[classifieds100]

Hi,

I need a little help to create a PHP login script that check for 3 values in a database
and allow someone to login if all 3 values are true. I'm a beginer so please any help is
appreciated. I have this code here and the tables of my database that has the information
that I need the login script to check. The 3 values I want the script to check are
username, password, software status. If username and password are correct but the software status
is "OFF" then the user should NOT be able to login. Software status must be "ON" and username and
password correct to allow user to login. The username is the "email" of the user, the password is the
"custkey" and the ON/OFF status is the "software_status".

Code:

TABLE `customers` (
  `customerid` int(7) NOT NULL auto_increment,
  `software_name` varchar(65) NOT NULL default '',
  `date` date NOT NULL default '0000-00-00',
  `name` varchar(65) NOT NULL default '',
  `city` varchar(50) NOT NULL default '',
  `country` varchar(60) NOT NULL default '',
  `email` varchar(120) NOT NULL default '',
  `custkey` varchar(32) NOT NULL default '',
  `note` varchar(200) NOT NULL default '',
  `times_accessed` int(7) NOT NULL default '0',
  `check_frequency` int(7) NOT NULL default '24',
  `last_accessed` date NOT NULL default '0000-00-00',
  `expiry_date` date NOT NULL default '0000-00-00',
  `software_status` char(3) NOT NULL default 'ON',
  `urls_allowed` int(7) NOT NULL default '4',
  PRIMARY KEY  (`customerid`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=122 ;

PHP Code:

<?php



// Connects to your Database 

mysql_connect("localhost", "username", "password") or die(mysql_error()); 

mysql_select_db("Database_Name") or die(mysql_error()); 





//Checks if there is a login cookie



if(isset($_COOKIE['ID_my_site']))





//if there is, it logs you in and directes you to the members page

{ 

    $username = $_COOKIE['ID_my_site']; 

    $pass = $_COOKIE['Key_my_site'];

    

    $check = mysql_query("SELECT * FROM customers WHERE username = '$email'")or die(mysql_error());



    while($info = mysql_fetch_array( $check ))     

        {



        if ($pass != $info['custkey']) 

            {

            

            }



        else

            {

            header("Location: customers.php");



            }



        }



}





//if the login form is submitted



if (isset($_POST['submit'])) { // if form has been submitted





// makes sure they filled it in



    if(!$_POST['username'] | !$_POST['pass']) {

        die('You did not fill in a required field.');

    }



    // checks it against the database



    if (!get_magic_quotes_gpc()) {

        $_POST['email'] = addslashes($_POST['email']);

    }



    $check = mysql_query("SELECT * FROM customers WHERE email = '".$_POST['username']."'")or die(mysql_error());



//Gives error if user dosen't exist



$check2 = mysql_num_rows($check);

if ($check2 == 0) {

        die('User does not exist in our database.');

                }





while($info = mysql_fetch_array( $check ))     

{



$_POST['pass'] = stripslashes($_POST['pass']);

    $info['password'] = stripslashes($info['password']);

    $_POST['pass'] = ($_POST['pass']);



//gives error if the password is wrong



    if ($_POST['pass'] != $info['password']) {

        die('Incorrect password, please try again.');

    }



else

{

// if login is ok then we add a cookie 

    

$_POST['username'] = stripslashes($_POST['username']);

    



$hour = time() + 3600; 

setcookie(ID_my_site, $_POST['username'], $hour);

setcookie(Key_my_site, $_POST['pass'], $hour);    



//then redirect them to the members area

header("Location: customers.php");

}



}



} else {    



// if they are not logged in

?>



<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">

<table border="0">

<tr><td colspan=2><h1>Login</h1></td></tr>

<tr><td>Username:</td><td>

<input type="text" name="username" maxlength="40">

</td></tr>

<tr><td>Password:</td><td>

<input type="password" name="pass" maxlength="50">

</td></tr>

<tr><td colspan="2" align="right">

<input type="submit" name="submit" value="Login">

</td></tr>

</table>

</form>

<?php

}





?>

I don't know if I get the code correct so far. But what I mostly need is a piece of code that
check the status ON or OFF to let someone in or not.

Thanks in Advance.

[nova912]

SELECT * FROM [table] WHERE username="[input]" && email="[input]" && [field] = [var]" etc you see what im getting at. Then test the result from the query to see if it returned >1 rows. If there is a row returned the authentication is valid if not the person entered in the wrong information.

[classifieds100]

Quote:

Originally Posted by nova912

SELECT * FROM [table] WHERE username="[input]" && email="[input]" && [field] = [var]" etc you see what im getting at. Then test the result from the query to see if it returned >1 rows. If there is a row returned the authentication is valid if not the person entered in the wrong information.

Thanks for reply and help.

Regards