Hello, I am happy I found this forum as I need a little help.
I am trying to create a page on my server that needs authentication (user/pass) to access but I want it so that a person can only access the page one time with a user/pass combo. I already set up the database with a test username and password but can not seem to get a snippet of code I found to work properly. I am not fluent in php but know a little bit, hopefully enough to complete this.
I think my two options are to delete the username and password from the database once it is used successfully or add a true/false field that changes to false once they access the page and if they ever need access again I can just change the user/pass back to true.
Here is my code so far, I am basically able to enter the username and password and when I submit it is just taking me back to the username and password screen again and not to the page that has the link to download.
[php]<?php require_once('rsLogin.php');?>
<?php // *** Validate request to login to this site. session_start(); $loginFormAction = $_SERVER['PHP_SELF']; if (isset($accesscheck)) { $GLOBALS['PrevUrl'] = $accesscheck; session_register('PrevUrl'); } if (isset($_POST['submit'])) { $loginUsername=$_POST['username']; $password=$_POST['password']; $MM_fldUserAuthorization = ""; $MM_redirectLoginSuccess = "salesgame/test.html"; $MM_redirectLoginFailed = "http://www.google.com"; $MM_redirecttoReferrer = false; mysql_select_db($database_rsLogin.php, $rsLogin.php); $LoginRS__query=sprintf("SELECT username, password FROM login WHERE username='%s' AND password='%s'", get_magic_quotes_gpc()? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc()? $password : addslashes($password)); $LoginRS = mysql_query($LoginRS__query, $rsLogin.php) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = ""; $RemoveRS__query=sprintf("DELETE FROM login WHERE username='%s' AND password='%s' LIMIT 1", get_magic_quotes_gpc()? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc()? $password : addslashes($password)); mysql_query($RemoveRS__query, $rsLogin.php) or die(mysql_error()); //declare two session variables and assign them $GLOBALS['MM_Username'] = $loginUsername; $GLOBALS['MM_UserGroup'] = $loginStrGroup; //register the session variables session_register("MM_Username"); session_register("MM_UserGroup"); if (isset($_SESSION['PrevUrl']) && false) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); } } ?> [/php][php]
Download Sales Game for Parisi Speed Schoolusername
password
[/php]
[php]<?php
$host=“myhost”;
$username=“myusername”;
$password=“mypassword”;
$db_name=“mydbname”;
mysql_connect("$host", “$username”, “$password”)or die(“cannot connect to server”);
mysql_select_db("$db_name")or die(“cannot select db”);
?>[/php]