Hi all,
This I hope will make sense. I've the following code which when a user logins in, creates a session:
if (isset($_POST['submitted'])) { // Check if the form has been submitted.
require_once ('mysql_connect.php'); // Connect to the database.
// Validate the email address.
if (!empty($_POST['email'])) {
$e = escape_data($_POST['email']);
} else {
echo '<p class="error">You forgot to enter your email address!</p>';
$e = FALSE;
}
// Validate the password.
if (!empty($_POST['pass'])) {
$p = escape_data($_POST['pass']);
} else {
$p = FALSE;
echo '<p class="error">You forgot to enter your password!</p>';
}
if ($e && $p) { // If everything's OK.
// Query the database.
$query = "SELECT user_id, first_name, account_id FROM users WHERE (email='$e' AND pass=SHA('$p')) AND active IS NULL";
$result = mysql_query ($query) or trigger_error("Query: $queryn<br />MySQL Error: " . mysql_error());
if (@mysql_num_rows($result) == 1) { // A match was made.
// Register the values & redirect.
$row = mysql_fetch_array ($result, MYSQL_NUM);
mysql_free_result($result);
mysql_close(); // Close the database connection.
$_SESSION['user_id'] = $row[0];
$_SESSION['first_name'] = $row[1];
$_SESSION['account_id'] = $row[2];
// Start defining the URL.
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
// Check for a trailing slash.
if ((substr($url, -1) == '/') OR (substr($url, -1) == '\') ) {
$url = substr ($url, 0, -1); // Chop off the slash.
}
// Add the page.
$url .= '/index.php';
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
} else { // No match was made.
echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>';
}
} else { // If everything wasn't OK.
echo '<p class="error">Please try again.</p>';
}
mysql_close(); // Close the database connection.
} // End of SUBMIT conditional.
?>
<h1>Login</h1>
<p class="maintext">Your browser must allow cookies in order to log in.</p>
<form action="login.php" method="post">
<fieldset>
<p class="maintext"><b>Email Address:</b> <input type="text" name="email" size="20" maxlength="40" value="<?php if (isset($_POST['email'])) echo $_POST['email']; ?>" /></p>
<p class="maintext"><b>Password:</b> <input type="password" name="pass" size="20" maxlength="20" /></p>
<div align="center"><input type="submit" name="submit" value="Login" /></div>
<input type="hidden" name="submitted" value="TRUE" />
</fieldset>
</form>
Each page I want protected then has this at the top
// If no first_name variable exists, redirect the user.
if (!isset($_SESSION['first_name'])) {
// Start defining the URL.
$url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
// Check for a trailing slash.
if ((substr($url, -1) == '/') OR (substr($url, -1) == '\') ) {
$url = substr ($url, 0, -1); // Chop off the slash.
}
// Add the page.
$url .= '/index.php';
ob_end_clean(); // Delete the buffer.
header("Location: $url");
exit(); // Quit the script.
} else {
### page ###
}
What I'd like to do is set the session to automatically expire after 2 hours and the users password to reset to something different to prevent login.
I assume this is possible but where do I start?
Login Functionality Working Different on IE
This is an odd one, I have a site which has an admin section. The admin pages unsurprisingly require you to be logged in to access them. Each admin page has the following at the top to check that the
simplexml and xpath - Need some help
Hello,I am trying to parse an xml which comes back from Amazon and I am trying to know how many Browsenodes are shown within the XML.I am using the classs Tarzan to get the xml from Amazon and the
PHP Function Page Advice
Hi All, I am quite new to PHP and Javascript but have written an Online Shop (Mainly for Fun and education) It uses MySQL for the Shop Item Data and a 'Username.txt' file for each users cart.
preg_replace question
Hello!!I hope someone can help me with preg_replace.I load two tables from an external website, now I would like to highlight a complete tr (background color) if there is a td with a known string in
Record count of entire database
Does anyone know if there is a way to obtain the number of records in each table of the database using a single select statement or must a select count be done for each individual table?
C problem struct and string
Hi guys,This is my first post and I'm hoping the experts here can help me solve my problem.- I'm trying to create a linked list in C and the codes look like this:#include "stdio.h"#include
Varible in trigger - refering to correct schema
Hello
Last character removed
I have created a string from an array. I have inserted commas from my form values. I am trying to remove the last comma from the string and can't seem to remove it. I have tried chop, rtrim, substr,
Any help with my email script?
I have an email script, I have not tested it, although someone tested it for me and said it worked fine. I started to make modifications to the code after using the basic structure. This is my HTML
check_changed_data - I can't get data from the called method event
I use check_changed_data to trigger my event method.
