...

View Full Version : need help with member login



mfriedman24
03-15-2009, 09:57 AM
hi below is my login script and what my problem is is that i have a database with my user's records and each user has their unique id and what i need is for when they log in for the script to get their id from the database and use it to redirect them to their member profile page. so if my login info is test, test and the id in the database is 4, i need to be redirected to /home.php?id=4 how do i do this?


<?php require_once('Connections/SH.php'); ?>
<?php
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
if (PHP_VERSION < 6) {
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
}

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? doubleval($theValue) : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}

mysql_select_db($database_SH, $SH);
$query_Recordset1 = "SELECT * FROM Signup";
$Recordset1 = mysql_query($query_Recordset1, $SH) or die(mysql_error());
$row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($_GET['accesscheck'])) {
$_SESSION['PrevUrl'] = $_GET['accesscheck'];
}

if (isset($_POST['email'])) {
$loginUsername=$_POST['email'];
$password=$_POST['password'];
$userid=$_GET['id'];
$MM_fldUserAuthorization = "Access";
$MM_redirectLoginSuccess = "/home.php?id=" . $userid;
$MM_redirectLoginFailed = "/loginfail.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_SH, $SH);

$LoginRS__query=sprintf("SELECT Username, Password, Access FROM Signup WHERE Username=%s AND Password=%s",
GetSQLValueString($loginUsername, "text"), GetSQLValueString($password, "text"));

$LoginRS = mysql_query($LoginRS__query, $SH) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {

$loginStrGroup = mysql_result($LoginRS,0,'Access');

//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;

if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>

snowysweb
03-15-2009, 10:04 AM
id for the database which is containing a single users records..?? and being passed through the address bar??

snowysweb
03-15-2009, 10:16 AM
Heres a quick script that can be modified:

from your login form you are sent to this page:

process.php



<?php

if(isset($_POST['submit_login']))
{
if(isset($_POST['username_box']))
{
if(isset($_POST['password_box']))
{
$username = $_POST['username_box'];
$username = strip_tags($username);

$password = $_POST['password_box'];
$password = strip_tags($password);

include("database_connect.php");

$username_query = mysql_query("SELECT * from `$table` where username='$username'");
if(mysql_num_rows($username_query)!=0)
{
$user_array = mysql_fetch_array($username_query);
$db_pass = $user_array["password"];

if(strcmp($password,$db_pass) == 0)
{
session_start();
$_SESSION['loggedin'] = true;
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
header("Location: index.php");
exit;
}
else
{
header("Location: login.php?error=4");
exit;
}
}
else
{
header("Location: login.php?error=3");
exit;
}

}
else
{
header("Location: login.php?error=1");
exit;
}
}
else
{
header("Location: login.php?error=2");
exit;
}

}
else
{
header("Location: login.php");
exit;
}

?>

if all ends well after the login you get redirected to:

index.php



<?php
session_start();
if(isset($_SESSION['loggedin']))
{
if($_SESSION['loggedin'])
{
//do something, maybe include files, put your whole page here.
//To get users info you will base everything around the $_SESSION['username'] and $_SESSION['password']

}
}
else
{
//soething else
}



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum