Handling errors and invalid login

matleeds2

Hi,

I've inherited some html/php code (lucky me) and it's been years since i've played with it so I'm quite rusty.

Anyway, I have a fairly bog standard login process and wish to simply display some text on the login page if the login detail is invalid and possibly
log the error to a log file too.

here's the index.php file...the login stuff is at the bottom

<?php   

02 $dir = dirname(__FILE__);  

03    

04 require_once "$dir/ot/ot.php";  

05    

06 ot::include_view('header', array('account' => null))  

07 ?>  

08    

09 <html>  

10 <head>  

11 <title>Welcome to ....</title>  

12 </head>  

13    

14 <body style="font-size: 14pt; font-family=verdana;">  

15     <div><img src="OTLogo1.bmp"/><h1> Welcome to ...</h1> </div>  

16 <?php if (!empty($account)): ?>  

17     <div style="border-bottom: 1px dotted #AAA; padding-bottom: 2px; margin-bottom: 10px;">  

18         <div style="float: left">  

19             <?php  

20                 $mtime = (int)@file_get_contents(otDB_DIR."/updated");  

21                 $date = date("d/m/Y", $mtime);  

22                 $time = date("G:i", $mtime);  

23                 if ($mtime > 0) {  

24                     echo "Last Updated $date at $time";  

25                 }  

26             ?>  

27         </div>  

28         <div style="float: right">Welcome, <?php echo $account->email;?> - <a href="?page=home">Home</a> - <?php ot::include_view('logout_link')?></div>       

29         <div style="clear: both"></div>  

30     </div>  

31         <?php  

32             if (ot::is_admin()) {  

33                 ot::include_view('admin_page');  

34             } else {  

35                 ot::include_view('user_page');  

36             }  

37         ?>  

38 <?php else: ?>  

39     <p>Please login below.</p>  

40     <?php ot::include_view('login_form')?>  

41 <?php endif; ?>  

42    

43 </body>  

44 </html>

here's login_form.php

<form action='<?php echo $_SERVER['REQUEST_URI']?>' method='post' >  

2 <fieldset>  

3 <legend>Login</legend>  

4 <p>Email:<br/><input type='text' name='email' /></p>  

5 <p>Password:<br/><input type='password' name='pwd' /></p>   

6 <!-- <p><input type='submit' name='do_login' value='Login' /> <input type='submit' name='do_reset_password' value='Reset Password' /></p> -->  

7 <p><input type='submit' name='do_login' value='Login'/> </p>   

8 </fieldset>  

9 </form>

and here's the function do_login (contained in ot.php..a php function file)

public static function do_login(&$err="")  

02     {  

03         $adb = ot::db('account');  

04         $e = self::post('email');  

05         $p = self::post('pwd', '', false);  

06         if (self::post('do_login') && $e && $p) {  

07             $ao = self::account_from('email', $e);  

08             if ($ao) {  

09                 if (self::validate_login($e, $p, $ao)) {  

10                     $_SESSION['id'] = $ao->id;  

11                     return $ao;  

12                     }  

13             }  

14             $err = "Invalid email or password";           

15             return false;  

16         }  

17     }

I'm unclear if the do_login fails as to how that ($err) is fed back to the web pages.

Any assistance would be greatly appreciated.

djjjozsi

Hello,

in your code do_login(&$err="") $err is a reference for a variable, you can echo this $err variable if the do_login() returned as false.

Copy that code sniper here where you have called this do_login().