Re: [PHP] Login script login

On p, 2007-02-02 at 12:10 +0000, Dave Carrera wrote:
Hi Stut,

I think i have found where i am going wrong.....

Its in the comparison login for the db result.

So i select * from jfjfjfjf where custno=$_POST[number]

But now i am getting messed up with if cust no not found then all i get
is a blank page but hoping for an error

because you get an empty result set if no match is found
so check it like

if ($row = mysql_fetch_array($result)) {
// ok, found
} else {
// not found, error
}

or whatever sql you use

hope that helps
Zoltán Németh


And i dont think i am comparing the db result with the $_POST correctly

Struggling here a bit :-(

Dave C

Stut wrote:
Dave Carrera wrote:
Hi All,

Having a grey brain moment here and need some advise on the logic of
this, should be simple, login script.

I am checking validity of

customer number
customer email
customer password (md5 in mysql)

So i have my form with relevant fields

Now i am getting problems with either sql or how i am handling , and
showing, and errors.....

I think what i am asking is this

If someone just hits the login button show error "All fields must be
entered"

If customer number dose not excist show relevant error

If customer number ok but email not show error

If customer number ok but email ok but password is not show error

If all is ok set sessions, got this ok, and proceed.

Any help with with this is very much appreciated.

Kind Regards

Dave C

I'm not totally clear what the question was in there. Personally I
keep this simple...

<?php
$_POST['number'] =
(isset($_POST['number']) ? trim($_POST['number']) : '');
$_POST['email'] =
(isset($_POST['email']) ? trim($_POST['email']) : '');

if (empty($_POST['number']) or
empty($_POST['email']) or
empty($_POST['password']))
{
die('All fields must be entered');
}

// Find the customer/user/whatever you need from the given details

if (<<not found>>)
{
die('Unable to locate customer/user/whatever');
}

// Set up the session here, or however you're tracking the
// current customer/user/whatever

header('Location: /somewhere_else');
?>

Hope that helps.

-Stut


.