hi,
im new to web applications and im trying to design a login page that will allow my members to login to their account - not just a members section.
i presume this involves session variables? im trying to create a session variable with my intUserID row in my tblplayeraccount table. txtEmailAddress and txtPassword are from the same table and make up the username and password respectively.
im using dreamweaver and ive created a normal login page with their applications and added a variable $_SESSION['MM_UserID'] = $LoginRS('intUserID'); and some sql intUserID in the SELECT line in the code below.
Im very knew and i dont know whats wrong? is the session coded wrong? i havent created a recordset manually, is $LoginRS the one i am supposed to refer too?
someone help me🙂
thanks in advance.
marcus
<?php require_once('../Connections/Rugby.php'); ?>
<?php
// *** Validate request to login to this site.
if (!isset($_SESSION)) {
session_start();
}
$loginFormAction = $SERVER['PHP_SELF'];
if (isset($GET['accesscheck'])) {
$SESSION['PrevUrl'] = $GET['accesscheck'];
}
if (isset($POST['emailaddress'])) {
$loginUsername=$POST['emailaddress'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "intAccessLevel";
$MM_redirectLoginSuccess = "../player_home.php";
$MM_redirectLoginFailed = "../login_failed.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_Rugby, $Rugby);
$LoginRS__query=sprintf("SELECT txtEmailAddress, txtPassword, intAccessLevel, intUserID FROM tblplayeraccount WHERE txtEmailAddress='%s' AND txtPassword='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));
$LoginRS = mysql_query($LoginRS__query, $Rugby) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = mysql_result($LoginRS,0,'intAccessLevel');
//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;
$_SESSION['MM_UserID'] = $LoginRS('intUserID');
if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
