These are the pages I'm working with:
Index.php -> Control.php -> Main.php
Index.php: has a form to enter user and pwd.
Control.php: checks user, pwd and redirects the user to Main or Index depending on the correct values of these fields.
Main.php: has the code of the program.
Well, the thing is that if I open Index.php it calls Control.php, if there's any trouble in it (wrong pwd, wrong user, etc..) it calls an error function from error.php, but if everything's ok it doesn't let the user pass to Main.php unless you've previously made some mistake in entering the user or pwd.
My control.php file looks like these:
Code: Select all
<?php
session_start();
include "errores.php";
require ("db_config.inc.php");
$sql = "SELECT * FROM usuariosceros WHERE usuario = '".$_POST["user"]."'";
$result = mssql_query($sql, $conex);
$filas = mssql_num_rows($result);
if ($filas <= 0)
{ error(13, $_POST["user"]); exit; }
$n1 = mssql_result($result,0, 1);
if (trim($n1) != trim($_POST["pwd"]))
{ error (1, "Usuario o Contraseña"); exit; }
$permi = mssql_result($result, 0, 2);
if ($permi == 0)
{ error (14, $_POST["user"]); exit; }
$user = $_POST["user"];
$_SESSION["valid"]= "YES";
header ("Location: Main.php?userID=".trim($user));
?>Thank you.