Php - mysql store data and use it later?
Posted on
16th Feb 2014 07:03 pm by
admin
Hi, i' making a login page at the moment, however my username + password is stored many different places, and is kinda hard to get, so I have written this entire code:
Code: <?php
session_start();
// dBase file
include 'inc/config.php';
if ($_GET["op"] == "login")
{
if (!$_POST["username"] || !$_POST["password"])
{
die("You need to provide a username and FG-Pass.");
}
// Create query
$id = "SELECT member_id FROM `members` "
."WHERE `name`='".$_POST["username"]."' ";
$q = "SELECT * FROM `members` "
."WHERE `name`='".$_POST["username"]."' "
."AND `p_locked`=0 "
."AND SELECT field_13 FROM `pfields_content` "
."WHERE `id`='".$id."' "
."AND WHERE `field_13`=('".$_POST["password"]."') "
."LIMIT 1";
// Run query
$r = mysql_query($q);
if ( $obj = @mysql_fetch_object($r) )
{
// Login good, create session variables
$_SESSION["valid_id"] = $obj->id;
$_SESSION["valid_user"] = $_POST["username"];
$_SESSION["valid_time"] = time();
// Redirect to member page
Header("Location: shop.php");
}
else
{
// Login not successful
die("Sorry, could not log you in. Wrong login information.
Or your fg has been locked. Please contact Smilie.");
}
}
else
{
//If all went right the Web form appears and users can log in
echo "<form action="?op=login" method="POST">";
echo "Username: <input name="username" size="15"><br />";
echo "FG-Password: <input type="password" name="password" size="8"><br />";
echo "<input type="submit" value="Login">";
echo "</form>";
}
?>
So, the process:
1. I get and store the member id:
Code: // Create query
$id = "SELECT member_id FROM `members` "
."WHERE `name`='".$_POST["username"]."' ";
Then:
Check if:
-Account is not locked
-Get password for a different table, using the member id we got above.
-Check if username + password matches.
-login
Code: $q = "SELECT * FROM `members` "
."WHERE `name`='".$_POST["username"]."' "
."AND `p_locked`=0 "
."AND SELECT field_13 FROM `pfields_content` "
."WHERE `id`='".$id."' "
."AND WHERE `field_13`=('".$_POST["password"]."') "
."LIMIT 1";
// Run query
$r = mysql_query($q);
But this doesn't appear to be the case that it works..
I think it has something to do with that i need to run the query, but i'm not sure, how would i fix this?
Thanks in advance
No comments posted yet
Your Answer:
Login to answer
229
6
Other forums
PHP using IF to display error
i have a MySQL query and i want to display 1 thing only if the number of affected rows is >=1
Operating System
How in PHP or other language can I detect Operating system, ie Windows XP Home, Windows 7 Ultimate,
Save remote XML to local website folder
Hi, I hope you can help me out. I would like to be able to pull an XML file from another site and t
Solution Manager BPR
Does the SolMan-BPR-ARIS-Integration (http://www.ids-scheer.com/en/ARIS/ARIS_Platform/ARIS_Business_
Consuming third party Payment Gateway API from Procedure.
Hi All,
First of all i would like to thank all the people of the oracle forum for providi
Using real time in php
I'm very average at PHP and im looking to introduce time to something on my site.
Its a sports si
Upload, SSL and more php help
I recently just installed a ssl cert and do i use https for the whole site or just for the checkout.
Data type mismatch
Hi,
I am migrating data from algol to c.I mapped real datatype in algol to double datatype in
function not returning the correct value
I have a program that needs to return a value from a function. I have an output statement inside the
CHECK A STRING FOR ' " ' (DOUBLE QUOTES)
I am checking for delimiter (.!?) and if there is a " after a sentence then it should neglect a