Code Forums - View Single Post

BUFFY · 05-02-2005, 03:46 PM

Basically I want the "user" to enter their logon details on login.php, this then POST's the details back to login.php this time with a variable set to yes. The variable call's login.inc.php to perform the authentication to the database.

At first it was working but then i realised it wasn't checking the values against the database just returning the variables. I extended the mysql_query to look more like yours sde

It started checking the database but only for the first table queried. The other table's login details resulted in a error statement returned... "User is not authenticated" etc.

So then Ive changed it to suit redheads suggestion which resulted in nothing working

I see the logic but am in the process of debugging (im new, it takes me hours) to see if any of it works and which part doesn't.

It should allow either a tutor or a student from different tables to login into a session by checking their username and password against the table feilds. Then just return the fullname (firstname + lastname from table) of the tutor/student back to login.php

The code I am using is what is posted earlier, I changed it now to look like the code redhead supplied....

Login.php (not changed)

PHP Code:


			
//This code has not been changed, it works fine.

<?PHP

//require_once 'connect.inc';



if ($_REQUEST['ShowRegister']=='yes')

  {

  include 'reg.inc.php'; 

  exit; 

  }



if ($_REQUEST['DoRegister']=='yes')

  {

  // if failed then exit; 

  }



if ($_REQUEST['DoLogin']=='yes')

  {

    include 'login.inc.php';

  }



  if (!$loggedin==true) 

  {

  if ($loginrequired==true or 

     !$nologinrequired=="yes") 

    {

?>

<form action="login.php?DoLogin=yes" method="post" name="logindetails" class="textblue">

 <table width="90%" border="0" cellspacing="1px" cellpadding="5px">

  <tr> 

   <td colspan="2" class="heading4">Login</td>

  </tr>

  <tr> 

   <td>Username</td>

   <td><input name="username" type="text" id="username" size="40" maxlength="80"></td>

  </tr>

  <tr> 

   <td>Password</td>

   <td><input name ="password" type="password" id="password" size="40" maxlength="20"></td>

  </tr>

  <tr> 

   <td colspan="2" class="textblue">If you do not have a user name, please register <a href="<?PHP echo $_SERVER['PHP_SELF'] . '?ShowRegister=yes' ?>">here</a> 

   </td>

  </tr>

  <tr> 

   <td colspan="2"><input type="submit" name="Login" value="Login"/></td>

  </tr>

 </table>

</form>

    

<?PHP

       exit;

    } 

  }       

?>

Login.inc.php (changed)

PHP Code:


			
<?PHP 

//LOGIN.INC.PHP 



// start session

session_start();



// convert username and password from _POST or _SESSION

if($_POST["username"])

{

  $username=$_POST["username"];

  $password=$_POST["password"];  

}

elseif($_SESSION["username"])

{

  $username=$_SESSION["username"];

  $password=$_SESSION["password"];

} 



// start and register session variables 

session_register("username");

session_register("password");



//Connect to database include file

include 'connect.inc';



 $result=mysql_query("SELECT * FROM tutor

  WHERE username='" . $username . "' and password='" . $password . "'");



$row=mysql_fetch_array($result);

$num=mysql_num_rows($result);



if($num < 1){

   $result=mysql_query("SELECT * FROM student

    WHERE username='" . $username . "' and password='" . $password . "'");



    $row=mysql_fetch_array($result);

    $num=mysql_num_rows($result);

    if($num < 1){ // print login form and exit if failed.

        session_destroy();

        echo "You are not authenticated.  Please login.<br><br>";

        exit;

    }



    if ($row['username']==$username)

    {

       // we have a student

       $fullname=$row['firstname'] . ' ' . $row['lastname'];

       echo("Hello Student: $fullname<p>");

       echo('done');     

       if ($row['password']==$password)

       {

             // we have an authenticated student

             echo("Student you have logged in correctly");

       }

       else

       {

          echo ("try again");

       }     

    }

}

else

{

    // We have a tutor

    $fullname=$row['firstname'] . ' ' . $row['lastname'];

    echo("Hello tutor: $fullname<p>");

    if ($row['password']==$password)

     {

     // we have an authenticated tutor

     echo("Tutor you have logged in correctly");

     } else { echo ("try again");}     

   }

}

$loggedin=true;

Im just cutting bits out to found out what works and whats causing the blank page error.... (nothing gets displayed in login.php)

AND thank you for the welcome, you guys/girls are really good here!

05-02-2005, 03:46 PM	#8 (permalink)
BUFFY Registered User Join Date: May 2005 Posts: 29	Basically I want the "user" to enter their logon details on login.php, this then POST's the details back to login.php this time with a variable set to yes. The variable call's login.inc.php to perform the authentication to the database. At first it was working but then i realised it wasn't checking the values against the database just returning the variables. I extended the mysql_query to look more like yours sde It started checking the database but only for the first table queried. The other table's login details resulted in a error statement returned... "User is not authenticated" etc. So then Ive changed it to suit redheads suggestion which resulted in nothing working I see the logic but am in the process of debugging (im new, it takes me hours) to see if any of it works and which part doesn't. It should allow either a tutor or a student from different tables to login into a session by checking their username and password against the table feilds. Then just return the fullname (firstname + lastname from table) of the tutor/student back to login.php The code I am using is what is posted earlier, I changed it now to look like the code redhead supplied.... Login.php (not changed) PHP Code: //This code has not been changed, it works fine. <?PHP //require_once 'connect.inc'; if ($_REQUEST['ShowRegister']=='yes') { include 'reg.inc.php'; exit; } if ($_REQUEST['DoRegister']=='yes') { // if failed then exit; } if ($_REQUEST['DoLogin']=='yes') { include 'login.inc.php'; } if (!$loggedin==true) { if ($loginrequired==true or !$nologinrequired=="yes") { ?> <form action="login.php?DoLogin=yes" method="post" name="logindetails" class="textblue"> <table width="90%" border="0" cellspacing="1px" cellpadding="5px"> <tr> <td colspan="2" class="heading4">Login</td> </tr> <tr> <td>Username</td> <td><input name="username" type="text" id="username" size="40" maxlength="80"></td> </tr> <tr> <td>Password</td> <td><input name ="password" type="password" id="password" size="40" maxlength="20"></td> </tr> <tr> <td colspan="2" class="textblue">If you do not have a user name, please register <a href="<?PHP echo $_SERVER['PHP_SELF'] . '?ShowRegister=yes' ?>">here</a> </td> </tr> <tr> <td colspan="2"><input type="submit" name="Login" value="Login"/></td> </tr> </table> </form> <?PHP exit; } } ?> Login.inc.php (changed) PHP Code: <?PHP //LOGIN.INC.PHP // start session session_start(); // convert username and password from _POST or _SESSION if($_POST["username"]) { $username=$_POST["username"]; $password=$_POST["password"]; } elseif($_SESSION["username"]) { $username=$_SESSION["username"]; $password=$_SESSION["password"]; } // start and register session variables session_register("username"); session_register("password"); //Connect to database include file include 'connect.inc'; $result=mysql_query("SELECT * FROM tutor WHERE username='" . $username . "' and password='" . $password . "'"); $row=mysql_fetch_array($result); $num=mysql_num_rows($result); if($num < 1){ $result=mysql_query("SELECT * FROM student WHERE username='" . $username . "' and password='" . $password . "'"); $row=mysql_fetch_array($result); $num=mysql_num_rows($result); if($num < 1){ // print login form and exit if failed. session_destroy(); echo "You are not authenticated. Please login.<br><br>"; exit; } if ($row['username']==$username) { // we have a student $fullname=$row['firstname'] . ' ' . $row['lastname']; echo("Hello Student: $fullname<p>"); echo('done'); if ($row['password']==$password) { // we have an authenticated student echo("Student you have logged in correctly"); } else { echo ("try again"); } } } else { // We have a tutor $fullname=$row['firstname'] . ' ' . $row['lastname']; echo("Hello tutor: $fullname<p>"); if ($row['password']==$password) { // we have an authenticated tutor echo("Tutor you have logged in correctly"); } else { echo ("try again");} } } $loggedin=true; Im just cutting bits out to found out what works and whats causing the blank page error.... (nothing gets displayed in login.php) AND thank you for the welcome, you guys/girls are really good here!