Specifications
return 0;
if (mysql_num_rows($result)>0)
return 1;
else
return 0;
}
As you can see, this function connects to the database and checks that there is a user with the
username and password combination supplied. It will return true if there is, or false if there is
not or if the user’s credentials could not be checked.
The check_valid_user() function does not connect to the database again, but instead just
checks that the user has a registered session, that is, that he has already logged in. This func-
tion is shown in Listing 24.13.
LISTING 24.13 The check_valid_user() Function from user_auth_fns.php—This Function
Checks That the User Has a Valid Session
function check_valid_user()
// see if somebody is logged in and notify them if not
{
global $valid_user;
if (session_is_registered(“valid_user”))
{
echo “Logged in as $valid_user.”;
echo “<br>”;
}
else
{
// they are not logged in
do_html_heading(“Problem:”);
echo “You are not logged in.<br>”;
do_html_url(“login.php”, “Login”);
do_html_footer();
exit;
}
}
If the user is not logged in, the function will tell him that he has to be logged in to see this
page, and give him a link to the login page.
Building User Authentication and Personalization
C
HAPTER 24
24
AUTHENTICATION
AND
PERSONALIZATION
517
LISTING 24.12 Continued
30 7842 ch24 3/6/01 3:34 PM Page 517