1.create new dynamic php page
2. create form tab
3. insert 2 text fields with a submit button
4. connect to the database on the web server
5.select form
6. add server behavior >user authentication>login user
7.follow the wizard to connect the database to form
8. server behavior created
with an action:<?php echo $loginFormAction; ?>
9. save and upload page to website
10. test page with login
11. page fails and selects the same page started not going to correct links if logged on properly.
Below is the code for my login page. Please tell me if there is a problem with the code or the action.
Expand|Select|Wrap|Line Numbers
- <?php require_once('Connections/user.php'); ?>
- <?php
- if (!function_exists("GetSQLValueString")) {
- function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
- {
- $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
- $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
- switch ($theType) {
- case "text":
- $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
- break;
- case "long":
- case "int":
- $theValue = ($theValue != "") ? intval($theValue) : "NULL";
- break;
- case "double":
- $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
- break;
- case "date":
- $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
- break;
- case "defined":
- $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
- break;
- }
- return $theValue;
- }
- }
- ?>
- <?php
- // *** Validate request to login to this site.
- if (!isset($_SESSION)) {
- session_start();
- }
- $loginFormAction = $_SERVER['PHP_SELF'];
- if (isset($_GET['accesscheck'])) {
- $_SESSION['PrevUrl'] = $_GET['accesscheck'];
- }
- if (isset($_POST['User Name'])) {
- $loginUsername=$_POST['User Name'];
- $password=$_POST['Password'];
- $MM_fldUserAuthorization = "";
- $MM_redirectLoginSuccess = "welcome.php";
- $MM_redirectLoginFailed = "index.php";
- $MM_redirecttoReferrer = false;
- mysql_select_db($database_user, $user);
- $LoginRS__query=sprintf("SELECT `User Name`, Password FROM table1 WHERE `User Name`=%s AND Password=%s",
- GetSQLValueString($loginUsername, "-1"), GetSQLValueString($password, "text"));
- $LoginRS = mysql_query($LoginRS__query, $user) or die(mysql_error());
- $loginFoundUser = mysql_num_rows($LoginRS);
- if ($loginFoundUser) {
- $loginStrGroup = "";
- //declare two session variables and assign them
- $_SESSION['MM_Username'] = $loginUsername;
- $_SESSION['MM_UserGroup'] = $loginStrGroup;
- if (isset($_SESSION['PrevUrl']) && false) {
- $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
- }
- header("Location: " . $MM_redirectLoginSuccess );
- }
- else {
- header("Location: ". $MM_redirectLoginFailed );
- }
- }
- ?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
- <title>Untitled Document</title>
- </head>
- <body>
- <form action="<?php echo $loginFormAction; ?>" method="POST" name="form1" target="_self" id="form1">
- <p>User Name
- <input name="User Name" type="text" id="User Name" size="20" maxlength="20" />
- </p>
- <p>Password
- <input name="Password" type="password" id="Password" size="20" maxlength="20" />
- </p>
- <p>
- <input type="submit" name="Submit" id="Submit" value="Login" />
- </p>
- </form>
- </body>
- </html>