Jump to content
Larry Ullman's Book Forums

Recommended Posts

<?php 

// This page defines two functions used by the login/logout process.

 

/* This function determines an absolute URL and redirects the user there.

 * The function takes one argument: the page to be redirected to.

 * The argument defaults to index.php.

 */

function redirect_user ($page = 'index.php') {

$url = 'http://' . $_SERVER['localhost'] . mecicalcenter($_SERVER['PHP_SELF']);

 

// Remove any trailing slashes:

$url = rtrim($url, '/\\');

 

// Add the page:

$url .= '/' . $page;

 

// Redirect the user:

header("Location: $url");

exit(); // Quit the script.

 

} // End of redirect_user() function.

 

 

/* This function validates the form data (the email address and password).

 * If both are present, the database is queried.

 * The function requires a database connection.

 * The function returns an array of information, including:

 * - a TRUE/FALSE variable indicating success

 * - an array of either errors or the database result

 */

function check_login($dbc, $login = '', $pass = '') {

 

$errors = array(); // Initialize error array.

 

// Validate the login:

if (empty($login)) {

$errors[] = 'You forgot to enter your login.';

} else {

$lgn = mysqli_real_escape_string($dbc,trim($login));

}

 

// Validate the password:

if (empty($pass)) {

$errors[] = 'You forgot to enter your password.';

} else {

$p = mysqli_real_escape_string($dbc, trim($pass));

}

 

if (empty($errors)) { // If everything's OK.

 

// Retrieve the user_id and first_name for that email/password combination:

$q = "SELECT PatientId ,firstN FROM patient WHERE login = '$lgn' AND pass = SHA1('$p')";

$r = @mysqli_query ($dbc, $q); // Run the query.

 

// Check the result:

if (mysqli_num_rows($r) == 1) {

 

// Fetch the record:

$row = mysqli_fetch_array ($r, MYSQLI_ASSOC);

 

// Return true and the record:

return array(true, $row);

 

} else { // Not a match!

$errors[] = 'The login and password entered do not match those on file.';

}

 

} // End of empty($errors) IF.

 

// Return false and the errors:

return array(false, $errors);

 

} // End of check_login() function.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...