Specifications
LISTING 28.3 Continued
// need to process log in or out requests before anything else
if($email&&$password)
{
$login = login($email, $password);
if($login == ‘admin’)
{
$status .= “<p><b>”.get_real_name($email).”</b> logged in”
.” successfully as <b>Administrator</b><br><br><br><br><br>”;
$admin_user = $email;
session_register(“admin_user”);
}
else if($login == ‘normal’)
{
$status .= “<p><b>”.get_real_name($email).”</b> logged in”
.” successfully.<br><br>”;
$normal_user = $email;
session_register(“normal_user”);
}
else
{
$status .= “<p>Sorry, we could not log you in with that
email address and password.<br>”;
}
}
As you can see, we first try to log them in using the login() function from the
user_auth_fns.php library. This is slightly different from the login functions we have used else-
where, so we’ll take a look at it. The code for this function is shown in Listing 28.4.
LISTING 28.4 login() Function from user_auth_fns.php—This Function Checks a User’s
Login Details
function login($email, $password)
// check username and password with db
// if yes, return login type
// else return false
{
// connect to db
$conn = db_connect();
if (!$conn)
return 0;
$query = “select admin from subscribers
where email=’$email’
and password = password(‘$password’)”;
Building Practical PHP and MySQL Projects
P
ART V
676
34 7842 CH28 3/6/01 3:46 PM Page 676