Forum Moderators: coopster
<html>
<title></title>
<script language="JavaScript" src="./js/lib.js"></script>
<script language="JavaScript">
function validate()
{
if (document.forms[0].login.value == "")
{
alert("User Name field empty");
document.forms[0].login.focus();
return false;
}
if (document.forms[0].password.value == "")
{
alert("Password field empty");
document.forms[0].password.focus();
return false;
}
return true;
}
</script>
<body>
<h1>Login</h1>
<form action="login_2.php" method="post" OnSubmit = "return validate()">
<table align="center" border="1" cellspacing="0" cellpadding="3">
<tr><td>Username:</td>
<td>
<input type="text" name="login" maxlength="40">
</td>
</tr>
<tr><td>Password:</td><td>
<input type="password" name="password" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
</body>
</html>
------------------------------------------------
login_2.php
----------------------------------------------
<?php
session_start();
if(!array_key_exists("login", $HTTP_POST_VARS))
{
?>
<script language=javascript>
location.href = "login.php";
</script>
<?
}
?>
<?
define("NEWS_LB_TITLE", "Title");
define("DB_CONN_STRING", "marathon");
//$_POST['login'] = stripslashes($_POST['login']);
//$_POST['password'] = stripslashes($_POST['password']);
$_SESSION['login'] = $_POST['login'];
$_SESSION['password'] = $_POST['password'];
//print $_SESSION['login'];
//print $_SESSION['password'];
require_once("./class/class_2.php");
require_once("./class/class_validation.php");
$allLogin = new selectallnews();
$allLogin->executeQuery();
?>
<html>
<head>
<title></title>
</head>
<body>
<?php while ($allLogin->hasRecord()):?>
<table border = "1">
<tr>
<td>Title</td>
<td>First Name</td>
<td>Last Name</td>
<td>Login</td>
<td>Password</td>
<td><a href="logout.php">Logout</a></td>
</tr>
<tr>
<td><?php echo $allLogin->getTitle()?></td>
<td><?php echo $allLogin->getFirstName()?></td>
<td><?php echo $allLogin->getLastName()?></td>
<td><?php echo $allLogin->getLogin()?></td>
<td><?php echo $allLogin->getPassword()?></td>
<td></td>
</tr>
</table>
<?php endwhile?>
</body>
</html>
---------------------------------------------
class_2.php
---------------------------------------------------
<?
class selectallnews {
var $login;
var $password;
var $cmdLogin;
var $dbConn;
function selectallnews() {
$this->dbConn = odbc_connect(DB_CONN_STRING, "", "");
$this->login = $_SESSION['login'];
$this->password = $_SESSION['password'];
}
function getId() {
return odbc_result($this->cmdLogin, "id");
}
function getTitle() {
return odbc_result($this->cmdLogin, "Title");
}
function getFirstName() {
return odbc_result($this->cmdLogin, "FirstName");
}
function getLastName() {
return odbc_result($this->cmdLogin, "LastName");
}
function getLogin() {
return odbc_result($this->cmdLogin, "Login");
}
function getPassword() {
return odbc_result($this->cmdLogin, "Password");
}
function getUserLevel() {
return odbc_result($this->cmdLogin, "UserLevel");
}
function hasRecord() {
return odbc_fetch_row($this->cmdLogin);
}
function executeQuery() {
$strSQLNews = "Select * From User ".
"where Login = '$this->login' ".
"AND Password = '$this->password'";
$this->cmdLogin = odbc_prepare($this->dbConn, $strSQLNews);
return odbc_execute($this->cmdLogin);
}
}
?>
---------------------------------------------
Class_validation.php
--------------------------------------------
<?
function login_check ($forms) {
$error = "";
$username = $forms["login"];
$password = $forms["password"];
if (trim($username) == "") $error .= "<li>Your username is empty.</li>";
if (trim($password) == "") $error .= "<li>Your password is empty.</li>";
}
?>
Why not just query the database for the password and/or username that are entered and then use mysql_num_rows() to see if anything has been returned?
if (mysql_num_rows($result)>0)
{
//login failed
}
else
{
//login ok
}
I need a code that is compatible with Microsoft Access
if (mysql_num_rows($result)>0)
{
//login failed
}
else
{
//login ok
}
