but what i have done now is added more feileds into the user table name company email ect.
what i want to do is on successful login pull the users information and set those variables as session variables
heres what i got.....(but its not working could you look at it sometime please)
Expand|Select|Wrap|Line Numbers
- <?php
- session_start();
- session_register ("userid");
- session_register ("username");
- session_register ("email");
- session_register ("password");
- session_register ("accesslevel");
- session_register ("account");
- session_register ("firstname");
- session_register ("lastname");
- session_register ("company");
- session_register ("enabled");
- session_register ("active");
- session_register ("rep");
- session_register ("fail");
- $errorMessage = '';
- if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) {
- include 'include/database/config.php';
- include 'include/database/opendb.php';
- $userId = $_POST['txtUserId'];
- $password = $_POST['txtPassword'];
- // check if the user id and password combination exist in database
- $sql = "SELECT *
- FROM users
- WHERE username = '$userId' AND password = '$password' ";
- $result = mysql_query($sql) or die('Query failed. ' . mysql_error());
- if (mysql_num_rows($result) == 1) {
- // the user id and password match,
- $sql2 = "SELECT *
- FROM users
- WHERE username = '$userId' AND password = '$password' ";
- $result2 = mysql_query($sql2) or die('Query failed. ' . mysql_error());
- while($_row = mysql_fetch_array($result2))
- {
- $userid=$_row["id"];
- $username=$_row["username"];
- $email=$_row["email"];
- $password=$_row["password"];
- $accesslevel=$_row["accesslevel"];
- $account=$_row["account"];
- $firstname=$_row["firstname"];
- $lastname=$_row["lastname"];
- $company=$_row["company"];
- $enabled=$_row["enabled"];
- $active=$_row["active"];
- $rep=$_row["rep"];
- $fail=$_row["fail"];
- $HTTP_SESSION_VARS ['userid'] = $userid;
- $HTTP_SESSION_VARS ['username'] = $username;
- $HTTP_SESSION_VARS ['email'] = $email;
- $HTTP_SESSION_VARS ['password'] = $password;
- $HTTP_SESSION_VARS ['accesslevel'] = $accesslevel;
- $HTTP_SESSION_VARS ['account'] = $account;
- $HTTP_SESSION_VARS ['firstname'] = $firstname;
- $HTTP_SESSION_VARS ['lastname'] = $lastname;
- $HTTP_SESSION_VARS ['company'] = $company;
- $HTTP_SESSION_VARS ['enabled'] = $enabled;
- $HTTP_SESSION_VARS ['active'] = $active;
- $HTTP_SESSION_VARS ['rep'] = $rep;
- $HTTP_SESSION_VARS ['fail'] = $fail;
- }
- if ($fail >= 5)
- {
- session_destroy ();
- header('Location: user.php?|$fail|$active|$enabled| errorMessage2=Too%20Many%20Failed%20Atempts%20please%20call%20phonenumber%20to%20have%20your%20account%20varified%20and%20reset');
- exit;
- }
- elseif ($active = 0)
- {
- session_destroy ();
- header('Location: user.php?errorMessage2=|$fail|$active|$enabled|Your%20account%20is%20either%20new%20and%20has%20not%20been%20activated%20or%20has%20been%20locked%20by%20the%20accounts%20department%20please%20call%phonenumber%20to%20resolve%20this%20matter');
- exit;
- }
- elseif ($enabled == 0)
- {
- session_destroy ();
- header('Location: user.php?errorMessage2=|$fail|$active|$enabled|Your%20account%20is%20not%20enabled%20please%20call%20<br>phonenumber<br>%20to%20resolve%20this%20matter');
- exit;
- }
- else
- {
- $_SESSION['db_is_logged_in'] = true;
- header('Location: index.php');
- exit;
- }
- }
- else
- {
- $errorMessage = 'Sorry, wrong user id / password ';
- }
- include 'include/database/closedb.php';
- }
- ?>
Expand|Select|Wrap|Line Numbers
- <form name="frmLogin" id="frmLogin" style="padding-left:25px;padding-top:15px" action="" method="post">
- <h2 style="padding-top: 5px">Login to your account.</h2>
- <p align="center"><strong><font color="#990000">
- <?php
- $errorMessage2 = $_GET['errorMessage2'];
- if ($errorMessage2 =='')
- {
- echo $errorMessage;
- }
- else
- {
- echo " $errorMessage2 ";
- }
- ?>
- </font></strong></p>
- <br />
- <span class="red_text" style="font-weight: bold">Username</span> <br />
- <input name="txtUserId" type="text" id="txtUserId" class="inputbg_big">
- <p>
- <br />
- <span class="red_text" style="font-weight: bold">Password</span> (<a href="#" class="graytext">forgot your password?</a>)<br />
- <input name="txtPassword" type="password" id="txtPassword" class="inputbg_big">
- </p>
- <p>
- <input name="btnLogin" type="submit" id="btnLogin" value="Login" class="submitbg">
- </p>
- <p> </p>
- </form>
http://domain.com/user.php?|$fail|$active|$enabled|%20errorMessage2= Too%20Many%20Failed%20Atempts%20please%20call%phon enumber%20to%20have%20your%20account%20varified%20 and%20reset
so the authertication is working in this example i purposfully used a user that had database value set to 5 as you see the variable is comming thought as the code not he value $fail|$active|$enabled| should have been 5|1|1|
Thnaks for any help