1. Zuhause
  2. Frage und Antwort
  3. Überprüfen des Benutzerstatus vor dem Anmelden

Überprüfen des Benutzerstatus vor dem Anmelden

2017-05-05 4 views
-1

Ich habe seit Stunden damit beschäftigt, den Benutzerstatus zu überprüfen (aktiv, inaktiv, gesperrt, gesperrt usw.), bevor er sich in seinem Konto anmelden kann, aber nichts scheint zu funktionieren.Überprüfen des Benutzerstatus vor dem Anmelden

Unten ist der Code dafür.

<?php 

if (!defined('included')){ 
die('You cannot access this file directly!'); 
} 

//log user in --------------------------------------------------- 
function login($user, $pass){ 

    //strip all tags from varible 

    $user = strip_tags(mysql_real_escape_string($user)); 
    $pass = strip_tags(mysql_real_escape_string($pass)); 
    $status = 'active'; 
    $salt = sha1('_wchs2242%..father%/**...mygreenparrot_password&username\--\__/heelo"@@@@@@.'); 
    $password = md5($pass.$salt); 


    //$pass = md5($pass); 

    // check if the user id and password combination exist in database 
    $sql = "SELECT * FROM panel_users WHERE username = '$user' AND password = '$password' "; 
    $result = mysql_query($sql) or die('Query failed. ' . mysql_error()); 


    if (mysql_num_rows($result) == 1) { 

     // the username and password match, 
     // set the session 
     $_SESSION['authorized'] = true; 
     $_SESSION['user'] = $user; 


     // direct to admin 
     header('Location: '.DIRADMIN); 
     exit(); 
    } else { 
    $cs = mysql_fetch_array($result); 
    $sta = $cs['status']; 
     if($sta == 'suspended'){ 
      $_SESSION['sus'] = 'Your account is being suspended'; 
     } 
     elseif($sta == "inactive"){ 
      $_SESSION['ina'] = 'You\'re not yet authorized.'; 
     }else{ 
    // define an error message 
    $_SESSION['error'] = 'Sorry, wrong username or password'; 
     } 
    } 
} 

// Authentication 
function logged_in() { 
    if($_SESSION['authorized'] == true) { 
     return true; 
    } else { 
     return false; 
    } 
} 

function login_required() { 
    if(logged_in()) { 
     return true; 
    } else { 
     header('Location: '.DIRADMIN.'login'); 
     exit(); 
    } 
} 

function logout(){ 
    unset($_SESSION['authorized']); 
    header('Location: '.SITEDIR.'login'); 
    exit(); 
} 

// Render error messages 
function messages() { 
    $message = ''; 
    if($_SESSION['success'] != '') { 
     $message = '<div class="alert-success">'.$_SESSION['success'].'</div>'; 
     $_SESSION['success'] = ''; 
    } 
    if($_SESSION['error'] != '') { 
     $message = '<div class="alert-warning">'.$_SESSION['error'].'</div>'; 
     $_SESSION['error'] = ''; 
    } 
    if($_SESSION['sus'] != '') { 
     $message = '<div class="alert-warning">'.$_SESSION['sus'].'</div>'; 
     $_SESSION['sus'] = ''; 
    } 
    if($_SESSION['ina'] != '') { 
     $message = '<div class="alert-warning">'.$_SESSION['ina'].'</div>'; 
     $_SESSION['ina'] = ''; 
    } 


    echo "$message"; 
} 

function errors($error){ 
    if (!empty($error)) 
    { 
      $i = 0; 
      while ($i < count($error)){ 
      $showError.= "<div class=\"msg-error\">".$error[$i]."</div>"; 
      $i ++;} 
      echo $showError; 
    }// close if empty errors 
} // close function 


?>

Jeder mit einer Idee von dem, was ich falsch machen könnte?

Quelle

2017-05-05 Fagbemi Ayodele

Antwort

0

$result containt Zeilen nur, wenn der Benutzername und das Passwort sonst $result Spiele wird es Contans NULL so dass jedes Mal if (mysql_num_rows($result) == 1) {}else{} else {} funktioniert nicht und macht Fehler, denke ich. also versuchen Sie diesen Code

if (mysql_num_rows($result) == 1) { 
    // if the username and login match 
    // so here we check the status before granting the user access 
    $cs = mysql_fetch_array($result); 
    $sta = $cs['status']; 
    if($sta == 'suspended'){ 
     $_SESSION['sus'] = 'Your account is being suspended'; 
    }elseif($sta == "inactive"){ 
     $_SESSION['ina'] = 'You\'re not yet authorized.'; 
    }else{ 
     // the username and password match, 
     // set the session 
     $_SESSION['authorized'] = true; 
     $_SESSION['user'] = $user; 
     // direct to admin 
     header('Location: '.DIRADMIN); 
    } 
    exit(); 
} else { 
    // define an error message 
    // if username and password don't match 
    $_SESSION['error'] = 'Sorry, wrong username or password'; 
}

Quelle

2017-05-06 00:00:53

+0

Danke. Es funktionierte!! Ich schätze deine Zeit. –

Verwandte Themen

 Verwandte Themen