Hi all,
This I hope will make sense. I've the following code which when a user logins in, creates a session:
if (isset($_POST['submitted'])) { // Check if the form has been submitted.
require_once ('mysql_connect.php'); // Connect to the database.
// Validate the email address.
if (!empty($_POST['email'])) {
$e = escape_data($_POST['email']);
} else {
echo '<p class="error">You forgot to enter your email address!</p>';
$e = FALSE;
}
// Validate the password.
if (!empty($_POST['pass'])) {
$p = escape_data($_POST['pass']);
} else {
$p = FALSE;
echo '<p class="error">You forgot to enter your password!</p>';
}
if ($e && $p) { // If everything's OK.
// Query the database.
$query = "SELECT user_id, first_name, account_id FROM users WHERE (email='$e' AND pass=SHA('$p')) AND active IS NULL";
$result = mysql_query ($query) or trigger_error("Query: $queryn<br />MySQL Error: " . mysql_error());
if (@mysql_num_rows($result) == 1) { // A match was made.
// Register the values & redirect.
$row = mysql_fetch_array ($result, MYSQL_NUM);
mysql_free_result($result);
mysql_close(); // Close the database connection.
$_SESSION['user_id'] = $row[0];
$_SESSION['first_name'] = $row[1];
$_SESSION['account_id'] = $row[2];
// Start defining the URL.
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
// Check for a trailing slash.
if ((substr($url, -1) == '/') OR (substr($url, -1) == '\') ) {
$url = substr ($url, 0, -1); // Chop off the slash.
}
// Add the page.
$url .= '/index.php';
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
} else { // No match was made.
echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>';
}
} else { // If everything wasn't OK.
echo '<p class="error">Please try again.</p>';
}
mysql_close(); // Close the database connection.
} // End of SUBMIT conditional.
?>
<h1>Login</h1>
<p class="maintext">Your browser must allow cookies in order to log in.</p>
<form action="login.php" method="post">
<fieldset>
<p class="maintext"><b>Email Address:</b> <input type="text" name="email" size="20" maxlength="40" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /></p>
<p class="maintext"><b>Password:</b> <input type="password" name="pass" size="20" maxlength="20" /></p>
<div align="center"><input type="submit" name="submit" value="Login" /></div>
<input type="hidden" name="submitted" value="TRUE" />
</fieldset>
</form>
Each page I want protected then has this at the top
// If no first_name variable exists, redirect the user.
if (!isset($_SESSION['first_name'])) {
// Start defining the URL.
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
// Check for a trailing slash.
if ((substr($url, -1) == '/') OR (substr($url, -1) == '\') ) {
$url = substr ($url, 0, -1); // Chop off the slash.
}
// Add the page.
$url .= '/index.php';
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
} else {
### page ###
}
What I'd like to do is set the session to automatically expire after 2 hours and the users password to reset to something different to prevent login.
I assume this is possible but where do I start?
Echoing If Function?
A script I am using has If statements in the comments form to basically tell the form what to do. Currently the form works by opening in a pop up for those who want to read/write comments. I'm
Access website from only 1 computer...?
One of my customers wants his website to only be accessed by people in which they bought the website membership from on their computer. He's afraid that the users might share their login's with their
user data not transferring to new page
I'm a PHP learner. After an index.php page, the user goes to a login.php page. Both pages seem to be working.After logging in with username, password, and a special code, the user is transferred to
first few characters only
hi, does anyone know how to use PHP to take the first few words of a text and limit them? i have seen this in many news sites where the news story headline reads like "woman found in obama's
php slowing my site?
Hi all,I think that one of the reasons that my site doesn't work fast is that the code is very big.maybe in some cases there are un-optimal functions, I mean functions that I can improve them to get
Checking BOM Authorization Group
Hai Friends,
Comment Mod System Effects all rows...
Sorry if its confusing but here is whats going on: I have a table in a database called comments and there are alot of entries there but can manually be marked flagged with a 1. nevermind how that is
Email with Attachments in PHP
Hi Friends How to send email in PHP with attachment.I know simple mail can be sent with mail() function but i have no idea about email with attachment.
Strip Slashes Help
I've got a script that i've downloaded of the net to edit multiple fields from my sql database, and works fine EXCEPT I want to add the strip slashes bit to it so it will save what I type in. However,
header redirect problems? please help
Ok i am making a site that generates youtube thumbnails and i am generating an image that displays 1 image with a playbutton image on top of ithere is the page that generates the