Code Forums - View Single Post

BUFFY · 05-02-2005, 05:30 PM

Hold the phone

It seems to be working.... I changed a couple of things and dont want to question it!

Only part that doesn't work is if you enter in details not in the database it just shows the login.php page and an empty space where the error message is meant to be (i.e error isn't working)

I tired this code at the bottom before the loggedin variable, it worked when the input was wrong, but showed up under the student details when they logged in successfully:

PHP Code:


			
//Destroy session if no results are found

if($num == 0){

  session_destroy();

  echo "<br><br>You are not authenticated. Please login.<br><br>";

  exit;

}

Thanks all for your input... I got to make sure it carries through with the session but it seems okay atm.

PHP Code:


			
<?PHP

// start session

session_start();



// convert username and password from _POST or _SESSION

if($_POST["username"])

{

  $username=$_POST["username"];

  $password=$_POST["password"];  

}

elseif($_SESSION["username"])

{

  $username=$_SESSION["username"];

  $password=$_SESSION["password"];

}



// start and register session variables

session_register("username");

session_register("password");



//Connect to database include file

include 'connect.inc';



//Echo user name for testing purposes

echo "User: $username<hr>";



// query for a user/pass match

$result=mysql_query("SELECT * FROM tutor

  WHERE username='" . $username . "' and password='" . $password . "'");



$row=mysql_fetch_array($result);

$num=mysql_num_rows($result);



if (mysql_num_rows($result)>0)

   {

    // We have a tutor

    $fullname=$row['firstname'] .' ' . $row['lastname'];

    echo("Hello tutor: $fullname<p>");

    if ($row['password']==$password)

     {

     //tutor is authenticated

     echo("tutor you have logged in correctly");

     } else { echo ("try again");}    

    

   } else {

   

   // Check for student

    $result=mysql_query("SELECT * FROM student

    WHERE username='" . $username . "' and password='" . $password . "'");



    $row=mysql_fetch_array($result);

    

    if ($row['username']==$username)

          {

          // Confirm

       $fullname=$row['firstname'] . ' ' . $row['lastname'];

       echo("Hello student: $fullname<p>");

       if ($row['password']==$password)

           {

             // student is authenticated

         echo("student you have logged in correctly");

           } else { echo ("try again");}    

           }

         }



$loggedin=true;



?>

05-02-2005, 05:30 PM	#10 (permalink)
BUFFY Registered User Join Date: May 2005 Posts: 29	Hold the phone It seems to be working.... I changed a couple of things and dont want to question it! Only part that doesn't work is if you enter in details not in the database it just shows the login.php page and an empty space where the error message is meant to be (i.e error isn't working) I tired this code at the bottom before the loggedin variable, it worked when the input was wrong, but showed up under the student details when they logged in successfully: PHP Code: `//Destroy session if no results are found if($num == 0){ session_destroy(); echo "<br><br>You are not authenticated. Please login.<br><br>"; exit; }` Thanks all for your input... I got to make sure it carries through with the session but it seems okay atm. PHP Code: <?PHP // start session session_start(); // convert username and password from _POST or _SESSION if($_POST["username"]) { $username=$_POST["username"]; $password=$_POST["password"]; } elseif($_SESSION["username"]) { $username=$_SESSION["username"]; $password=$_SESSION["password"]; } // start and register session variables session_register("username"); session_register("password"); //Connect to database include file include 'connect.inc'; //Echo user name for testing purposes echo "User: $username<hr>"; // query for a user/pass match $result=mysql_query("SELECT * FROM tutor WHERE username='" . $username . "' and password='" . $password . "'"); $row=mysql_fetch_array($result); $num=mysql_num_rows($result); if (mysql_num_rows($result)>0) { // We have a tutor $fullname=$row['firstname'] .' ' . $row['lastname']; echo("Hello tutor: $fullname<p>"); if ($row['password']==$password) { //tutor is authenticated echo("tutor you have logged in correctly"); } else { echo ("try again");} } else { // Check for student $result=mysql_query("SELECT * FROM student WHERE username='" . $username . "' and password='" . $password . "'"); $row=mysql_fetch_array($result); if ($row['username']==$username) { // Confirm $fullname=$row['firstname'] . ' ' . $row['lastname']; echo("Hello student: $fullname<p>"); if ($row['password']==$password) { // student is authenticated echo("student you have logged in correctly"); } else { echo ("try again");} } } $loggedin=true; ?> Last edited by BUFFY; 05-02-2005 at 05:55 PM.