Solved

Have message come after user tries to login

Posted on 2007-11-28
2
191 Views
Last Modified: 2008-02-01
I would like to have my code where nothing happens until the user tries to login.  RIght now, the code runs as the page loads, therefore outputting the error message.  I don't want the error message to be displayed until a user tries to login.

<?php
session_start();
//Pulling info from login page
if ($_SERVER['REQUEST_METHOD']  == "POST") {
     
      $strUsername = $_POST['strUsername'];
      $strPassword = $_POST['strPassword'];
     
}
 
//Connect to the database
$conn = mysql_connect("localhost", "username", "password")
or die(mysql_error());
mysql_select_db("bank");
 
//Select info from the database
$sql_select = mysql_query("select * from login where strUsername = '" . $strUsername . "' and strPassword = '" . md5($strPassword) . "'")
or die(mysql_error());
 
if(mysql_num_rows($sql_select) != 0)
{
        $_SESSION["username"] = $strUsername;
        header("location: index.php");
}
else
{
        $result = "You are not authorized, please register with us.";
}
 
 
session_write_close();
?>
0
Comment
Question by:pingeyeg
2 Comments
 
LVL 20

Accepted Solution

by:
steelseth12 earned 500 total points
ID: 20370442
<?php
session_start();
//Pulling info from login page

if(isset($_POST['strUsername'])) { // check if form has been submitted

      if ($_SERVER['REQUEST_METHOD']  == "POST") {
             
              $strUsername = $_POST['strUsername'];
              $strPassword = $_POST['strPassword'];
             
      }
      
      //Connect to the database
      $conn = mysql_connect("localhost", "username", "password")
      or die(mysql_error());
      mysql_select_db("bank");
      
      //Select info from the database
      $sql_select = mysql_query("select * from login where strUsername = '" . $strUsername . "' and strPassword = '" . md5($strPassword) . "'")
      or die(mysql_error());
      
      if(mysql_num_rows($sql_select) != 0)
      {
                  $_SESSION["username"] = $strUsername;
                  header("location: index.php");
      }
      else
      {
                  $result = "You are not authorized, please register with us.";
      }

}
 
 
session_write_close();
?>
0
 
LVL 1

Author Comment

by:pingeyeg
ID: 20370459
Awesome!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now