0

Basically I need some serious help on this one, last one. I am really confused.
How can I get my yearofbirth, month of birth and day of birth from my login page, with only having Username/Password as login??

Just basically, creating a

$_SESSION = ['age'] = The age of the user( after getting the ifnromation from $yearofbirth, $monthofbrith, $dayofbrtih from the database;

calculating it from the current year???I am so confused...Thanks :(

So i have a form.

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<?php


include('functions.php');
write_head("Login Page", "newCSS");

?>
<body>

<div id    ="body"    >
<div id    ='sidebar' > <form method='post' action='login.php'>
<label for = 'username'> Username:</label>
<input name='username' id='username'/><br/>  
<label for = 'password'>Password:</label>
<input name='password' id='password'/><br/>
<input type='submit'  value='Log in' /></form>
<!--end of login page -->
</div>

</body>
</html>
<?php
//prevent sql injesctions
session_start();
error_reporting (E_ALL ^ E_NOTICE);
// for error handling
ini_set('session.bug_compat_42',0);
ini_set('session.bug_compat_warn',0);

$uname 	= $_POST["username"];
$pword 	= $_POST["password"];
$ybirth = $_POST["yearofbirth"];
$num_rows = 0;
$errorMessage = "";
$uname  = htmlspecialchars($uname);
$pword  = htmlspecialchars($pword);
$ybirth = htmlspecialchars($ybirth);




if(!ctype_alnum($uname))
{
    echo "ERROR: Input contains characters other than letters and numbers.";
}



$conn = mysql_connect("localhost", "root", "") or die("cannot connect"); 
mysql_select_db("") or die (mysql_error());





$sql = ("SELECT * FROM sc_users WHERE username = '$uname' and password = '$pword' and yearofbirth='$ybirth'");
$result = mysql_query ($sql);



if($result) 
{
}
else 
{
$errorMessage = "Error logging on";
}



 
 if(mysql_num_rows($result)==0)
{
    echo "ERROR - No mactching rows from the database!<br/>";
}
else
{
	$sql_check = "SELECT * FROM sc_users WHERE (username = '$uname' and password='$pword' AND isadmin= 1)";
	$sql_result = mysql_query($sql_check) or die(mysql_error());
	
	if(mysql_num_rows($sql_result)==0)
	{	
		$_SESSION['gatekeeper'] = $_POST["username"];
		$_SESSION['agez'] = $_POST["yearofbirth"];
		header("Location: mainpage.php");
	}
	else
	{
	$_SESSION['gatekeeper'] = $_POST["username"];
	$_SESSION['admin']      = $_POST["username"];
	$_SESSION['agez'] = $_POST["yearofbirth"];
		header("Location: newfilm.php");
	}
	

   
    // Redirect to the main menu
    
	$errorMessage = "logged on";
	
}
 mysql_close($conn);

?>

Edited by SQLpower: n/a

2
Contributors
1
Reply
3
Views
5 Years
Discussion Span
Last Post by simplypixie
0

You can't get it from your login page - you need to retrieve it from the database once they have logged in correctly. Everything in your code is relying on the user inputting their year of birth in the login form and posting it through.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.