WEB fairly basic php question, regarding a simple log-in system

Discussion in 'OT Technology' started by pantheR, Apr 25, 2010.

  1. pantheR

    pantheR New Member

    Joined:
    Nov 1, 2006
    Messages:
    2,684
    Likes Received:
    0
    Location:
    Washington, DC
    I've got some simple PHP code for a user log-in system.

    it checks to see if the username/pw is correct, if so it transfers you to universal 'gallery.php' page
    code below

    my question is, how can i specifiy which page gets loaded. if user A logs in correctly, he/she will get transferred to gallery_userA.php, and, if user B logs in correctly, he/she will get transferred to gallery_userB.php. etc.

    I don't need any special security features. just something basic so each user can have their own page.

    Code:
    <?php
    ob_start();
    $host="localhost"; // Host name
    $username="xxx"; // Mysql username
    $password="xxx"; // Mysql password
    $db_name="xxx"; // Database name
    $tbl_name="members"; // Table name
    
    // Connect to server and select databse.
    mysql_connect("$host", "$username", "$password")or die("cannot connect");
    mysql_select_db("$db_name")or die("cannot select DB");
    
    // Define $myusername and $mypassword
    $myusername=$_POST['myusername'];
    $mypassword=$_POST['mypassword'];
    
    // To protect MySQL injection
    $myusername = stripslashes($myusername);
    $mypassword = stripslashes($mypassword);
    $myusername = mysql_real_escape_string($myusername);
    $mypassword = mysql_real_escape_string($mypassword);
    
    $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
    $result=mysql_query($sql);
    
    // Mysql_num_row is counting table row
    $count=mysql_num_rows($result);
    // If result matched $myusername and $mypassword, table row must be 1 row
    
    if($count==1){
    // Register $myusername, $mypassword and redirect to file "login_success.php"
    session_register("myusername");
    session_register("mypassword");
    header("location:/gallery/");
    }
    else {
    echo "Wrong Username or Password";
    }
    
    ob_end_flush();
    ?>
     
  2. ge0

    ge0 New Member

    Joined:
    Oct 31, 2005
    Messages:
    8,398
    Likes Received:
    0
    Location:
    JERSEY
    header("location:/gallery/gallery_".$myusername.".php");


    ????
     
  3. pantheR

    pantheR New Member

    Joined:
    Nov 1, 2006
    Messages:
    2,684
    Likes Received:
    0
    Location:
    Washington, DC
    this is like what i'm looking for:

    Code:
    if($count==1){
    // Register $myusername, $mypassword and redirect to file "login_success.php"
    session_register("myusername");
    session_register("mypassword");
    
    if ($myusername == "jeffs") {
    header("location:/clients/jeffs");
    }
    elseif ($myusername == "zach") {
    header("location:/clients/zacht");
    }
    what is the 'if count=1' for?
     
  4. pantheR

    pantheR New Member

    Joined:
    Nov 1, 2006
    Messages:
    2,684
    Likes Received:
    0
    Location:
    Washington, DC
    ge0, would it be possible to use your method without the messy URL?
     
  5. ge0

    ge0 New Member

    Joined:
    Oct 31, 2005
    Messages:
    8,398
    Likes Received:
    0
    Location:
    JERSEY
    the if count 1 i believe is because the best practice is to see if something exist in the database, you do a count on a certain amount of parameters. If the sql returns a count of 1, then it exists, if not then the conditions you specified do not exist.
     
  6. ge0

    ge0 New Member

    Joined:
    Oct 31, 2005
    Messages:
    8,398
    Likes Received:
    0
    Location:
    JERSEY

    what do you mean messy url? Also, you should be using number generated id's instead of string text for gallery pages.
     
  7. pantheR

    pantheR New Member

    Joined:
    Nov 1, 2006
    Messages:
    2,684
    Likes Received:
    0
    Location:
    Washington, DC
    i was able to come up with this
    Code:
    if($count==1){
    // Register $myusername, $mypassword and redirect to file "login_success.php"
    session_register("myusername");
    session_register("mypassword");
    header("Location: /clients/".$myusername."/");
    }
    else {
    echo "Wrong Username or Password";
    
    ob_end_flush();
    ?>
    only issue i'm facing now is 'session_register' is apparently deprecated. Not sure how to update it
     
  8. ge0

    ge0 New Member

    Joined:
    Oct 31, 2005
    Messages:
    8,398
    Likes Received:
    0
    Location:
    JERSEY
    session_start();
    $_SESSION['name'] = "BLAHH";
     

Share This Page