php login script help
7 posts
Page 1 of 1
Quick Profile
Information
Posts: 372
Joined: Mon Aug 17, 2009 10:35 pm View Full Profile
hello,
im having a problem once I login and forget to logout again and when I login it says I need to login again can anyone help me please?
This is the members page code.
im having a problem once I login and forget to logout again and when I login it says I need to login again can anyone help me please?
This is the members page code.
Code: Select all
This is my login page code.<?php
session_start();
if(!isset($_SESSION['username'])) {
echo("You must be logged in to view this page!.");
} else {
?> Code: Select all
<?php require("./styles/top.php"); ?>
<?php
$form = "<form action='index.php' method='post'>
<table>
<tr>
<td>Username:</td>
<td><input type='username' name='username'></td>
</tr>
<tr>
<td>Password:</td>
<td><input type='password' name='password'></td>
</tr>
<tr>
<td></td>
<td><input type='submit' value='Login' name='submit'></td>
</tr>
</table>
</form>";
// We include out connect to database file.
include('scripts/connect.php');
// now we check to see if the button has been pressed.
if ($_SERVER['REQUEST_METHOD'] == 'POST'){
// retrieving the input from the user, also securing from SQL injection and
// making the password md5 encryption.
$username = mysql_real_escape_string($_POST['username']);
$password = mysql_real_escape_string(md5($_POST['password']));
// now to make sure the fields are not empty.
if(!empty($_POST['username']) && !empty($_POST['password'])){
$query = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");
$query_rows = mysql_num_rows($query);
if($query_rows > 0) {
echo("Successfully logged in! <a href='members.php'>Click Here</a> to go to the members only page!. ");
session_start();
$_SESSION['username']=$username;
} else {
echo("The login information you provided does not exist!.");
}
}
else
echo("You need to enter a valid username and password!. $form");
}
else
echo $form;
?>
<?php require("./styles/bottom.php"); ?> 
Quick Profile
Information
Posts: 727
Joined: Thu May 20, 2010 10:32 am View Full Profile
Wait... What? I don't understand what you mean, what is the problem again?
You can find me on Facebook or on Skype mihai_92b
Quick Profile
Information
Posts: 372
Joined: Mon Aug 17, 2009 10:35 pm View Full Profile
I mean how can i check if a user is banned or not i have value in mysql that says banned 1 means banned and 0 not banned how do i chexk before they can be logged in ?.
Quick Profile
Information
Posts: 727
Joined: Thu May 20, 2010 10:32 am View Full Profile
Code: Select all
Wrote it on my phone so its not tested. Ohh and stop using mysql_ its deprecated and wont work. Use mysqli_ instead. Also, try writing in OOP style. Trust me you'll thank yourself later.$UserRow = mysqli_fetch_assoc($query);
if ($UserRow['banned'] === '1') {
// user is banned. Show message
exit('Your account is banned!');
} else {
// proceed with login.
}You can find me on Facebook or on Skype mihai_92b
Quick Profile
Information
Posts: 372
Joined: Mon Aug 17, 2009 10:35 pm View Full Profile
Hello,
This is what I mean with the above code.
Once I login the then says I must log in and when I logout it then lets me login?
This is what I mean with the above code.
Once I login the then says I must log in and when I logout it then lets me login?
You do not have the required permissions to view the files attached to this post.
Quick Profile
Information
Posts: 372
Joined: Mon Aug 17, 2009 10:35 pm View Full Profile
Code: Select all
where would I put this code in my login form?$UserRow = mysqli_fetch_assoc($query);
if ($UserRow['banned'] === '1') {
// user is banned. Show message
exit('Your account is banned!');
} else {
// proceed with login.
}Code: Select all
<?php require("./styles/top.php"); ?>
<?php
$form = "<form action='index.php' method='post'>
<table>
<tr>
<td>Username:</td>
<td><input type='username' name='username'></td>
</tr>
<tr>
<td>Password:</td>
<td><input type='password' name='password'></td>
</tr>
<tr>
<td></td>
<td><input type='submit' value='Login' name='submit'></td>
</tr>
</table>
</form>";
// We include out connect to database file.
include('scripts/connect.php');
// now we check to see if the button has been pressed.
if ($_SERVER['REQUEST_METHOD'] == 'POST'){
// retrieving the input from the user, also securing from SQL injection and
// making the password md5 encryption.
$username = mysql_real_escape_string($_POST['username']);
$banned = mysql_real_escape_string($_POST['banned']);
$password = mysql_real_escape_string(md5($_POST['password']));
// now to make sure the fields are not empty.
if(!empty($_POST['username']) && !empty($_POST['password'])){
$query = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");
$query_rows = mysql_num_rows($query);
if($query_rows > 0) {
echo("Successfully logged in! <a href='members.php'>Click Here</a> to go to the members only page!. ");
session_start();
$_SESSION['username']=$username;
} else {
echo("The login information you provided does not exist!.");
}
}
else
echo("You need to enter a valid username and password!. $form");
}
else
echo $form;
?>
<?php require("./styles/bottom.php"); ?>
Quick Profile
Information
Posts: 727
Joined: Thu May 20, 2010 10:32 am View Full Profile
That's up to you, but i would put it after
Code: Select all
if($query_rows > 0) {You can find me on Facebook or on Skype mihai_92b
7 posts
Page 1 of 1
Copyright Information
Copyright © Codenstuff.com 2020 - 2023