Php - mysql store data and use it later?


Posted on 16th Feb 2014 07:03 pm by admin

Hi, i' making a login page at the moment, however my username + password is stored many different places, and is kinda hard to get, so I have written this entire code:
Code: <?php
session_start();
// dBase file
Did you know?Explore Trending and Topic pages for more stories like this.
include 'inc/config.php';

if ($_GET["op"] == "login")
{
if (!$_POST["username"] || !$_POST["password"])
{
die("You need to provide a username and FG-Pass.");
}

// Create query
$id = "SELECT member_id FROM `members` "
."WHERE `name`='".$_POST["username"]."' ";

$q = "SELECT * FROM `members` "
."WHERE `name`='".$_POST["username"]."' "
."AND `p_locked`=0 "
."AND SELECT field_13 FROM `pfields_content` "
."WHERE `id`='".$id."' "
."AND WHERE `field_13`=('".$_POST["password"]."') "

."LIMIT 1";
// Run query
$r = mysql_query($q);

if ( $obj = @mysql_fetch_object($r) )
{
// Login good, create session variables
$_SESSION["valid_id"] = $obj->id;
$_SESSION["valid_user"] = $_POST["username"];
$_SESSION["valid_time"] = time();

// Redirect to member page
Header("Location: shop.php");
}
else
{
// Login not successful
die("Sorry, could not log you in. Wrong login information.

Or your fg has been locked. Please contact Smilie.");
}
}
else
{
//If all went right the Web form appears and users can log in
echo "<form action="?op=login" method="POST">";
echo "Username: <input name="username" size="15"><br />";
echo "FG-Password: <input type="password" name="password" size="8"><br />";
echo "<input type="submit" value="Login">";
echo "</form>";
}

?>

So, the process:
1. I get and store the member id:
Code: // Create query
$id = "SELECT member_id FROM `members` "
."WHERE `name`='".$_POST["username"]."' ";

Then:
Check if:
-Account is not locked
-Get password for a different table, using the member id we got above.
-Check if username + password matches.
-login
Code: $q = "SELECT * FROM `members` "
."WHERE `name`='".$_POST["username"]."' "
."AND `p_locked`=0 "
."AND SELECT field_13 FROM `pfields_content` "
."WHERE `id`='".$id."' "
."AND WHERE `field_13`=('".$_POST["password"]."') "

."LIMIT 1";
// Run query
$r = mysql_query($q);
But this doesn't appear to be the case that it works..
I think it has something to do with that i need to run the query, but i'm not sure, how would i fix this?

Thanks in advance
Trending TodaySee what people are reading
No comments posted yet

Your Answer:

Login to answer
229 Like 6 Dislike
Previous forums Next forums
Other forums

Help! refer to a friend script with captcha code
Hi guys, I am posting on here in desperate need for some help with an ongoing search I have been doi

a dificult string search
Hi I don't know a way around this. I want the user to input a password, but to make it a bit complca

PHP Blog help
Need help with posting comments in a word press blog? I have a comments page where the comments are

upload only text files
hi guys i want to upload only text like like (pdf,note pad and ofiice files) so can any one please t

Sort Alternative/bi-monthly
Hi all,

Am going mad trying to get something to work.

I'm creating a CMS for a magazi

Delete Client 066 Earlywatch
Hi all,

in former times client earlywatch was required for SAPs remote access to SAP inst

why aint this working?
i have this code:

Code: $num = 250;
$count = ($num - $rcount);

echo $rc

type check while uploading
Hi Everyone,

How can I check the exact type of a file while uploading on my site?

Here

need help with date function
i have following form for date

Code: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01

Extending Exception to contain method name
I was wondering, if there's a way to extend Exception in such a way, that it would contain name of a

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



 
© indyaspeak.com. All Rights Reserved.
Play Free Quiz and Win Cash