Home arrow PHP arrow Page 3 - Application Framework Components: Login/Logout

Setting up the SQL Query - PHP

The first of the Framework components that we are going to be looking at is central authorization. This component contains two classes, the login and logout classes. Not only do these classes log a user in and out, they also record the times and dates that a user logged in and logged out.

TABLE OF CONTENTS:
  1. Application Framework Components: Login/Logout
  2. Login Class Functions
  3. Setting up the SQL Query
  4. The Remaining Login Class Functions
By: Chris Neeman
Rating: starstarstarstarstar / 10
September 04, 2007

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement

Once we are successfully connected to the database, we continue to set up the SQL query. The query checks for two things. First, it checks to see if the email address that the user passed exists in the database, and then it checks to see if that account is active. So even if the email address exists, but the account is inactive, the function would return a error:

//see if the user password and email is in the table
$query ="SELECT uid, upass,CONCAT(name,' ',sname) as
name,access_level,depid FROM ".$this->dbtbl." WHERE email =
'".$this->email."'";
$query .="AND isActive = '1'";

The query is then executed:

$result =$dbcon->a_query($query);

If the result of the query is false, the user was not found in the database, so we set the login status to false:

//set the authorization status accordingly
if(!$result){
 
$this->loginstatus=FALSE;

If the result of the query is true, then the user does have an active account in the database. We then continue to further authenticate the user by comparing the user-submitted password with the one retrieved from the database:

}else {
 
$row=$result->fetchrow();
 
//compare user submitted password with the one from the database:
 
if($this->password == $row->upass){

If the two passwords are the same, then we assign the database-retrieved information to some of the global variables declared earlier:

  $this->userid=$row->uid;
  $this->uname = $row->name;
  $this->access =$row->access_level;
  $this->did =$row->depid;
  $this->em=$email;
  //$this->email=$row->email;
  $this->loginstatus=TRUE;
}

If the passwords don't match, then the appropriate error is shown and the database connect is terminated:

    else{
     
$this->err=$dbcon->showerror();
     
$this->loginstatus=FALSE;
    }//password check
  }
  $dbcon->disconnect();
  return $this->loginstatus;
}



 
 
>>> More PHP Articles          >>> More By Chris Neeman
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

PHP ARTICLES

- Hackers Compromise PHP Sites to Launch Attac...
- Red Hat, Zend Form OpenShift PaaS Alliance
- PHP IDE News
- BCD, Zend Extend PHP Partnership
- PHP FAQ Highlight
- PHP Creator Didn't Set Out to Create a Langu...
- PHP Trends Revealed in Zend Study
- PHP: Best Methods for Running Scheduled Jobs
- PHP Array Functions: array_change_key_case
- PHP array_combine Function
- PHP array_chunk Function
- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: