Hello,
I have the following "login" script, which isn't working at the moment. When the details are submitted to the database, it always returns that the details can not be recongised, even though i know that the records username (uname) and password (pword) do exist.
The main login script is below and the two external function in a seperate wrapperclass, can be found after the script.
<?php
include "wrapperclass.php";
if($content=="login"){
if (isset($_POST['pword'])) {
//encrypt password
$pw = md5($_POST['pword']);
//check username and password exists in dbase
//make an object of the wrapperclass
$forum=new ForumInterface();
//make db connection
$forumpointer=$forum->connect();
//insert record
$forum->checkUsername($uname, $pw);
//disconnect to db
//$forum->Disconnect($forumpointer);
//if rows not 0 then username details correct
if ($checkaccess !=0) {
//set session
session_start();
session_register("$uname");
session_register("$pword");
//disconnect
$forum->Disconnect($forumpointer);
//make an object of the wrapperclass
$forum=new ForumInterface();
//make db connection
$forumpointer=$forum->connect();
//insert record
$forum->getaccesslevel($uname, $pw);
while ($row=mysql_fetch_assoc($rs))
{
$UserAccount = $row['UserAccount'];
}
//disconnect to db
$forum->Disconnect($forumpointer);
session_register("$UserAccount");
//directing to pages
header("Location: admin.php");
} else {
$loginstatus="failed";
}
}
}
?>
Which has the following two external functions included:-
//check whether user exists in the table
function checkUsername($uname, $pw) {
$sql= "SELECT COUNT(*) AS count FROM userarea
WHERE Username= '$uname'AND Password='$pw'";
$result = mysql_query($sql);
$checkaccess = mysql_result($result, 0, 'count');
return $checkaccess;
}
//get user access level
function getaccesslevel($uname, $pw)
{
$rs = mysql_query("SELECT UserAccount FROM userarea WHERE
Username='$uname' AND Password='$pw'") or die(mysql_error());
return $rs;
}
Hopefully, someone can see where im going wrong.....
Thanks
