Wrox Programmer Forums
Go Back   Wrox Programmer Forums > PHP/MySQL > PHP Databases
| Search | Today's Posts | Mark Forums Read
PHP Databases Using PHP in conjunction with databases. PHP questions not specific to databases should be directed to one of the other PHP forums.
Welcome to the p2p.wrox.com Forums.

You are currently viewing the PHP Databases section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
  #1 (permalink)  
Old December 3rd, 2003, 10:07 AM
Authorized User
 
Join Date: Sep 2003
Location: London, , United Kingdom.
Posts: 23
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to Jams30
Default Login form question

Hi

I have created a login form for users to access a site. It checks the user name submitted in a form for a match in the database - on correct submission the user is then presented with 'Logged in as $user_name of $co_name, you have logged in $login_no times' - this all works fine. The login form and the welcome message are all in one page login.php.

My question is, how do I stop the user from refreshing the page and thus incrementing the value of $login_no? Here are my thoughts - 1) Create a separate page for the welcome message (plus other information from the database that will be appended to this message) from the login form OR 2)Use sessions - I haven't played around with sessions enough yet to know whether or not they would be any use in this situation.

This is the function that is called depending on the case of a switch statement:

function welcome()
{
$connection = sql_connect();
db_connect();
global $table_name, $user_name, $user_password, $agent_name;
if (empty($user_name))
{
echo "Please enter your User Name<BR>";
login();
exit();
}
elseif (chk_user_name($user_name))
{
echo "Your user name was not recognized! Please re-enter it!<BR>";
login();
exit();
}
elseif (empty($user_password))
{
echo "Please enter your password!<BR>";
login();
exit();
}
elseif (in_use($user_password))
{
echo "Your password is incorrect! Please re-enter it!<BR>";
login();
exit();
}
else
{
global $table_name;
$query = "SELECT * FROM $table_name WHERE user_name = '$user_name'";
$result = mysql_query($query);
$query_data = mysql_fetch_array($result);
extract ($query_data);
$login_no ++;
$query2 = "UPDATE $table_name SET login_no=$login_no WHERE user_name = '$user_name'";
$result = mysql_query($query2);
echo "Logged in as $agent_name of $co_name, you have logged in $login_no times<BR>";
}

}
Presumably, if I need to use sessions, I can add them to my code at a later point?
Note that the form action is set as <?php echo $PHP_SELF ?>.

Any advice would be appreciated

Many thanks

Jamal


  #2 (permalink)  
Old December 4th, 2003, 12:10 PM
richard.york's Avatar
Wrox Author
Points: 5,506, Level: 31
Points: 5,506, Level: 31 Points: 5,506, Level: 31 Points: 5,506, Level: 31
Activity: 0%
Activity: 0% Activity: 0% Activity: 0%
 
Join Date: Jun 2003
Location: Camby, IN, USA.
Posts: 1,706
Thanks: 0
Thanked 6 Times in 6 Posts
Default

Code:
<?php

function welcome()
{
    $connection = sql_connect();
    db_connect();

    global $table_name, $user_name, $user_password, $agent_name;

    if (empty($user_name))
    {
        echo "<span style='color: red; font-size: 10pt;'>Please enter your User Name</span><br />";
        login();
        exit();
    }

    else if (chk_user_name($user_name))
    {
        echo "<span style='color: red; font-size: 10pt;'>Your user name was not recognized! Please re-enter it!</span><br />";
        login();
        exit();
    }

    else if (empty($user_password))
    {
        echo "<span style='color: red; font-size: 10pt;'>Please enter your password!</span><br />";
        login();
        exit();
    }

    else if (in_use($user_password))
    {
        echo "<span style='color: red; font-size: 10pt;'>Your password is incorrect! Please re-enter it!</span><br />";
        login();
        exit();
    }

    else
    {
        global $table_name;

        $query                 = "SELECT * FROM $table_name WHERE user_name = '$user_name'";
        $result                = mysql_query($query);
        $query_data            = mysql_fetch_array($result);
        extract($query_data);

        $_SESSION["logged_in"] = mysql_num_rows($result);

        if ($_SESSION["logged_in"] == 1 && !isset($_SESSION["login_count"]))
        {
            $login_no++;

            $query2                  = "UPDATE $table_name SET login_no=$login_no WHERE user_name = '$user_name'";
            $result                  = mysql_query($query2);

            $_SESSION["login_count"] = true;
        }

        if ($_SESSION["logged_in"] == 1)

            echo "<span style='color: red; font-size: 10pt;'>Logged in as $agent_name of $co_name, you have logged in $login_no times</span><br />";
    }

}

?>
Well it isn't too difficult to add sessions into the mix here. For sessions to work you must make a call to session_start() at the very beginning of whatever page needs to use session data. No whitespace, no output, no anything before the opening <?php delimiter. And you also need to pass the session id.. the server will pass that id via cookies by default or you can pass the session id via url embedded arguments, which IMO is best because then you aren't relying on the user having cookies enabled.

See this thread:
http://p2p.wrox.com/topic.asp?TOPIC_ID=7205

And it would be best to avoid using deprecated HTML tags, like and <br> here is a thread that discusses why:
http://p2p.wrox.com/topic.asp?TOPIC_ID=4028

: )
Rich

:::::::::::::::::::::::::::::::::
Smiling Souls
http://www.smilingsouls.net
:::::::::::::::::::::::::::::::::


Similar Threads
Thread Thread Starter Forum Replies Last Post
Question in login script zone8567 Classic ASP Basics 1 May 25th, 2008 06:57 PM
question about login at server level hertendreef SQL Server 2005 0 August 27th, 2007 04:40 PM
one question about login control potato ASP.NET 2.0 Basics 1 July 12th, 2007 06:22 PM
a question about login control potato ASP.NET 2.0 Professional 0 July 11th, 2007 07:23 AM
Login Question Ben Horne Forum and Wrox.com Feedback 10 May 5th, 2004 01:03 PM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.