Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 6 of 6

Thread: Login Code Help

  1. #1
    Regular Coder
    Join Date
    Jul 2007
    Location
    Scotland
    Posts
    134
    Thanks
    12
    Thanked 0 Times in 0 Posts

    Login Code Help

    Hi Guys,

    I can't seem to figure this login code out, the errors display fine (if there is any) but it doesn't show any errros i don't get headered through tot he account.php page.

    code:

    PHP Code:
    <?php
    ob_start
    ();
    session_start();
    include(
    "inc/inc-dbconnection.php");
    include(
    "inc/inc-online.php");
    include(
    "inc/inc-functions.php");
    include(
    "inc/inc-header.php");
    ?>
    <div class="fcp-main-content-area">    
     <div class="fcp-breadcrumb">
      <ul>
         <li><a href="index.php">Home</a></li> >>
         <li><a href="javascript:history.go(-1)">Previous Page</a></li> >>
         <li>Login in to your account.</li>
        </ul>
    </div>
    <?php
    if (isset($_POST['submitLogin']))
    {

       
    // POST vars
       
    $user $_POST['user'];
       
    $pass $_POST['pass'];

       
    // Errors array()
       
    $errors = array();
       
       
    // Potential errors 
       // Empty fields
       
    if (empty($user) || empty($pass))
       {
          
    $errors[] = "You never filled in all the fields above.";
       }
       
       
    // Does user exist?
       
    $qU "SELECT * FROM `fso_users` WHERE `user_email`='$user' AND `user_password`='$pass' LIMIT 1";
       
    $rU mysql_query($qU);  

       if (
    mysql_num_rows($rU) < 1)
       {   
          
    $errors[] = "We don't recognise those login details, have you typed them correctly?"
       }
        
       
    // Count the errors
       
    if (count($errors 0))
       {
           
    // Display the errors
           
    print "<div id=\"error\">";
         
           foreach(
    $errors as $error)
           {
           
              print 
    "<b>></b> $error<br />";
           
           }
         
           print 
    "</div>";
         
       } else {

          
    // Update the login timer and redirect
          
    $timer mysql_query("UPDATE `fso_users` SET `user_last_login`=NOW() WHERE `user_email`='$user' AND `user_password`='$pass'");
          
          
    // Array()
          
    $aU mysql_fetch_array($rU);
          
          
    // $_SESSION[''];
          
    $_SESSION['loggedIn'] = 1
          
    $_SESSION['user_id']  = $aU['user_id'];

          
    // Lastly redirect to the account page
          
    header("Location: account.php"); 
          
    ob_clean(); 
         
       } 

    }
    ?>
    <div id="div-regForm">
    <div class="form-title">Log In</div>
    <div class="form-sub-title">Login & see your points score!</div>
    <form id="regForm" action="login.php" method="post">
    <table>
      <tbody>
      <tr>
        <td><label for="fname">Email:</label></td>
        <td><div class="input-container"><input name="user" id="user" type="text" /></div></td>
      </tr>
      <tr>
        <td><label for="lname">Password:</label></td>
        <td><div class="input-container"><input name="pass" id="pass" type="text" /></div></td>
      </tr>
      <tr>
      <td>&nbsp;</td>
      <td><input type="submit" class="greenButton" name="submitLogin" value="Login" />
    </td>
      </tr> 
      </tbody>
    </table>
    </form>
    </div>  
    <?php
    include("inc/inc-footer.php");
    ?>
    The logic *seems* ok i think lol

    any help would be appreciated

    thanks guys

    Graham

  • #2
    Senior Coder angst's Avatar
    Join Date
    Apr 2004
    Location
    Toronto, Ontario
    Posts
    2,114
    Thanks
    15
    Thanked 122 Times in 122 Posts
    this is wrong: if (count($errors > 0))
    should be:
    PHP Code:
    if (count($errors) > 0

    but alot of your code seems very odd to me, it seems like your doing alot more work then you need to, for example, right at the beginning you validate the user/pass, but instead of stopping when you see that they are empty, to just continue on.

  • #3
    Senior Coder angst's Avatar
    Join Date
    Apr 2004
    Location
    Toronto, Ontario
    Posts
    2,114
    Thanks
    15
    Thanked 122 Times in 122 Posts
    re-write; this is more how I would do it:


    PHP Code:
    if (isset($_POST['submitLogin'])) 


       
    // POST vars 
       
    $user trim($_POST['user']);
       
    $pass trim($_POST['pass']);

       
    // Errors array() 
       
    $errors = array(); 
        
       
    // Potential errors  
       // Empty fields 
       
    if (empty($user) || empty($pass)) { 
            
    $errors[] = "You never filled in all the fields above."
       } else {
        
           
    // Does user exist? 
           
    $result mysql_query("SELECT `user_id` FROM `fso_users` WHERE `user_email`='$user' AND `user_password`='$pass' LIMIT 1"); 
           if (
    mysql_num_rows($rU) == 0) {    
              
    $errors[] = "We don't recognise those login details, have you typed them correctly?";  
           } else {
              
    // open row
              
    $row mysql_fetch_array($result); 
               
              
    // Update the login timer and redirect 
              
    mysql_query("UPDATE `fso_users` SET `user_last_login`=NOW() WHERE user_id = " $row['user_id'] ); 

              
    $_SESSION['loggedIn'] = 1;  
              
    $_SESSION['user_id']  = $row['user_id']; 

              
    // Lastly redirect to the account page
              
    header("Location: account.php");
              
    ob_clean();
           }
       }  

       
    // display errors if any exist
       
    if (count($errors) > 0
       { 
           print 
    "<div id=\"error\">"
           foreach(
    $errors as $error
           { 
              print 
    "<b>></b> $error<br />"
           }
           print 
    "</div>";
       }


  • #4
    Senior Coder
    Join Date
    Jul 2009
    Location
    South Yorkshire, England
    Posts
    2,318
    Thanks
    6
    Thanked 304 Times in 303 Posts
    Quote Originally Posted by angst View Post
    but alot of your code seems very odd to me, it seems like your doing alot more work then you need to, for example, right at the beginning you validate the user/pass, but instead of stopping when you see that they are empty, to just continue on.
    It looks like he's trying to provide an inline error notice type setup rather than stopping the form dead, but the process login code hasn't been enclosed within an else statement as it ought be. If something fails, (and I've just seen your updated code which adds the else), the errors will be displayed but the existing entries supplied will be pre-filled in the form. I think that's the intent, anyhows.

  • #5
    Senior Coder angst's Avatar
    Join Date
    Apr 2004
    Location
    Toronto, Ontario
    Posts
    2,114
    Thanks
    15
    Thanked 122 Times in 122 Posts
    yes, I understand that, but if the fields are empty, then there is no point in continuing on and logging more errors. it's not a bad attempt, just needs some tweaking.

    also, a few other things;
    you were opening the row before you knew if you even had a result, you should wait till after you have found a record. also your sql update was using the user/pass combo instead of the readily available user_id which is faster and more accurate.
    Last edited by angst; 01-19-2010 at 10:23 PM.

  • #6
    Regular Coder
    Join Date
    Jul 2007
    Location
    Scotland
    Posts
    134
    Thanks
    12
    Thanked 0 Times in 0 Posts
    Hi Guys,

    Thanks a lot for that, that's pretty much tidied up my login script i'll use the same template for the registration one me think

    cheers guys

    Graham


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •