This is the code I am trying....I am doing the user authentication.
<?
//this performs validation
$status= authenticate($user,$password);
if ($status ==1)
{
//initiate a session
session_start();
//register some session varibles
session_register("SESSION");
//including the user name
session_register("SESSION_UNAME");
$SESSION_UNAME = $user;
//redirect to protected page which is outside a directory
header ("Location: ../entry1.php");
exit();
}
else
//user check fails
{
//redirect to error page
header ("Location: /error.php?e=$status");
exit();
}
// authenticate username/password against a database
// returns: 0 if username and password is incorrect
// 1 if username and password are correct
function authenticate($user, $pass)
{
// configuration variables
// normally these should be sourced from an external file
// for example: include("dbconfig.php");
// variables explicitly set here for illustrative purposes
$db_host = "xyz";
$db_user = "xyz";
$db_pass = "xyz";
$db_name = "xyz";
// check login and password
// connect and execute query
$connection = mysql_connect($db_host, $db_user, $db_pass) or die
("Unable to connect!");
$query = "SELECT id from user WHERE userid = '$user' AND
password = PASSWORD('$pass')";
mysql_select_db($db_name);
$result = mysql_query($query, $connection) or die ("Error in
query: $query. " . mysql_error());
// if row exists -> user/pass combination is correct
if (mysql_num_rows($result) == 1)
{
return 1;
}
// user/pass combination is wrong
else
{
return 0;
}
}
?>
🙂 Thanks in advance.
Anitha
