Oh session variables are great!!
here:
how sessions work:
put this at the top of your page
session_start();
then to define a session variable $_SESSION['myvar'];
this will maintain state in an otherwise stateless script.
this code won't work correctly(what it is are just calls to functions
which connect to the db and select the db
SelectDB();
$db = 'PartsService';
connecttodb($db)
Then you must do a querry string to get you users names and passwords..... I would also recomend you doing some type of encryption or at least a hash allgorithm ie md5() ........
Then in a loop check with the $_POST['Upass']; against your data base........ or you could even
do this $querry="select Uname where pass =".$_POST['pass']."
if querry is null user is not a valid user......... hmmmm
an example of what I'm talking about:
if (isset($HTTP_POST_VARS['userid']) && isset ($HTTP_POST_VARS['password']))
{
$userid = $HTTP_POST_VARS['userid'];
$password = $HTTP_POST_VARS['password'];
$db_conn = MYSQL_CONNECT("localhost","","");
mysql_select_db(' ', $db_conn);
$query = '';
$result = mysql_query($query, $db_conn);
if (mysql_num_rows($result) >0)
{
$_SESSION['valid_user'] = $userid;
}
}
///now if the user is a user check if !empty($_SESSION
//['valid_user'])
There's some stuff missing for sicurity reasons... but fill in the db conn line.... mysql_querry line..... and query lin......... also if if(issit is just checking to see if the user actually entered data into the text boxes userid and password........
Hope this helps a little let me know
