[PHP] Login Script and Global Registering Things

Master Mark Wed, 23 Jul 2003 20:56:59 -0700

Hay people.

This is my code below ...


<?php

require"config.php";

// IS THERE A USERNAME AND PASSWORD?

 if (!$siteUserName || !$sitePassword) {
 
  // NO INFO FOUND!
  
  header("Location: /undercover.php?startWeb=error_401&sid=$siteSession");
  end;
 
 } else {
 
  //CHECK IF USER AND PASS MATCH.
  
  $siteMdPassword = md5("$sitePassword");
  
  $sql = "SELECT * FROM members WHERE mUserName='$siteUserName' AND 
mPassWord='$siteMdPassword'";
    $sql_result = mysql_query($sql, $connection) or die ("Could not get Query"); 
  
  $row = mysql_fetch_array($sql_result);
     $num = mysql_num_rows($sql_result);
  
  $mActive = $row["mActive"];
  
   if ($num == 1 AND $mActive == "Y") {
   
    // PROCESS LOGIN & RETURN!

     $logoncheck=$logoncode;

     $siteUserId = $row["mUserId"]; 
     $siteAccessLevel = $row["mAccessLevel"];

     session_name('crushme');
     session_register('siteUserId','siteUserName','logoncheck','siteAccessLevel'); 

     $proxy_ip=$HTTP_X_FORWARDED_FOR;
     $proxy_dns=gethostbyaddr($proxy_ip);

     header("Location: /undercover.php?startWeb=mainpage&sid=$siteSession");
     exit;
     
   } else {

    // USER NOT LOGED IN.
    
     header("Location: /undercover.php?startWeb=error_401&sid=$siteSession");
     exit;

   }

 
 } // END


?>


I have been using this for ages, but would like to know if there is a better way to 
process a login ...

Is HTTP auth better than HTML?

/ Mark

[PHP] Login Script and Global Registering Things

Reply via email to