|
|
Posted by Shelly on 05/22/05 19:10
"Oli Filth" <catch@olifilth.co.uk> wrote in message
news:wg0ke.13303$yY4.4893@newsfe5-win.ntli.net...
> Can you post the complete code for this page, so we're able to see what's
> going wrong, because it's not apparent from the snippets you've posted so
> far.
Here it is:
<?php require_once('Connections/ssLogin.php'); ?>
<?php
// *** Validate request to login to this site.
session_start();
$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($accesscheck)) {
$_SESSION['PrevUrl'] = $accesscheck;
}
if (isset($_POST['username'])) {
$loginUsername=$_POST['username'];
$MM_fldUserAuthorization = "";
$MM_redirecttoReferrer = false;
$MM_redirectLoginSuccess = "ssLounge.php";
$MM_redirectLoginFailed = "ssLogin.php"; //Redirected to
itself <=====
// Make the connection
mysql_select_db($database_ssLogin, $ssLogin);
// Encrypt the password
$encryptedPassword = md5($_POST["password"]);
// Define the query
$LoginRS__query=sprintf("SELECT username, password, level, status
FROM ssusername WHERE username='%s' AND
password='%s'",
get_magic_quotes_gpc() ? $loginUsername :
addslashes($loginUsername),
$encryptedPassword);
// Do the query
$LoginRS = mysql_query($LoginRS__query, $ssLogin) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
// Found this user/password
$loginStrGroup = "";
// Put the fetched row into an array
$row = mysql_fetch_assoc($LoginRS);
$level = $row['level'];
$_SESSION['MM_UserLevel'] = $level;
// Check if status is paid
if (strcmp($row['status'], "paid")) {
// Need a payment
$MM_redirectLoginSuccess = "ssPayment.php";
} else {
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
$MM_redirectLoginSuccess = "ssLounge.php";
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
} // End of test if paid
} //End of successfully found the user/password
header("Location: " . $MM_redirectLoginSuccess );
} else {
// log in error
$_SESSION['MM_LoginError'] = "Login Error";
//==> this is where I checked with an echo statement that the
$_SESSION['MM_LoginError']
//==> had been set. It validated that it was set when incorrect info was
put in.
header("Location: ". $MM_redirectLoginFailed );
} //End of checking if logged in
}
?>
<?php echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\"?".">"; ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Login Page</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
</head>
<body>
<div align="center">
<h3>Login Page
</h3>
</div>
<form ACTION="<?php echo $loginFormAction; ?>" name="ssLoginPage" id="form1"
method="POST">
<?php
if (isset($_SESSION['MM_LoginError'])) {
echo "Login error =" . $_SESSION['MM_LoginError'];
unset($_SESSION['MM_LoginError']);
//==> this is what it is supposed to do. I checked with and echo statement
by adding
// } else {
//==> an echo statement that the $_SESSION['MM_LoginError'] was not set
}
?>
<p>Username:
<input name="username" type="text" id="username" />
</p>
<p>Password:
<input name="password" type="password" id="password" />
<label></label>
</p>
<blockquote>
<blockquote>
<p align="left">
<input name="Submit" type="submit" value="Log In" />
</p>
</blockquote>
</blockquote>
<p><a href="ssLounge.php"><img src="images/return.gif" width="138"
height="27" border="0" /></a><a href="ssLostPassword.php"> <img
src="images/lost.gif" width="163" height="27" border="0" /></a></p>
</form>
<p> </p>
<p> </p>
</body>
</html>
Navigation:
[Reply to this message]
|