Php - mysql store data and use it later?


Posted on 16th Feb 2014 07:03 pm by admin

Hi, i' making a login page at the moment, however my username + password is stored many different places, and is kinda hard to get, so I have written this entire code:
Code: <?php
session_start();
// dBase file
Did you know?Explore Trending and Topic pages for more stories like this.
include 'inc/config.php';

if ($_GET["op"] == "login")
{
if (!$_POST["username"] || !$_POST["password"])
{
die("You need to provide a username and FG-Pass.");
}

// Create query
$id = "SELECT member_id FROM `members` "
."WHERE `name`='".$_POST["username"]."' ";

$q = "SELECT * FROM `members` "
."WHERE `name`='".$_POST["username"]."' "
."AND `p_locked`=0 "
."AND SELECT field_13 FROM `pfields_content` "
."WHERE `id`='".$id."' "
."AND WHERE `field_13`=('".$_POST["password"]."') "

."LIMIT 1";
// Run query
$r = mysql_query($q);

if ( $obj = @mysql_fetch_object($r) )
{
// Login good, create session variables
$_SESSION["valid_id"] = $obj->id;
$_SESSION["valid_user"] = $_POST["username"];
$_SESSION["valid_time"] = time();

// Redirect to member page
Header("Location: shop.php");
}
else
{
// Login not successful
die("Sorry, could not log you in. Wrong login information.

Or your fg has been locked. Please contact Smilie.");
}
}
else
{
//If all went right the Web form appears and users can log in
echo "<form action="?op=login" method="POST">";
echo "Username: <input name="username" size="15"><br />";
echo "FG-Password: <input type="password" name="password" size="8"><br />";
echo "<input type="submit" value="Login">";
echo "</form>";
}

?>

So, the process:
1. I get and store the member id:
Code: // Create query
$id = "SELECT member_id FROM `members` "
."WHERE `name`='".$_POST["username"]."' ";

Then:
Check if:
-Account is not locked
-Get password for a different table, using the member id we got above.
-Check if username + password matches.
-login
Code: $q = "SELECT * FROM `members` "
."WHERE `name`='".$_POST["username"]."' "
."AND `p_locked`=0 "
."AND SELECT field_13 FROM `pfields_content` "
."WHERE `id`='".$id."' "
."AND WHERE `field_13`=('".$_POST["password"]."') "

."LIMIT 1";
// Run query
$r = mysql_query($q);
But this doesn't appear to be the case that it works..
I think it has something to do with that i need to run the query, but i'm not sure, how would i fix this?

Thanks in advance
No comments posted yet

Your Answer:

Login to answer
229 Like 6 Dislike
Previous forums Next forums
Other forums

My XSRF Prevention code isn't working
First of all, thanks for the generous help you guys have given me in the past on this forum.
Seco

PHP & Java
Hello,

can PHP code be used inside java code?

Code: [Select]<SCRIPT LANGUAGE=&q

Sql and php order list script problems
Hi im having a few problems with trying to get the coding right on a orders list ive done (or trying

Array question
Does anyone know how to create a program that takes the $ amount for 8 different departments and gi

How do I get the row number from from an sql table query
Hi all

I have a table that I query and it returns a number of rows.
mysql_num_rows($query)

Checking if multidimensional array is empty?
I have a for with multiple test input fields. Specifically the user submits multiple names and ages

NOOB needs help with upload file
The intent of this form is to create a folder for a client and upload an image into another folder '

Shuffle between users ??
I have multiple $users in table. I need to send them $message.

I need to send the next messag

How to convert this array to string
I am having problems converting this array to a string
using print_r($val[1]); I get:
Code: [

Cant display mysql data
Hey all,

I am learning php and my first goal is to create a simple CMS. At the moment I am st

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash