TRUE
}
}
}
//
// Checks if the user is active
//
function checkActive($user) {
$query = "SELECT * FROM member_data WHERE username='". $user ."' AND active='enable'";
$numRows = parent::selectQuery($query, 'numRows'); // Call function in parent class 'database'
if($numRows == 1) { // If query returned value '1' (aka If user is active)
return true; // Return TRUE
} else { // If user is disabled
return false; // Return FALSE
}
}
function login($user, $pass) {
$auth = authenticate::authenticateUser($user, $pass);
if($auth == true) { // User authenticated
$query = "UPDATE sessions SET registered=1, reguser='". $user ."', lastAccess=". time() ." WHERE session_id='". $this->sessionid ."'";
mysql_query($query, $this->dblink) or die(mysql_error()); // Insert session into table in db
//
// Update the Cookie
//
sessions::newCookie($user, $pass);
authenticate::sessionVariable($user);
} else {
die(); // Just in case other ones don't work for some reason
}
}
function sessionVariable($user) {
$query = "SELECT username, accessPermitted FROM member_data WHERE username='". $user ."'";
$result = parent::selectQuery($query, 'resultArray');
if($result == false) {
die("Hmm... User doesn't exist!?! While trying to create session variable! Contact Administration");
}
$_SESSION['authdata'] = array("username"=>$result['username'], "access"=>$result['accessPermitted']);
}
}
?>- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
You can look at this for the sessions side of user login -
viewtopic.php?t=6521
When it comes to checking against the database - pseudocode 'cause I don't know your database structure:
The redirecting thing is in the tutorial I linked to above.
Mac
viewtopic.php?t=6521
When it comes to checking against the database - pseudocode 'cause I don't know your database structure:
Code: Select all
$sql = "SELECT ID FROM users WHERE username = '$username' AND password = '$password'";
$result = mysql_query($sql) or die(mysql_error().'<p>'.$sql.'</p>');
if (mysql_num_rows($result) == 0) {
echo 'Username and/or password are incorrect';
} else {
echo 'Welcome '.$username;
}Mac
- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
-
bionicdonkey
- Forum Contributor
- Posts: 132
- Joined: Fri Jan 31, 2003 2:28 am
- Location: Sydney, Australia
- Contact:
yea...well so i believe.bionicdonkey wrote:if you're refering to my script i posted, it's not pear. (unless i'm doing thing without knowing about it again)Random wrote:My server cant do Pear i dont think...thats the problemOromian wrote:holy Rand, it's only one 6 line class....hehe
http://pear.php.net/manual/en/introduction.php#about-pfc wrote: The PHP Foundation Classes is a subset of PEAR that focuses on quality, generality, interoperability and compatibility.