Hi i am having a problem with my $session process.php page..
what i am trying to do is when maintainance mode is active only admins can login
and if a user is banned it goes back to the reffering page and displays a banned error message...
I have my coding, and it seems fine to me, but when i try logging in as a user who is not banned it stays on the process page...so im really confused
the login code i have is:
<?php
function procLogin(){
global $session, $form;
include('db.php');
$mysql_access = mysql_connect("localhost", $user, $pw);
mysql_select_db($db, $mysql_access);
$query = "SELECT * FROM main";
$result = mysql_query($query);
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
if ($row['maintainance'] == 'yes') {
$mysql_access = mysql_connect("localhost", $user, $pw);
mysql_select_db($db, $mysql_access);
$query2 = "SELECT * FROM users WHERE userlevel='9'";
$result2 = mysql_query($query2);
while($row2 = mysql_fetch_array($result2, MYSQL_ASSOC))
{
if ($row2['username'] == $_POST['user']) {
$retval = $session->login($_POST['user'], $_POST['pass'], isset($_POST['remember']));
if($retval){
$query = "UPDATE users SET online='yes' WHERE username='".$_POST['user']."'";
$result = mysql_query($query);
header("Location: toolbar.php");
}else{
$_SESSION['value_array'] = $_POST;
$_SESSION['error_array'] = $form->getErrorArray();
header("Location: toolbar.php");
}
}else{
header("Location: toolbar.php?login=maintainance");
}
}
}else if ($row['maintainance'] != 'yes') {
$mysql_access = mysql_connect("localhost", $user, $pw);
mysql_select_db($db, $mysql_access);
$query3 = "SELECT * FROM banned_users WHERE username='".$_POST['user']."'";
$result3 = mysql_query($query3);
while($row3 = mysql_fetch_array($result3, MYSQL_ASSOC))
{
if ($row3['username'] == $_POST['user']) {
header("Location: toolbar.php?login=banned&user=".$_POST['user']."&date=".$row3['timestamp']);
}else{
$retval = $session->login($_POST['user'], $_POST['pass'], isset($_POST['remember']));
if($retval){
$query = "UPDATE users SET online='yes' WHERE username='".$_POST['user']."'";
$result = mysql_query($query);
header("Location: toolbar.php");
}else{
$_SESSION['value_array'] = $_POST;
$_SESSION['error_array'] = $form->getErrorArray();
header("Location: toolbar.php");
}
}
}
}
}
}
?>
thanks in advance for any help given,
Vinny
