I have a problem with this script below when it is first exacuted it calls userauth.php (look below this script)after it auth the user it runs the rest of this script the problem is that the only way I can get it to show the data is to refresh the page. Is there a way to do this with php. I have tryed header but that did not work
<?
include ("userauth.php");
include("../inc/dataconf.inc");
include("../inc/function.inc");
conf();
$db = MYSQL_CONNECT($roothostname,$rootusername, $rootpassword) OR DIE("Unable to connect to database");
$query = "Select * from customers,datsubd,plans where datsubd.id = customers.id and customers.cusername='$username'and plans.planno=customers.plan";
$result=mysql_db_query($dbName,$query);
$row = mysql_fetch_array($result);
?>
<table width="100%" border="0" cellspacing="0" cellpadding="0" align="center">
<tr>
<td colspan="3"><?php include("top.inc");?></td>
</tr>
<tr>
<td width="25%" align="left" valign="top"><?php include("left.inc");?> </td>
##########userauth.php script##############
<?php
/
Usage : Include at the top of all pages you want the
the user to have to be logged in to view.
include ("auth.php");
/
function query($query)
{
$DB_HOST="localhost";
$DB_USER="root";
$DB_PASS="";
$DB_NAME="northwest";
// Connect to DB
if (!$link = @mysql_connect($DB_HOST, $DB_USER, $DB_PASS))
{
$result = 0;
die("db connect error");
}
else
{
// Select DB
if (!@mysql_select_db($DB_NAME, $link))
{
$result = 0;
die("db select error");
}
else
{
// Execute query
if (!$result = @($query, $link))
{
$result = 0;
die("db query error");
}
}
}
@mysql_close($link);
return $result;
}
function login_user($user_name, $password)
{
// Form our sql query
$result = query("SELECT * FROM customers WHERE cusername ='$user_name'");
$row = mysql_fetch_array($result);
if (($row["cusername"] == $user_name) AND ($row["cpassword"] == $password) AND ($user_name != ""))
{
// User has been authenticated, send a cookie
$user_id = $row["cusername"];
$encryptedpassword = md5($password);
SetCookie("LoginCookie", "$user_id-$encryptedpassword", time()+50); // 3600 expires one hour from now you can increse this if you what it to last longer
$success = 1;
} else {
$success = 0;
}
return $success;
}
function verify_auth($cookie)
{
// Split the cookie up into userid and password
$auth = explode("-", $cookie);
$query = query("SELECT * FROM customers WHERE cusername = '$auth[0]'");
$row = mysql_fetch_array($query);
$encryptedpassword = md5($row["cpassword"]);
if (($row["cusername"] == $auth[0]) AND ($encryptedpassword == $auth[1]) AND ($auth[0] != ""))
{
$success = 1;
} else {
$success = 0;
}
return $success;
}
function display_loginform()
{
global $SCRIPT_URL;
?>
<table width="400" border="1" align="center">
<form name=login action="<?$SCRIPT_URL?>" method=get>
<tr><td bgcolor=black><font face="Arial" color=white size=2><b>Login<b></font></td></tr>
<tr><td><font face="Arial" color=black size=2>Name <input name="user_name" value="" size=10> Password <input name="password" type=password value="" size=10></font></td></tr>
<tr><td><font face="Arial" color=black size=2> <input type="submit" value="Login"> <input type=reset value="Clear"></font></td></tr>
</form>
</table>
<?
exit;
}
//////////////// script entry point here
$SCRIPT_URL=getenv("SCRIPT_NAME");
if($LoginCookie) // if cookie exists, check authenticity
{
$authenticated=verify_auth($LoginCookie);
if($authenticated==0) display_loginform();
} else {
$login=login_user($user_name,$password);
if($login==0) display_loginform();
}
// if user has logged in, the script carries on here....
$cookie_var = split("-", $LoginCookie);
// this variable contains who the user is logged in as!
$username = $cookie_var[0];
?>
