Need Help with Login Script

reub77

I'm building a site that requires login info in order to see important secure pages.

The user should fill in his username and password in a form. The form should query the database for matches and return a result and if it is a correct login also return the id for their record. These values should then be stored in cookies so that I can check to see if they are valid throughout each secure page. I would also need a quick script to do that. After they successfully login they will be redirected to a Welcome page. Please help me. My current code just isn't working. Here is the core of it:

 

//Connecting to database
include ("connectDB.php");
$ID ="";
$user1 ="";
$pass1 ="";
function login($user, $passWord) {
        $conn = db_connect(); 

	//declare query
    $query = "SELECT username,password,id FROM demographics WHERE (username='".$user."' AND password='".$passWord."')";

	//execute query
    $result = mysql_query($query);
    $x = 0;
    while ($x < mysql_num_rows($result)) :
        $ID = mysql_result($result, $x, 'id');
        $user1 = mysql_result($result, $x, 'username');
        $pass1 = mysql_result($result, $x, 'password');
        $x++;
    endwhile; 		
	print "The values = $ID , $user1 , $pass1";
	if($result!=""){print "Incorrect Login";
	} else {
		// set //
        setcookie("siteuser", $user1 ); 
        setcookie("password", $pass1 );
	    setcookie("userID", $ID );
	}
}
if ($Submit){
  if ($user != "" && $passWord != ""){
	print "Not = to Nothing, FORM = Username: $user , Password: $passWord";	
	// now check the values received via the form 
	    $result = login($user, $passWord);

	print "The values = $ID , $user1 , $pass1 , $result";
    print "Cookies are Set , $siteuser , $password , $ID";
    if($result == "true") { 


    // redirect //
        Header("Location: members_welcome.php"); 		    
    }     
  }else {
	$status = "Incorrect Login";
  }
}

intenz

For gods sake, use:

[php]
PHP Code here
[/php]

reub77

Sorry, didn't know you could do that.

crosbystillsnas

whats the error?

is this printed out?

print "The values = $ID , $user1 , $pass1";

crosbystillsnas

what about changing

print "The values = $ID , $user1 , $pass1"; 
        if($result!=""){print "Incorrect Login"; 
        } else { 
            // set // 
            setcookie("siteuser", $user1 );  

            setcookie("password", $pass1 ); 
            setcookie("userID", $ID ); 
        }

        $num = mysql_num_rows($result);
        if($num<>1){print "Incorrect Login"; 
        } else { 
            setcookie("siteuser", $user1 );  

            setcookie("password", $pass1 ); 
            setcookie("userID", $ID ); 
            print "The values = $ID , $user1 , $pass1"; 
        }

reub77

I'll try that.

The error says cannot send header. Although the problem only occurs when I try to obtain that third database result (id) and then store it into a cookie. I had it all working before when it was just checking the database from the results it got from the form. I've added lots of print ""; in order for testing purposes to see where it's failing. The Header() thing works when I don't try to pass variables into the lower portion of the code. It works when its supposed to grab the variables from the form. I just added an extra step in order to make the id a third cookie and then it all broke. I can't figure it out.

crosbystillsnas

yes, its the old thing with headers and output.
NO output to the browser before sending headers.

the version i posted before will first set the cookie and then display the text...