Re: Login script login

"Richard Lynch" <ceo@xxxxxxxxx> · Fri, 2 Feb 2007 19:21:04 -0600 (CST)



On Fri, February 2, 2007 5:19 am, Dave Carrera wrote:
> Having a grey brain moment here and need some advise on the logic of
> this, should be simple, login script.
>
> I am checking validity of
>
> customer number
> customer email
> customer password (md5 in mysql)
>
> So i have my form with relevant fields
>
> Now i am getting problems with either sql or how i am handling , and
> showing, and errors.....
>
> I think what i am asking is this
>
> If someone just hits the login button show error "All fields must be
> entered"

$customer_number = (int) (isset($_POST['customer_number']) ?
$_POST['customer_number'] : 0);
$customer_email = isset($_POST['customer_email']) ?
$_POST['customer_email'] : '';
$customer_password = isset($_POST['customer_password']) ?
$_POST['customer_password'] : '';

if (!$customer_number || !strlen($customer_email) ||
!strlen($customer_password)){
  $messages[] = "All fields are required";
}
else{
  $customer_number_sql = mysql_real_escape_string($customer_number);
  $customer_email_sql = mysql_real_escape_string($customer_email);
  $customer_password_sql = mysql_real_escape_string($customer_password);
  $query = "select ";
  $query .= "   email = '$customer_email_sql' as email_ok
  $query .= ", password = md5('$customer_password_sql') as password_ok
  $query .= " FROM customer ";
  $query .= " WHERE customer_number = $customer_number_sql ";
  $customer_info = mysql_query($query) or die(mysql_error());
  if (!mysql_num_rows($customer_info)){
    $messages[] = "Invalid Customer Number";
  }
  else{
    list($email_ok, $password_ok) = mysql_fetch_row($customer_info);
    if (!$email_ok) $messages[] = "Invalid Email";
    elseif (!$password_ok) $messages[] = "Invalid Password";
  }
}
if count($messages)) echo "<div class=\"error"><p>",
implode("</p>\n<p>", $messages), "</p></div>\n";
else require 'proceed.inc';

-- 
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some starving artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php