Hi, i' making a login page at the moment, however my username + password is stored many different places, and is kinda hard to get, so I have written this entire code:
Code: <?php
session_start();
// dBase file
include 'inc/config.php';
if ($_GET["op"] == "login")
{
if (!$_POST["username"] || !$_POST["password"])
{
die("You need to provide a username and FG-Pass.");
}
// Create query
$id = "SELECT member_id FROM `members` "
."WHERE `name`='".$_POST["username"]."' ";
$q = "SELECT * FROM `members` "
."WHERE `name`='".$_POST["username"]."' "
."AND `p_locked`=0 "
."AND SELECT field_13 FROM `pfields_content` "
."WHERE `id`='".$id."' "
."AND WHERE `field_13`=('".$_POST["password"]."') "
."LIMIT 1";
// Run query
$r = mysql_query($q);
if ( $obj = @mysql_fetch_object($r) )
{
// Login good, create session variables
$_SESSION["valid_id"] = $obj->id;
$_SESSION["valid_user"] = $_POST["username"];
$_SESSION["valid_time"] = time();
// Redirect to member page
Header("Location: shop.php");
}
else
{
// Login not successful
die("Sorry, could not log you in. Wrong login information.
Or your fg has been locked. Please contact Smilie.");
}
}
else
{
//If all went right the Web form appears and users can log in
echo "<form action="?op=login" method="POST">";
echo "Username: <input name="username" size="15"><br />";
echo "FG-Password: <input type="password" name="password" size="8"><br />";
echo "<input type="submit" value="Login">";
echo "</form>";
}
?>
So, the process:
1. I get and store the member id:
Code: // Create query
$id = "SELECT member_id FROM `members` "
."WHERE `name`='".$_POST["username"]."' ";
Then:
Check if:
-Account is not locked
-Get password for a different table, using the member id we got above.
-Check if username + password matches.
-login
Code: $q = "SELECT * FROM `members` "
."WHERE `name`='".$_POST["username"]."' "
."AND `p_locked`=0 "
."AND SELECT field_13 FROM `pfields_content` "
."WHERE `id`='".$id."' "
."AND WHERE `field_13`=('".$_POST["password"]."') "
."LIMIT 1";
// Run query
$r = mysql_query($q);
But this doesn't appear to be the case that it works..
I think it has something to do with that i need to run the query, but i'm not sure, how would i fix this?
Thanks in advance
To add a field on the screen XK02.
Hi All,
Creating a db with a query
Hello everyone.I'm having troubles creating a db with a query.I'm reading a book called PHP Bibles from Tim Converse I get this errorFatal error: Call to undefined function mysql_create_db() in
how to transport the Query and insfoset
Hi
Removing Title From database problem
Hi again ! i am having an issue with updating database. When i update any price of a title it remove the title from database please can somebody help me what i am missing in my code. here it is:Code:
How to secure my login data to my database?
Hi there,It may be a stupid question but I don't know how to secure my login data to my database. I have created an include file in order not to have these data in the code of my pages, but I don't
PHP webpage & array print issue
I have this code running, and it works perfectly … however, see my bottom bit about what I see when I view source, versus what I want to see … I am having image re-sizing issues that
CHMOD script
Hi,I need a script to read all files in a folder and set to 777.Can anyone help out please?
Internal class functions don't seem to get executed.
Hi. Can someone please put me out of my misery on this. I don't write much PHP and this has me baffled. I've probably work myself into the wrong mindset with the time I've spent on this. What's
Must-Know Topics of PHP
Can you guys list the must-know topics of PHP. I am still a learner and I am trying to cover most of the important topics in PHP.
PHP/Database issue
My friend is helping me make a database where you go to a certain webpage of my site and the page will use code to pull information from a database and display it on the page in a formatted way.Code:
