1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 11:39 am May 1, 2026

Forum Moderators: coopster

Message Too Old, No Replies

Sessions and queries

         

Mnkras

9:55 pm on Oct 22, 2008 (gmt 0)

10+ Year Member



hi i am a beggineer

i am modifing a CMS and i need some help with sessions for a page i am working on

the login works and it verifies the sessions on some other pages

and i want it to check a colum in a table that is next to the logged in users name

the login .php is this: 


<?php
include("top.php");
if($_SESSION['id']){
echo "You are already logged in!";
}else{
if(!$_POST['login']){
echo "<fieldset><legend><b>Login to $servername</b></legend>";
echo "<form method=\"POST\"><center><table border=\"0\" width=\"300\">";
echo "<tr><td align=\"right\" width=\"50%\"><b>Username:</b></td><td><input type=\"text\" name=\"username\" maxlength=\"12\"></td></tr>";
echo "<tr><td align=\"right\"><b>Password:</b></td><td><input type=\"password\" name=\"password\" maxlength=\"12\"></td></tr>";
echo "<tr><td></td><td><input type=\"submit\" name=\"login\" value=\"Login\"></td></tr>";
echo "</table></center></form>";
echo "</fieldset>";
}else{
$u = mysql_real_escape_string($_POST['username']);
$p = mysql_real_escape_string($_POST['password']);
$s = mysql_query("SELECT * FROM `accounts` WHERE `name`='".$u."'") or die(mysql_error());
$i = mysql_fetch_array($s);
if($i['password'] == hash('sha512',$p.$i['salt']) ¦¦ sha1($p) == $i['password']){
$user = mysql_query("SELECT * FROM `accounts` WHERE `name`='".$i['name']."' AND `password`='".$i['password']."'") or die(mysql_error());
$auser = mysql_fetch_array($user);
$_SESSION['id'] = $auser['id'];
$_SESSION['name'] = $auser['name'];
$_SESSION['mute'] = $auser['mute'];
if($auser['webadmin'] == "1"){
$_SESSION['admin'] = $auser['webadmin'];
}
if($auser['gm'] == "1"){
$_SESSION['gm'] = $auser['gm'];
}
$name = mysql_query("SELECT * FROM `web_profile` WHERE `accountid`='".$auser['id']."'") or die(mysql_error());
$pname = mysql_fetch_array($name);
if($pname['name'] == NULL){
$_SESSION['pname'] = NULL;
}else{
$_SESSION['pname'] = $pname['name'];
}
echo "<META HTTP-EQUIV=Refresh CONTENT=\"0; URL=community.php\">";
}else{
echo "The informations you supplied do not match/exist!";
}
}
}
include("end.php");
?>

the top.php includes the database info for the connect

and there are 3 login levels but i only need it for the normal users (id) not the gm or webmin

i need it to show the value of the table and i am not experienced enough to do this

i want it to require to login then take the username of the logged in account

dreamcatcher

1:56 pm on Nov 12, 2008 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member



Hi Mnkras,

Did you find a solution to your problem?

dc

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / PHP Server Side Scripting 11:39 am May 1, 2026