Hi all,
This I hope will make sense. I've the following code which when a user logins in, creates a session:
if (isset($_POST['submitted'])) { // Check if the form has been submitted.
require_once ('mysql_connect.php'); // Connect to the database.
// Validate the email address.
if (!empty($_POST['email'])) {
$e = escape_data($_POST['email']);
} else {
echo '<p class="error">You forgot to enter your email address!</p>';
$e = FALSE;
}
// Validate the password.
if (!empty($_POST['pass'])) {
$p = escape_data($_POST['pass']);
} else {
$p = FALSE;
echo '<p class="error">You forgot to enter your password!</p>';
}
if ($e && $p) { // If everything's OK.
// Query the database.
$query = "SELECT user_id, first_name, account_id FROM users WHERE (email='$e' AND pass=SHA('$p')) AND active IS NULL";
$result = mysql_query ($query) or trigger_error("Query: $queryn<br />MySQL Error: " . mysql_error());
if (@mysql_num_rows($result) == 1) { // A match was made.
// Register the values & redirect.
$row = mysql_fetch_array ($result, MYSQL_NUM);
mysql_free_result($result);
mysql_close(); // Close the database connection.
$_SESSION['user_id'] = $row[0];
$_SESSION['first_name'] = $row[1];
$_SESSION['account_id'] = $row[2];
// Start defining the URL.
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
// Check for a trailing slash.
if ((substr($url, -1) == '/') OR (substr($url, -1) == '\') ) {
$url = substr ($url, 0, -1); // Chop off the slash.
}
// Add the page.
$url .= '/index.php';
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
} else { // No match was made.
echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>';
}
} else { // If everything wasn't OK.
echo '<p class="error">Please try again.</p>';
}
mysql_close(); // Close the database connection.
} // End of SUBMIT conditional.
?>
<h1>Login</h1>
<p class="maintext">Your browser must allow cookies in order to log in.</p>
<form action="login.php" method="post">
<fieldset>
<p class="maintext"><b>Email Address:</b> <input type="text" name="email" size="20" maxlength="40" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /></p>
<p class="maintext"><b>Password:</b> <input type="password" name="pass" size="20" maxlength="20" /></p>
<div align="center"><input type="submit" name="submit" value="Login" /></div>
<input type="hidden" name="submitted" value="TRUE" />
</fieldset>
</form>
Each page I want protected then has this at the top
// If no first_name variable exists, redirect the user.
if (!isset($_SESSION['first_name'])) {
// Start defining the URL.
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
// Check for a trailing slash.
if ((substr($url, -1) == '/') OR (substr($url, -1) == '\') ) {
$url = substr ($url, 0, -1); // Chop off the slash.
}
// Add the page.
$url .= '/index.php';
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
} else {
### page ###
}
What I'd like to do is set the session to automatically expire after 2 hours and the users password to reset to something different to prevent login.
I assume this is possible but where do I start?
Help with form post data and arrays
Hi all,I am new to this forum... It has been awhile since i have worked with arrays, and i am starting to pull my hair out with this little issue i am having..I hope someone can help me out with it,
Can't seem to capture a variable in a chained select
I'm *this* close to having a chained select running but for some reason it doesn't seem to be picking up a variable.Code: <?phprequire ('inc/connection.php');//seeming that we are just
ALV List Display to point to another report on Double Click
Hi,
connect() succeeds but accept() does not?
Please help me with this problem. I'm working on a time-sensitive project where I'm using TCP sockets. I've got this problem where most of the time a connection cannot be made.
Solution Manager BPR
Does the SolMan-BPR-ARIS-Integration (http://www.ids-scheer.com/en/ARIS/ARIS_Platform/ARIS_Business_Architect_for_SAP/3743.html ) use an interface open to the public? If yes, were can I finde some
PHP switch function help
Hi, I am trying to create a search function for a directory website. On the search function on html page I have a dropdown menu. From this you can select one OF 3 options - shoes, handbags, shoes and
Query failed issue with php script but works fine in mssql manager!
hi i have the script below which copies data from one table to another but will only insert new data update current data or delete old data from tempproducts to products then it will delete the
Is there something wrong?
Hi all,Just a quick question... can someone look at this code and see if something is wrong?Code: $j = 1;$vals = array();$feedline = array();foreach(explode($delimiter,$b) as $key => $values)
Need help with an email blocker for a guessbook
I am new with php and here is a simple guessbook page but I am being hit with spam from a group of the same email. I know I need to do an IF statement but I am kinda foggy on how to do the code.What I
[function.file]: failed to open stream: No such file or directory
Okay I wrote this little script to upload a csv file that is located on my webhosts server to a mysql database. Something is wrong because I am getting the following error:Warning:
