hay clay
letts start over
1st page where u ll take input into a from n post it
-----------------------------------------------------
echo(" <form action=logn_p.php method=POST>
<input type=text name=frm_login></input>");
echo(" password
<input type=password name=frm_pw></input>
<input type=submit value=login ></input>
</form> ");
******
a simple form ! ! ! !
******
--------------------------------------------
logn_p.php
---------------
include"cnctdb.php"; // a file for ur connection to
database with the connection query n all
// get the variables passed from the form
$flogin=$_POST['frm_login'];
$fpw=$_POST['frm_pw'];
// qry for gettin the login and password
fields from db table
$query = "SELECT role_id,fName, logn.memb_id FROM
mbr_inf, logn WHERE logn.login = '$flogin' and logn.pw
= '$fpw' and mbr_inf.memb_id = logn.memb_id ";
$result = mysql_query ($query)
or die ('qry failed ! DA tbl must xixt in DA db
specifyd bov ....');
$rows = mysql_num_rows($result);
if($rows>0) { // chk n disply fo membrz only ! ! ! !
$data = mysql_fetch_row($result);
if ($data[0] == 0 && $flogin != "") // chk fo mbr
{
$name=$data[1];
// initiate a session session_start();
// register some session variables
session_register("SESSION");
header("Location: /dir_path/mbrchk.php?flogin=" .
$flogin. "&varble2=" .$varble2);
exit();
} // endda membr chk ! ! ! !
else { // no lgn found
header("Location: /dir_path/nologn.php");
exit();
}
-------------------------------------------------------
mbrchk.php
--------------
****** now this is the file that actually displayz the
material only a member has access to
******
// session check
session_start();
if (!session_is_registered("SESSION"))
{
// if session check fails, invoke error handler
header("Location: /sir/nolgn.php");
exit();
}
$flogin=$_GET['flogin'];
$name_qry = "select fName,lastName from mbr_inf where
email='$flogin'";
$name_qry_result = mysql_query ($name_qry)
or die ('qry failed ! DA tbl must xixt in DA db
specifyd bov ....');
**** and after this u can fetch row or dsply what ever
u want to
*****
-------------------------------------------------------
hope this helps .....
good luck
toby ......
--- Clay Culver <[EMAIL PROTECTED]> wrote: > Hi,
> I am having a problem trying to set a cookie with
> the
> register_globals variable turned OFF. I have a
> script that just checks a
> password in a MySQL database through a form, if the
> password is the same
> in the db then the cookie is set and access is
> allowed to any page that
> has the other part of the code. Right now the
> password is not being
> validated, below is the code I am using.
>
> [html form]
> <form method="post" action="validate.php">
> <h5>Enter Password</h5>
> <p><input type="password" name="password" size="20"
> /></p>
> <input type="submit" value="Enter" />
> [/html form]
>
> [validate.php]
> <?php
> include("phpDB.php");
> include("db.php");
> $result = $db->execute("SELECT Password FROM
> password WHERE
> Location='members'");
> if (!strcasecmp($result->fields['Password'],
> $password)) {
>
> setcookie ("access", "access", 0, "", "weburlhere",
> 0);
>
> ?>
> <html>
> <head>
> <title>Identification</title>
> <!--
> <META HTTP-EQUIV="Expires" CONTENT="Fri, Jun 12 1981
> 08:20:00 GMT">
> <META HTTP-EQUIV="Pragma" CONTENT="no-cache">
> <META HTTP-EQUIV="Cache-Control" CONTENT="no-cache">
> -->
> </head>
> <body>
> <div align="center">
> Password accepted
> </div>
> <?php
> include("footer.htm");
> ?>
> <?php } else { // bad password
> ?>
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0
> Transitional//EN"
> "http://www.w3.org/tr/xhtml1/dtd/transitional.dtd";>
> <?php print("<?xml version=\"1.0\"
> encoding=\"iso-8859-1\"?>\n"); ?>
> <html>
> <head>
> <title>Bad Password</title>
> </head>
> <body>
> <div align="center">
> Bad Password
> <?php
> include("footer.htm");
> ?>
> </div>
> <?php }?>
> </body>
> </html>
> [/validate.php]
> [password.php this is what is included at the top of
> the pages I wish to
> protect]
> <?php
> if (isset ($access)) {
> if (!strcasecmp("access", $access)) {
> }
> else {
> header ("Location: http://url/breach.php";); //
> Redirect
> browser
> exit; // Make sure that code below does not get
> executed when we redirect.
> }
> }
> else {
> header ("Location: http://url/breach.php";); //
> Redirect browser
> exit; // Make sure that code below does not get
> executed when we
> redirect.
> }
> ?>
> [/password.php]
>
> I have tried changing
> if (!strcasecmp($result->fields['Password'],
> $password)) {
>
> to
>
> if
> (!strcasecmp($result->fields{$_POST['Password']},
> $password))
> {
>
> But when I do this you can just click on the submit
> button and it will
> say you are authenticated, and the cookie is not
> set. When just
> if (!strcasecmp($result->fields['Password'],
> $password)) { is used the
> cookie is not set thus not allowing access to the
> pages protected by the
> script. I hope I have explained this so everyone can
> understand me.
>
> Clay
>
>
> --
> PHP Windows Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
__________________________________________________
Do You Yahoo!?
Everything you'll ever need on one web page
from News and Sport to Email and Music Charts
http://uk.my.yahoo.com
--
PHP Windows Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
