Hi, i' making a login page at the moment, however my username + password is stored many different places, and is kinda hard to get, so I have written this entire code: Code: <?php session_start(); // dBase file include 'inc/config.php';
if ($_GET["op"] == "login") { if (!$_POST["username"] || !$_POST["password"]) { die("You need to provide a username and FG-Pass."); }
// Redirect to member page Header("Location: shop.php"); } else { // Login not successful die("Sorry, could not log you in. Wrong login information.
Or your fg has been locked. Please contact Smilie."); } } else { //If all went right the Web form appears and users can log in echo "<form action="?op=login" method="POST">"; echo "Username: <input name="username" size="15"><br />"; echo "FG-Password: <input type="password" name="password" size="8"><br />"; echo "<input type="submit" value="Login">"; echo "</form>"; }
?>
So, the process: 1. I get and store the member id: Code: // Create query $id = "SELECT member_id FROM `members` " ."WHERE `name`='".$_POST["username"]."' ";
Then: Check if: -Account is not locked -Get password for a different table, using the member id we got above. -Check if username + password matches. -login Code: $q = "SELECT * FROM `members` " ."WHERE `name`='".$_POST["username"]."' " ."AND `p_locked`=0 " ."AND SELECT field_13 FROM `pfields_content` " ."WHERE `id`='".$id."' " ."AND WHERE `field_13`=('".$_POST["password"]."') "
."LIMIT 1"; // Run query $r = mysql_query($q); But this doesn't appear to be the case that it works.. I think it has something to do with that i need to run the query, but i'm not sure, how would i fix this?
