Hi,
I need a little help to create a PHP login script that check for 3 values in a database
and allow someone to login if all 3 values are true. I'm a beginer so please any help is
appreciated. I have this code here and the tables of my database that has the information
that I need the login script to check. The 3 values I want the script to check are
username, password, software status. If username and password are correct but the software status
is "OFF" then the user should NOT be able to login. Software status must be "ON" and username and
password correct to allow user to login. The username is the "email" of the user, the password is the
"custkey" and the ON/OFF status is the "software_status".
TABLE customers (
customerid int(7) NOT NULL auto_increment,
software_name varchar(65) NOT NULL default '',
date date NOT NULL default '0000-00-00',
name varchar(65) NOT NULL default '',
city varchar(50) NOT NULL default '',
country varchar(60) NOT NULL default '',
email varchar(120) NOT NULL default '',
custkey varchar(32) NOT NULL default '',
note varchar(200) NOT NULL default '',
times_accessed int(7) NOT NULL default '0',
check_frequency int(7) NOT NULL default '24',
last_accessed date NOT NULL default '0000-00-00',
expiry_date date NOT NULL default '0000-00-00',
software_status char(3) NOT NULL default 'ON',
urls_allowed int(7) NOT NULL default '4',
PRIMARY KEY (customerid)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=122 ;
<?php
// Connects to your Database
mysql_connect("localhost", "username", "password") or die(mysql_error());
mysql_select_db("Database_Name") or die(mysql_error());
//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))
//if there is, it logs you in and directes you to the members page
{
$username = $COOKIE['ID_my_site'];
$pass = $COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM customers WHERE username = '$email'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['custkey'])
{
}
else
{
header("Location: customers.php");
}
}
}
//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted
// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database
if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM customers WHERE email = '".$_POST['username']."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('User does not exist in our database.');
}
while($info = mysql_fetch_array( $check ))
{
$POST['pass'] = stripslashes($POST['pass']);
$info['password'] = stripslashes($info['password']);
$POST['pass'] = ($POST['pass']);
//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else
{
// if login is ok then we add a cookie
$POST['username'] = stripslashes($POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $POST['username'], $hour);
setcookie(Key_my_site, $POST['pass'], $hour);
//then redirect them to the members area
header("Location: customers.php");
}
}
} else {
// if they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}
?>
I don't know if I get the code correct so far. But what I mostly need is a piece of code that
check the status ON or OFF to let someone in or not.
Thanks in Advance.
