JustinSainton
01-22-2006, 02:20 AM
Here's the deal. My SQL table has username, password, website. When the username and password are entered, the person should go to the website that cooresponds to them. It only works out to a certain degree right now. It redirects them to the first URL in the table, but not necessarily the URL assigned to them. Any help?
<?php
// database connect script.
require 'clients/db_connect.php';
if($logged_in == 1) {
die('You are already logged in, '.$_SESSION['username'].'.');
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Zao Web Design - 971.222.6330 - Newberg, OR</title>
<link href="css/index.css" type="text/css" rel="stylesheet" />
<meta http-equiv="content-type" content="text/html;charset=iso-8859-1" />
<script src="scripts/preloader.js" type="text/javascript">
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-209795-1";
urchinTracker();
</script>
</head>
<body>
<?php
if (isset($_POST['submit'])) { // if form has been submitted
/* check they filled in what they were supposed to and authenticate */
if(!$_POST['uname'] | !$_POST['passwd']) {
die('You did not fill in a required field.');
}
// authenticate.
if (!get_magic_quotes_gpc()) {
$_POST['uname'] = addslashes($_POST['uname']);
}
$check = $db_object->query("SELECT username, password FROM users WHERE username = '".$_POST['uname']."'");
if (DB::isError($check) || $check->numRows() == 0) {
die('That username does not exist in our database.');
}
$info = $check->fetchRow();
// check passwords match
$_POST['passwd'] = stripslashes($_POST['passwd']);
$info['password'] = stripslashes($info['password']);
$_POST['passwd'] = md5($_POST['passwd']);
if ($_POST['passwd'] != $info['password']) {
die('Incorrect password, please try again.');
}
// if we get here username and password are correct,
//register session variables and set last login time.
$date = date('m d, Y');
$update_login = $db_object->query("UPDATE users SET last_login = '$date' WHERE username = '".$_POST['uname']."'");
$_POST['uname'] = stripslashes($_POST['uname']);
$_SESSION['username'] = $_POST['uname'];
$_SESSION['password'] = $_POST['passwd'];
$db_object->disconnect();
?>
<?
require 'clients/db_connect.php';
$query="SELECT * FROM users";
$result=mysql_query($query);
$num=mysql_numrows($result);
$i=0;
while ($i < $num) {
$website = mysql_result($result,$i,"website");
$i++;
}
?>
<div id="container">
<?PHP include "includes/header.php"; ?>
<?PHP include "includes/navigation.php"; ?>
<div id="content">
<p class="contactheader">Logged in</p>
<p>Welcome back <?php echo $_SESSION['username']; ?>, you are logged in. You are now being redirected to your client page <meta http-equiv="refresh" content="3; url=<? echo $website ?>"</p>
</div>
<?PHP include "includes/sidebar.php"; ?>
<?PHP include "includes/footer.php"; ?>
</div>
<?php
} else { // if form hasn't been submitted
?>
<div id="container">
<?PHP include "includes/header.php"; ?>
<?PHP include "includes/navigation.php"; ?>
<div id="content">
<p class="content">Welcome to the client area of zaowebdesign.com. If you are a current client, upon contractual agreement, you will be given a username and password. These allow you to login to an area in which you can view progress made on your site, current invoice total, time logs, projected timelines for each aspect of your web design project and much more. </p>
<p class="contactheader">Login</p>
<div id="loginform">
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<p class="proptext">Username:</p>
<input type="text" name="uname" maxlength="40">
<p class="proptext">Password:</p>
<input type="password" name="passwd" maxlength="50">
<br />
<input type="submit" name="submit" class="loginbut" value="Login">
</form>
</div>
</div>
<?PHP include "includes/sidebar.php"; ?>
<?PHP include "includes/footer.php"; ?>
</div>
<?php
}
?>
</body>
</html>
Thanks for any help!
<?php
// database connect script.
require 'clients/db_connect.php';
if($logged_in == 1) {
die('You are already logged in, '.$_SESSION['username'].'.');
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Zao Web Design - 971.222.6330 - Newberg, OR</title>
<link href="css/index.css" type="text/css" rel="stylesheet" />
<meta http-equiv="content-type" content="text/html;charset=iso-8859-1" />
<script src="scripts/preloader.js" type="text/javascript">
</script>
<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
</script>
<script type="text/javascript">
_uacct = "UA-209795-1";
urchinTracker();
</script>
</head>
<body>
<?php
if (isset($_POST['submit'])) { // if form has been submitted
/* check they filled in what they were supposed to and authenticate */
if(!$_POST['uname'] | !$_POST['passwd']) {
die('You did not fill in a required field.');
}
// authenticate.
if (!get_magic_quotes_gpc()) {
$_POST['uname'] = addslashes($_POST['uname']);
}
$check = $db_object->query("SELECT username, password FROM users WHERE username = '".$_POST['uname']."'");
if (DB::isError($check) || $check->numRows() == 0) {
die('That username does not exist in our database.');
}
$info = $check->fetchRow();
// check passwords match
$_POST['passwd'] = stripslashes($_POST['passwd']);
$info['password'] = stripslashes($info['password']);
$_POST['passwd'] = md5($_POST['passwd']);
if ($_POST['passwd'] != $info['password']) {
die('Incorrect password, please try again.');
}
// if we get here username and password are correct,
//register session variables and set last login time.
$date = date('m d, Y');
$update_login = $db_object->query("UPDATE users SET last_login = '$date' WHERE username = '".$_POST['uname']."'");
$_POST['uname'] = stripslashes($_POST['uname']);
$_SESSION['username'] = $_POST['uname'];
$_SESSION['password'] = $_POST['passwd'];
$db_object->disconnect();
?>
<?
require 'clients/db_connect.php';
$query="SELECT * FROM users";
$result=mysql_query($query);
$num=mysql_numrows($result);
$i=0;
while ($i < $num) {
$website = mysql_result($result,$i,"website");
$i++;
}
?>
<div id="container">
<?PHP include "includes/header.php"; ?>
<?PHP include "includes/navigation.php"; ?>
<div id="content">
<p class="contactheader">Logged in</p>
<p>Welcome back <?php echo $_SESSION['username']; ?>, you are logged in. You are now being redirected to your client page <meta http-equiv="refresh" content="3; url=<? echo $website ?>"</p>
</div>
<?PHP include "includes/sidebar.php"; ?>
<?PHP include "includes/footer.php"; ?>
</div>
<?php
} else { // if form hasn't been submitted
?>
<div id="container">
<?PHP include "includes/header.php"; ?>
<?PHP include "includes/navigation.php"; ?>
<div id="content">
<p class="content">Welcome to the client area of zaowebdesign.com. If you are a current client, upon contractual agreement, you will be given a username and password. These allow you to login to an area in which you can view progress made on your site, current invoice total, time logs, projected timelines for each aspect of your web design project and much more. </p>
<p class="contactheader">Login</p>
<div id="loginform">
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<p class="proptext">Username:</p>
<input type="text" name="uname" maxlength="40">
<p class="proptext">Password:</p>
<input type="password" name="passwd" maxlength="50">
<br />
<input type="submit" name="submit" class="loginbut" value="Login">
</form>
</div>
</div>
<?PHP include "includes/sidebar.php"; ?>
<?PHP include "includes/footer.php"; ?>
</div>
<?php
}
?>
</body>
</html>
Thanks for any help!