Try changing
if(!isset($_COOKIE(user_id)))
to
if(!isset($_COOKIE['user_id']))
^^ ^^
$_COOKIE is an associative array.
codaddict
2010-10-08 07:11:03
+2
A:
Thanks codaddict i was so frustrated i left out the simplest of stuff-the syntax.
vasanth_bruce
2010-10-08 07:13:48
A:
I've tidied up your code here:
<?php
//CLEAR THE ERROR MESSAGE
$error_msg = '';
//CHECK TO SEE IF COOKIE IS SET
if ( ! isset($_COOKIE['user_id']))
{
$output_form = TRUE;
if (isset($_POST['login_submit']))
{
//GRAB DATA
$user_name = $_POST['user_name'];
$user_password = $_POST['user_pwd'];
if ( ! empty($user_name) && ! empty($user_password))
{
//DATABASE CONNECTION VARIABLE
$dbc = mysqli_connect('localhost','root','','mismatch') or die('Error Connecting To Database');
//QUERY VARIABLE
$query = 'SELECT id FROM `user` WHERE user_name = \''.mysql_real_escape_string($user_name).'\' and user_password = \''.sha($user_password).'\'';
//ESTABLISHING CONNECTION
$result = mysqli_query($dbc,$query) or die('Error Querying Database');
if (mysql_num_rows($result)) {
$row = mysql_fetch_assoc($result);
//SET COOKIE
setcookie('user_name', $user_name);
setcookie('user_id', $row['id']);
header('Location: /index.php');
die();
}
else {
$error_msg = 'Please type both user name and password correctly to login';
}
//TERMINATING CONNECTION
mysqli_close($dbc);
}
else {
$error_msg = 'Please type both user name and password correctly to login';
}
}
else {
header('Location: /register.php');
die();
}
}
if ($output_form)
{
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>Mismatch - Log In</title>
<link rel="stylesheet" href="stylesheets/style.css" media="all" />
</head>
<body class="body_style">
<?php
echo '<label class="signin_label">'.$error_msg.'</label>';
?>
<h2>Mismatch - Where Matches Happen...</h2>
<fieldset>
<legend>Mismatch - Log In</legend>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>"><!--Self Referencing Form-->
<label class="signin_label">USER NAME</label>
<input type="text" name="user_name" title="Enter Your Account User Name" class="signin_textbox" value="<?php if(!empty($_POST['user_name'])) echo $_POST['user_name']; ?>" /><br />
<label class="signin_label">PASSWORD</label>
<input type="password" name="user_pwd" title="Enter Your Account Password" class="signin_textbox" value="" /><br />
</fieldset>
<input type="submit" name="login_submit" title="Click To Log In" value="Log In" class="button" />
</body>
</html>
<?php
}
?>
Some problems I can remember finding:
$_COOKIE(user_id)instead of$_COOKIE['user_id']- No escaping on MySQL input
- Big problem with your
while()clause. I've replaced this with anifandmysql_fetch_assoc() - SQL queries said
formnotFROM
There were some others too that I've probably forgotten about.
Enjoy!
chigley
2010-10-08 07:23:15
@vasanth_bruce - can I ask why you initially accepted my answer, but have now accepted to a less specific answer? Just wondering...
chigley
2010-10-08 15:22:24