Problem communication with database

Hi,
just stick the user ID in to a session variable/cookie, and then us that to tell whether the user is logged in.

Secondly when the user submits the form and you have confirmed and logged the session.... use

to display the index of the next page after logging in.



Heres an article i wrote a while back that might help you

Hi,
Let's see some code. I'd like to see the login.php and any code used to query the database that is not in this file. It would also be useful to know the data structure.

Post it all back here and I'll try to help out.

Cheers
nathj

Welcome to TSDN pricelindie!

For the structure of such a login script, have a peek HERE and check if your application lacks something.

Ronald

[php]
[<?session_start ()?>
<html>
<head>
<meta http-equiv="Content-Language" content="en" />
<meta name="GENERATOR " content="PHPEcl ipse 1.0" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>login</title>
</head>
<body bgcolor="#FFFFF F" text="#000000" link="#FF9966" vlink="#FF9966" alink="#FFCC99" >
<?php
$links = "<a href='main.php' > GO to main page</a><br><a href= 'logout.php'> Go to logout";


if ($user && $pass){
if ($logged_in_use r ==$user){
echo $user.", You are already logged in.<br><br>";
echo $links;
exit;
}
$db =mysql_connect( "localhost","wh itney","passwor d")or die
("Error connecting to database");
mysql_select_db ("computer_room ,$db");
$result = mysql_query("SE LECT * FROM users WHERE name ='".$user."'A ND password=PASSWO RD('".$pass."') ");

if (!$result){
echo "Sorry, there has been a technical error. You cannot enter";
exit;
}
if(mysql_num_ro ws($result)>0){
$logged_in_user =$user;
session_registe r(logged_in_use r);
echo "Welcome to Computer Room Equipment Database";
exit;
}
else {
echo "Your Login attempt failed";
}
}
else if ($user || $pass){
echo "Please fill in bothe fields<br>";
}
?>

thanks

<form action="login.p hp" method="post" enctype="text/plain">
Your Username:
<input type="text" name="user" value="" size="40" maxlength="40"/>
<br>
Your Password:

<input type="text" name="pass" value="" size="40" maxlength="40"/>
<br>

<input type="submit" name="" value="Login"/>



</form>

</body>
</html>

[/php]

Where did you put the statements that pick up the userid and password from the $_POST array. Because you did a POST on that form.
So you'll have to start your script with something (but not exactly) like
[php]
if (isset($_POST['user'] AND isset($_POST['pass'])) {
$user=strip_tag s($_POST['user']);
$pass=strip_tag s($_POST['pass');
//
// cleanse and check validity of the POSTed fields to avoid any attacks
//
}
[/php]
Btw: what is this statement doing?? Does not look quite correct. What databasename is 'computer_room, $db' ?
[php]
mysql_select_db ("computer_room ,$db");
[/php]

Ronald

Thanks.. it Work fine..

Good that it works. Could you please share with us how you solved your problem? Thanks and see you again.

Ronald

It work by putting a statement to pick up the user and pass from the $_POST.

Thanks Ronald.

Code: ( php )
if (isset($_POST['user'] AND isset($_POST['pass'])) {
$user=strip_tag s($_POST['user']);
$pass=strip_tag s($_POST['pass');
//
// cleanse and check validity of the POSTed fields to avoid any attacks
//
}

Ok you got it. See you next time here.

Ronald