...

View Full Version : Post Key ID into URL on login



glish_dreams
08-01-2007, 01:41 AM
If you notice, I have
header("Location: portal.php?agent_id=$agent_id");

Now the varible $agent_id, basicly when the user logs in, I need php to match the username to the agent ID, and post it into the URL, so that the next page, will not need the URL modified by hand


what will i need to add to login_portal.php to make it save the result to post into the URL

login_portal.php


<?php
$user="root";
$database="user_logins";
mysql_connect(localhost,$user);
@mysql_select_db($database) or die( "Unable to select database");
if(isset($_COOKIE['ID_my_site']))
//if there is, it logs you in and directes you to the members page
{
$user_portal = $_COOKIE['ID_my_site'];
$pass_portal = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM agents WHERE user_portal = '$user_portal'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass_portal != $info['pass_portal'])
{
}
else
{
header("Location: portal.php?agent_id=$agent_id");
}
}
}
//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted
// makes sure they filled it in
if(!$_POST['user_portal'] | !$_POST['pass_portal']) {
die('You did not fill in a required field.');
}
// checks it against the database
if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM agents WHERE user_portal = '".$_POST['user_portal']."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database.<a href=reg.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass_portal'] = stripslashes($_POST['pass_portal']);
$info['pass_portal'] = stripslashes($info['pass_portal']);
$_POST['pass_portal'] = md5($_POST['pass_portal']);
//gives error if the password is wrong
if ($_POST['pass_portal'] != $info['pass_portal']) {
die('Incorrect password, please try again.');
}
else
{
// if login is ok then we add a cookie
$_POST['user_portal'] = stripslashes($_POST['user_portal']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['user_portal'], $hour);
setcookie(Key_my_site, $_POST['pass_portal'], $hour);
//then redirect them to the members area
header("Location: portal.php?agent_id=$agent_id");
}
}
}
else
{
// if they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="user_portal" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass_portal" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>

portal.php


<?php
$agent_id=$_GET['agent_id'];

$user="root";
$database="user_logins";
mysql_connect(localhost,$user);
@mysql_select_db($database) or die( "Unable to select database");
if(isset($_COOKIE['ID_my_site']))
{
$user_portal = $_COOKIE['ID_my_site'];
$pass_portal = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM agents WHERE user_portal = '$user_portal'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass_portal != $info['pass_portal'])
{ header("Location: login_portal.php");
}
else
{
echo "Admin Area<p>";
echo "Your Content<p>";
echo "<a href=logout_portal.php>Logout</a>";
}
}
}
else
{
header("Location: login_portal.php");
}
?>

<?php
$agent_id=$_GET['agent_id'];
$user="root";
$database="user_logins";
mysql_connect(localhost,$user);
@mysql_select_db($database) or die( "Unable to select database");
$query=" SELECT * FROM owa WHERE agent_id='$agent_id'";
$result=mysql_query($query);
$num=mysql_numrows($result);
mysql_close();

$i=0;
while ($i < $num) {
$id_email=mysql_result($result,$i,"id_email");
$agent_id=mysql_result($result,$i,"agent_id");

echo "<br><br><a href=login_owa.php?id_email=$id_email>e-Mail</a>";

$i++;
}
?>



Once it logs in right now, it will display in the URL
http://localhost/ZZZphpDB/login_linked/portal.php?agent_id=

If you put in the ID 1, the link for email does match correctly. like I wants

westmatrix99
08-01-2007, 10:34 PM
Here is a tutorial on sessions and cookies.

http://www.tutorialized.com/tutorials/PHP/Cookies-and-Sessions/1

http://www.samspublishing.com/articles/article.asp?p=31094&rl=1

Hope they help you understand what you need as using your method may not be safe.

Cheers
West

glish_dreams
08-02-2007, 09:18 PM
Thank you West,

I need the id_agent to print in the URL because alot of coding will look for it.

Iv worked out a way, and I will use javascript to open the windows with tags like

owa_login.php?id_email= ###

Those are opening in small windows, with no address bar, so they wont even be able to notice whats actually happening

westmatrix99
08-02-2007, 09:24 PM
That's good news...
cool



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum