Authenticate User Function

Anon

I have been toiling over this script for days now and cannot figure out why I cannot get it working! Hopefully one of you smart fellas/gals can recognize my error and help me.

First off I start with a login script that checks the input $form_user_id and $form_password against the database user and password. If it is authenticated I need it to set a cookie for further page authentication.

//delete all the old cookies

deleteCookies() ;

if (authenticateUser($form_user_id, $form_password)){
setcookie("cookie_passwd",$form_password);
setcookie("cookie_user",$form_user_id);

header("Location:http://$HTTP_HOST/$DOCROOT/default_authenticated.htm");
exit();
} else {
header("Location:http://$HTTP_HOST/$DOCROOT/error1.htm");
exit() ;
}

the function authenticateUser and deleteCookies is defined in functions.php which looks like this.

require 'common.inc' ;

// Display error messages
function DisplayErrMsg( $message )
{
printf("<blockquote><blockquote><blockquote><h3><font color=\"#cc0000\">
%s</font></h3></blockquote></blockquote></blockquote>\n", $message);
}

function authenticateUser($user, $password)
{
global $DB_SERVER, $HTTP__HOST, $DB_LOGIN, $DB_PASSWORD, $DB, $DOCROOT ;

// Open a persistent connection with the MySQl server
if (!($link = mysql_pconnect ($DB_SERVER,$DB_LOGIN, $DB_PASSWORD))) {
// DisplayErrMsg(sprintf("internal error %d:%s\n",
// mysql_errno(), mysql_error()));
DisplayErrMsg(sprintf("internal error %s %s %s %d:%s\n",$DB_SERVER, $DB_LOGIN, $DB_PASSWORD,
mysql_errno(), mysql_error()));
return 0 ;
}

// Do the user/password authentication
if (!($result = mysql_db_query("$DB", "select * from user_profile where
user_id='$user'"))) {
DisplayErrMsg(sprintf("internal error %d:%s\n",
mysql_errno(), mysql_error()));
return 0 ;
}

if (($row = mysql_fetch_array($result)) && ($password == $row["password"]
&& $password != ""))
return 1 ;
else
return 0 ;
}

function deleteCookies()
{

// delete all the old cookies
for($i=0; $i<$total_items; $i++)
{
setcookie("items_tray[$i]", "");
setcookie("quantity[$i]", "");
}
setcookie("items_tray", "");
setcookie("total_items", "");
setcookie("quantity", "") ;

}

For the life of me I cannot figure out why it isnt setting the cookies on the login page. Any help or hints you can provide are greatly appreciated!

Steve

Anon

After some hours of intensely beating my head against my keyboard I had a brain spasm and tried something different, and whalla! it works (do not recommend beating your head against your keyboard, its bad for your health... I know!).

The solution was actually quite simple.

The changed code was in the login script as follows.

if (authenticateUser($form_user_id, $form_password)){
setcookie("cookie_user", $form_user_id);
setcookie("cookie_passwd", $form_password);
header ("refresh: 0; url=Location_to_file");
exit();
} else {
header("location:http://location_to_file");
exit();
}

Naturally substitute "location_to_file" to your error, or login main page.

On all subsequent (my spelling stinks) that you wish to authenticate add the following lines of code to the beginning.

$cookie_user = $HTTP_COOKIE_VARS[cookie_user];
$cookie_passwd = $HTTP_COOKIE_VARS[cookie_passwd];

as well as the authenticate function.

I hope this helps anyone out there that might be having the same kind of problem that I have been having. I am not exactly sure this is the best way to do this but hey... it works!

Steve