Location: PHPKode > projects > PHP Trivia > php-trivia/login.php
<?php
// ***************************************************************************
// *
// * PHP Dynamic Trivia -- Add your own trivia file.
// * Copyright (C) 2005  Robin van de Vusse (hide@address.com)
// * 
// * This program is free software; you can redistribute it and/or
// * modify it under the terms of the GNU General Public License
// * as published by the Free Software Foundation; either version 2
// * of the License, or (at your option) any later version.
// * 
// * This program is distributed in the hope that it will be useful,
// * but WITHOUT ANY WARRANTY; without even the implied warranty of
// * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// * GNU General Public License for more details.
// * 
// * You should have received a copy of the GNU General Public License
// * along with this program; if not, write to the Free Software
// * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
// *
// ***************************************************************************
require_once "config.php";

if (strlen(trim($strSessionPath)) > 0)
	session_save_path($strSessionPath);

session_start();

$intUserNumber = 0;
$strName = "";
$strPassword = "";
$boolError = false;
$strTempDBInfo = "";

if (empty($HTTP_POST_VARS['name']))
{
	$_SESSION['usernumber'] = 0;
	$_SESSION['name'] = "";
	$_SESSION['message'] = "No user name was specified.";
	$boolError = true;
}
else
{
	$strName = $HTTP_POST_VARS['name'];
	$strPassword = $HTTP_POST_VARS['password'];
}

if (!$boolError)
{
	$strTempDBInfo =  DBTYPE."_pconnect";
	$conn = $strTempDBInfo($DB_HOST,$DB_USER,$DB_PASS);
}

if (!$boolError && !$conn)
{
	$_SESSION['usernumber'] = 0;
	$_SESSION['name'] = "";
	$strTempDBInfo =  DBTYPE."_error";
	$_SESSION['message'] = "Unable to connect to DB server: " . $strTempDBInfo($conn);
	$boolError = true;
}

$strTempDBInfo = DBTYPE."_select_db";

if (!$boolError && (!$strTempDBInfo($DB_NAME)))
{
	$_SESSION['usernumber'] = 0;
	$_SESSION['name'] = "";
	$strTempDBInfo = DBTYPE."_error";
	$_SESSION['message'] = "Unable to select DB name: " . $strTempDBInfo($conn);
	$boolError = true;   		
}

if (!$boolError)
{
	$sql =	"SELECT UserNumber, UserName FROM login " .
		"WHERE UserName = '$strName' AND UserPassword = '$strPassword'";
	
	$strTempDBInfo = DBTYPE."_query";
	$result = $strTempDBInfo($sql);
	
	if (!$result) 
	{
		$_SESSION['usernumber'] = 0;
		$_SESSION['name'] = "";
		$strTempDBInfo = DBTYPE."_error";
		$_SESSION['message'] = "Could not successfully run query ($sql) from DB: " . $strTempDBInfo($conn);
		$boolError = true;   		
	}
}

if (!$boolError)
{	
	$strTempDBInfo = DBTYPE."_num_rows";
	
	if ($strTempDBInfo($result) == 0)
	{
		$_SESSION['usernumber'] = 0;
		$_SESSION['name'] = "";
		$_SESSION['message'] = "User not found.";
		$boolError = true;
	}
	else
	{
		$strTempDBInfo = DBTYPE."_fetch_assoc";
		$row = $strTempDBInfo($result);			
		
		$_SESSION['usernumber'] = $row['UserNumber'];
		$_SESSION['name'] = $row['UserName'];

		//Updte UserLastIP here
		$strUserLastIP = $_SERVER['REMOTE_ADDR'];		
		$sql =	"UPDATE login SET UserLastIP = '$strUserLastIP' " .
			"WHERE UserName = '".$row['UserName']."'";

		$strTempDBInfo = DBTYPE."_query";
		$result = $strTempDBInfo($sql);
	
		if (!$result) 
		{
			$strTempDBInfo = DBTYPE."_error";
			$strMessage = "Could not successfully run query ($sql) from DB: " . $strTempDBInfo($conn);
			$boolError = true;   		
		}
		else
		{
			$_SESSION['message'] = "";
			$boolError = false;	
		}
	}
}

if ($boolError)
{
	header("Location: index.php");
}
else
{
	header("Location: main.php"); 	
}
?>
Return current item: PHP Trivia