check username. password, user status, set cookie using PHP & MySQL

what is the php code to do the following

take username password from webpage

each person in the users table has a username, password, admin field and useryet field.  the admin and useryet fields are either 0 or 1

if username and password match and someone is an admin (admin field =1) I need to create an admin cookie and go back to the homepage
if username and password match and someone is a user(useryet =1) I need to create an user cookie and go back to the homepage

if username and password match and someone is a user but not an approved member yet (useryet=0) then display a sorry you are not an approved member yet message

if username password don't match display unknown user message
CiscoTavonAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

rajkumar_pbCommented:
I used the below code and to be frank its more than good enough of what you asked for.

http://www.evolt.org/node/60384

Also try this. Simple, and much secure. Easy to configure

http://php-login-script.com/
0
vidularandunuCommented:
<?php

//get the posted variables
$username = $_POST['username'];
$password = $_POST['password'];

//create a connection
$connection = mysql_connect("server address","server password";
if(!$connection) die ("MySQL Connection failure");
$db = mysql_select_db("databasename",$connection);
if(!$db) die ("MySQL Database error");

$username = mysql_real_escape_string($username); //to prevent sql injection
$password = mysql_real_escape_string($passwqord); //to prevent sql injection


//query the database
$q = "SELECT * from user_table WHERE username = '".$username."' LIMIT 1";
$result = mysql_query($q,$connection);
while($result = mysql_fetch_array($q))
{
      $array [] = $result;
}      

if(!isset($array)){
      echo "Invalid Username or password";
}
else
{
      $pwd = $array[0]['password'];
      if($pwd === $password)
      {
            if($array[0]['useryet'] == 0){
                  echo "Sorry you're not an approved user yet";
            }
            else{
                  //create user cookie
            }
            
            if($array[0]['admin'] == 1){
                  //create admin cookie
            }
      }
      else{
            echo "Invalid Username or password";
      }
}

?>
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
CiscoTavonAuthor Commented:
Thank you for your help.  I'm still having some problems.  it is failing at the part of code I included in this post

I enter a test username and password.  it just displays "Invalid Username or password 1"

it appears to not be doing a query of the table.

if I go direct to the MySQL database and enter
SELECT * from users WHERE username = "bob";
it returns 1 result as it should


//query the database
$q = "SELECT * from user_table WHERE username = '".$username."' LIMIT 1";
$result = mysql_query($q,$connection);
while($result = mysql_fetch_array($q))
{
      $array [] = $result;
}      

if(!isset($array)){
      echo "Invalid Username or password 1";
}

Open in new window

0
vidularandunuCommented:
remove the while loop, and add a single mysql_fetch_array statement, since it is returning a single result..
(make sure you use the correct table name in the php query code)..

also do a print_r on the result and see what you're getting.


$result = mysql_fetch_array($q)
if(!isset($result){ ..}

Open in new window

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.