I am trying to create a page which uses cookies to authenticate people before they can access the page. But, the page is not loading, so I have a coding error somewhere. I hope somebody can figure it out for me. I will remove all of the HTML parts, because I am pretty confident it is a PHP error. Any help would be appreciated.
<?php
// get cookie information
session_get_cookie_params();
session_start();
$user = $_COOKIE['user'];
$loggedin = $_COOKIE['loggedin'];
// setup common file
require ("common.php");
$stores = $_POST['stores'];
// set up variables
$databaseName = "guns";
$tableName = "used";
//connect to the database
if (!($conn=mysql_pconnect($hostName, $userName, $password))) {
DisplayErrMsg(sprintf("error connecting to host %s by user %s", $hostName, $userName));
exit();
}
// select the database
if (!mysql_select_db('user', $conn)) {
DisplayErrMsg(sprintf("Error in selecting %s database", 'user'));
DisplayErrMsg(sprintf("error:%d %s", mysql_errno($conn), mysql_error($conn)));
exit();
}
// check if logged in
if($loggedin == 1) {
$sql1 = "SELECT * FROM user WHERE userid='{$user}'";
$result1 = mysql_query($sql1);
$row1 = mysql_fetch_array($result1);
$admin = $row1['admin'];
$used = $row1['used'];
$userstore = $row1['store'];
// select the database
if (!mysql_select_db($databaseName, $conn)) {
DisplayErrMsg(sprintf("Error in selecting %s database", $databaseName));
DisplayErrMsg(sprintf("error:%d %s", mysql_errno($conn), mysql_error($conn)));
exit();
}
if(($admin == 1) or ($used == 1)) {
// set the SQL query
if($admin != 1) {
$result = "SELECT * FROM used where store='{$userstore}' order by make";
} else {
if(($admin == 1) and ($_POST['stores'])) {
$result = "SELECT * FROM used where store='{$stores}' order by make";
} else {
$result = "SELECT * FROM used order by make";
}
}
$qry=mysql_query($result);
?>
***HTML removed***
<?
if($admin == 1) {
?>
*** HTML Removed ***
<?
}
?>
*** HTML Removed ***
<?php
while ($row=mysql_fetch_array($qry)) {
$id=$row['id'];
$make=$row['make'];
$model=$row['model'];
$type=$row['type'];
$type2=$row['type2'];
$category=$row['category'];
$finish=$row['finish'];
$stock=$row['stock'];
$caliber=$row['caliber'];
$sights=$row['sights'];
$barrel_length=$row['barrel_length'];
$condition=$row['condition'];
$price=$row['price'];
$store=$row['store'];
$link=$row['link'];
$serial=$row['serial'];
echo "<TR>
<TD> {$store}</TD>
<TD>{$type2}</TD>
<TD>{$make} {$model} {$caliber} {$type}</TD>
<TD><center><A HREF=\"guninquiry.php?id={$id}\">Inquiry</A> / <A HREF=\"gunmodify.php?id={$id}\">Modify</A></center></TD>
</TR>";
}
?>
*** HTML Removed ***
<?
} else {
?>
<TABLE width="790" align="center" border="0">
<TR>
<TD>
<?
echo "You are not authorized to access this page.";
echo "User: {$user}";
} else {
echo "You are not logged in. Please <A HREF=\"login.html\">login</A> now.";
?>
</TD>
</TR>
</TABLE>
<?
}
}
mysql_close($conn);
?>
