On Jun 17, 2008, at 5:33 PM, R.C. wrote:
I'm going to ask you PHP gurus if someone can give me a hand in
trying to
get this resolved. I'm fairly new to PHP and learning as I go.
I've got two page "login.php" and video.php. Video.php is supposed
to be
protected i.e. if someone clicks on the direct link or brings up the
page in
a browser, it comes back with an error message and a request to link
to
"login.php"... they type in their username/pasword and it opens up the
video.php so they can download videos.
I actually managed to accomplish that with the following code which
sits at
the top of video.php. I also created a form on "login.php" for user
input.
So far so good. However, we also need an email to be sent to the
site owner
when someone logs in plus their name. For the hell of me, I can't
figure
out how to combine the two elements. I tried a lot of things sofar,
but
nothing works. It's either the page gets protected OR the email
gets sent,
depending on what I leave in the script. I tried using part of Jenny's
script which is great for email forms but I can't combine this whole
thing.
Heeeelp!!
/*this is the code that sits at the top of the protected page* which
works
actually fine for the protection*/
<?php
session_start();
$_SESSION ['username'] = $_POST ['user'];
$_SESSION ['userpass'] = $_POST ['pass'];
$_Session ['authuser'] = 0;
if (($_SESSION['username'] == 'logon') and
($_SESSION['userpass'] == 'password')) {
$_SESSION['authuser'] = 1;
} else {
echo "I'm sorry, access is denied <br />";
echo "Please log in at <a href='login.php'> HERE</a> to enter your
Username and Password";
exit();
}
Can this be done on one form i.e. login.php? I have 4 textfields
set up:
username, password, email, name (for the person sending the
email...)..
some if clause somewhere?
Best
R.C.
I think you're heading the right direction. I'd do something like
this...
<?php
// login.php
session_start();
if (isset ($_POST['confirm'])) {
if ($_POST['user'] != 'logon' || $_POST['pass'] != 'password') {
header ("location: login.php?code=i");
exit;
}
$_SESSION['username'] = $_POST['user'];
$_SESSION['userpass'] = $_POST['pass'];
$_SESSION['authuser'] = true;
header ("location: video.php");
exit;
} else {
unset ($_SESSION['authuser']);
}
?>
<html>
<?php if ($_GET['code'] == 'i') { ?>
<p>Invalid login. Please try again.</p>
<?php } ?>
<form action="login.php" method="post">
<!-- Other fields here -->
<input type="hidden" name="confirm" value="1" />
</form>
</html>
That's how you can start it. At the top of the login.php page, check
to see if the form has been submitted/post'ed. If it has, check for
the correct username and password. If fail, send back to the login
page with an error code - don't make the user click to go back to the
login. If success, THEN assign the session variables and redirect to
the video page.
Just a side note. Maybe this is just an example that you sent us, but
I would strongly recommend NOT using 'password' as the password. =D If
each user is going to have his/her own username/password, then I'd use
a database to store that info - that can be another thread or a search
of the archives. ;)
Hope that helps.
~Philip
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
