Advertisement

08.17.2007 at 08:44AM PDT, ID: 22770029
[x]
Attachment Details

PHP Code problems...  please check for errors - or post better code

Asked by innercproductions in PHP Scripting Language

Tags: code, php, check, errors

I'm having trouble with the following code working correctly.
It keeps showing the information in the "logged in" area without having to be logged in.
I don't have anyone else to check it for errors.
Can anyone help?



---------------------------------------------------------------------------------------------------------------------------

<?
session_start(); // start session.

//Includes the header which also includes the variables file
require('inc_header.php');

// custom error function
function custom_die($errormsg) {
      print $errormsg;
      require("inc_footer.php");
      exit();
} // end of custom_die function


// checks to see if the managers account number and password are set
if(!isset($manageracctnum) | !isset($manageracctpass)) {

// the below area is displayed when logged in......
?>


logged in.....
<br />
This is display when the user has logged in.

<?
include('inc_footer.php');

// the above area is displayed when logged in...
exit();
}

// register account number and password as session variables
session_register("manageracctnum");
session_register("manageracctpass");

$db = mysql_connect($database_host, $database_username, $database_password) or die ($database_couldnotconnect);
mysql_select_db($database_name,$db);

$query = "SELECT managerpassword FROM $companytable_name WHERE companynumber = '$manageracctnum'";
$result = mysql_query($query) or custom_die($database_errorinquery);

$fetch_em = mysql_fetch_array($query);
$numrows = mysql_num_rows($query);

if($numrows != "0" & $managerpassword == $fetch_em["manageracctpass"]) {
            $valid_user = 1;
}
else {
            $valid_user = 0;
}
if (!($valid_user)) {
            session_unset();   // Unset session variables.
            session_destroy(); // End Session we created earlier.
// escape from php mode.

?>


<div class="error">
Incorrect login information, please try again.
<br>
You must login to access the Manager Administration Area.
</div>



<form action="<?=$_SERVER['PHP_SELF']?><?if($_SERVER['QUERY_STRING']>' '){echo '?'.$_SERVER['QUERY_STRING'];}?>" method="POST">


<table cellpadding="5" cellspacing="5"><tr>
<td valign="top">

Manager Account Number ( 6 characters ):
<br>
<input type="text" name="manageracctnum" size="30" tabindex="1" maxlength="5">

</td><td valign="top">

Password:
<br>
<input type="password" name="manageracctpass" size="30" tabindex="2" maxlength="20">

</td><td valign="bottom">

<input type="submit" value="Login" tabindex="3">

</td>
</tr>
<tr>
            <td align="left" valign="top" colspan="3">
                  &nbsp;
            </td>
      </tr>
</table>

</form>




<?
include ("inc_footer.php");
?>

<?
exit();
}
?>


Start Free Trial
 
Keywords: PHP Code problems... please chec…
Title
1 PHP syntax
2 MySQL array results to _POST Variabl…
3 Security Problem In MySQL PHP Script
4 PHP Code not displaying output
5 PHP syntax
6 Php Email forgot password script
 
Loading Advertisement...
 
[+][-]08.17.2007 at 08:52AM PDT, ID: 19717844

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zone: PHP Scripting Language
Tags: code, php, check, errors
Sign Up Now!
Solution Provided By: glcummins
Participating Experts: 2
Solution Grade: A
 
 
[+][-]10.21.2007 at 07:28AM PDT, ID: 20118033

Assisted solutions are selected by the member who asked the question as a comment that contributed to their question's solution.

Start your 7-day free trial to view this Assisted Solution or ask the Experts your question.

 
[+][-]07.12.2008 at 07:16AM PDT, ID: 21989148

Experts Exchange has a courteous staff of administrators who help members get the most out of the website by means of administrative comments like this one.

Start your 7-day free trial to view this Administrative Comment or ask the Experts your question.

 
[+][-]07.17.2008 at 06:01PM PDT, ID: 22031800

Experts Exchange has a courteous staff of administrators who help members get the most out of the website by means of administrative comments like this one.

Start your 7-day free trial to view this Administrative Comment or ask the Experts your question.

 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_1_20070628