troubleshooting Question

PHP Code problems... please check for errors - or post better code

Avatar of innercproductions
innercproductions asked on
PHP
2 Comments2 Solutions285 ViewsLast Modified:
I'm having trouble with the following code working correctly.
It keeps showing the information in the "logged in" area without having to be logged in.
I don't have anyone else to check it for errors.
Can anyone help?



---------------------------------------------------------------------------------------------------------------------------

<?
session_start(); // start session.

//Includes the header which also includes the variables file
require('inc_header.php');

// custom error function
function custom_die($errormsg) {
      print $errormsg;
      require("inc_footer.php");
      exit();
} // end of custom_die function


// checks to see if the managers account number and password are set
if(!isset($manageracctnum) | !isset($manageracctpass)) {

// the below area is displayed when logged in......
?>


logged in.....
<br />
This is display when the user has logged in.

<?
include('inc_footer.php');

// the above area is displayed when logged in...
exit();
}

// register account number and password as session variables
session_register("manageracctnum");
session_register("manageracctpass");

$db = mysql_connect($database_host, $database_username, $database_password) or die ($database_couldnotconnect);
mysql_select_db($database_name,$db);

$query = "SELECT managerpassword FROM $companytable_name WHERE companynumber = '$manageracctnum'";
$result = mysql_query($query) or custom_die($database_errorinquery);

$fetch_em = mysql_fetch_array($query);
$numrows = mysql_num_rows($query);

if($numrows != "0" & $managerpassword == $fetch_em["manageracctpass"]) {
            $valid_user = 1;
}
else {
            $valid_user = 0;
}
if (!($valid_user)) {
            session_unset();   // Unset session variables.
            session_destroy(); // End Session we created earlier.
// escape from php mode.

?>


<div class="error">
Incorrect login information, please try again.
<br>
You must login to access the Manager Administration Area.
</div>



<form action="<?=$_SERVER['PHP_SELF']?><?if($_SERVER['QUERY_STRING']>' '){echo '?'.$_SERVER['QUERY_STRING'];}?>" method="POST">


<table cellpadding="5" cellspacing="5"><tr>
<td valign="top">

Manager Account Number ( 6 characters ):
<br>
<input type="text" name="manageracctnum" size="30" tabindex="1" maxlength="5">

</td><td valign="top">

Password:
<br>
<input type="password" name="manageracctpass" size="30" tabindex="2" maxlength="20">

</td><td valign="bottom">

<input type="submit" value="Login" tabindex="3">

</td>
</tr>
<tr>
            <td align="left" valign="top" colspan="3">
                  &nbsp;
            </td>
      </tr>
</table>

</form>




<?
include ("inc_footer.php");
?>

<?
exit();
}
?>


ASKER CERTIFIED SOLUTION
glcummins

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 2 Answers and 2 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 2 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros