check username. password, user status, set cookie using PHP & MySQL

what is the php code to do the following

take username password from webpage

each person in the users table has a username, password, admin field and useryet field.  the admin and useryet fields are either 0 or 1

if username and password match and someone is an admin (admin field =1) I need to create an admin cookie and go back to the homepage
if username and password match and someone is a user(useryet =1) I need to create an user cookie and go back to the homepage

if username and password match and someone is a user but not an approved member yet (useryet=0) then display a sorry you are not an approved member yet message

if username password don't match display unknown user message
CiscoTavonAsked:
Who is Participating?
 
vidularandunuConnect With a Mentor Commented:
<?php

//get the posted variables
$username = $_POST['username'];
$password = $_POST['password'];

//create a connection
$connection = mysql_connect("server address","server password";
if(!$connection) die ("MySQL Connection failure");
$db = mysql_select_db("databasename",$connection);
if(!$db) die ("MySQL Database error");

$username = mysql_real_escape_string($username); //to prevent sql injection
$password = mysql_real_escape_string($passwqord); //to prevent sql injection


//query the database
$q = "SELECT * from user_table WHERE username = '".$username."' LIMIT 1";
$result = mysql_query($q,$connection);
while($result = mysql_fetch_array($q))
{
      $array [] = $result;
}      

if(!isset($array)){
      echo "Invalid Username or password";
}
else
{
      $pwd = $array[0]['password'];
      if($pwd === $password)
      {
            if($array[0]['useryet'] == 0){
                  echo "Sorry you're not an approved user yet";
            }
            else{
                  //create user cookie
            }
            
            if($array[0]['admin'] == 1){
                  //create admin cookie
            }
      }
      else{
            echo "Invalid Username or password";
      }
}

?>
0
 
rajkumar_pbCommented:
I used the below code and to be frank its more than good enough of what you asked for.

http://www.evolt.org/node/60384

Also try this. Simple, and much secure. Easy to configure

http://php-login-script.com/
0
 
CiscoTavonAuthor Commented:
Thank you for your help.  I'm still having some problems.  it is failing at the part of code I included in this post

I enter a test username and password.  it just displays "Invalid Username or password 1"

it appears to not be doing a query of the table.

if I go direct to the MySQL database and enter
SELECT * from users WHERE username = "bob";
it returns 1 result as it should


//query the database
$q = "SELECT * from user_table WHERE username = '".$username."' LIMIT 1";
$result = mysql_query($q,$connection);
while($result = mysql_fetch_array($q))
{
      $array [] = $result;
}      

if(!isset($array)){
      echo "Invalid Username or password 1";
}

Open in new window

0
 
vidularandunuCommented:
remove the while loop, and add a single mysql_fetch_array statement, since it is returning a single result..
(make sure you use the correct table name in the php query code)..

also do a print_r on the result and see what you're getting.


$result = mysql_fetch_array($q)
if(!isset($result){ ..}

Open in new window

0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.