I'm a bit lost
I've got a journal of sorts on my site. Users with accounts can login and post away. What I wanted to do was this:
I added a new field called uid to the users table i have. I've then added in the member login name to that uid field. Since this resides inside of a members only section. This way in theory I can pull their uid using $REMOTE_USER.
I'm trying to make the login page where if they have a journal and their uid is filled in to match their $REMOTE_USER variable then it will auto log them into the journal using their journal username and password.
The issue I'm having is when I put my code in to pull that and check , it's just redirecting me right back to index.php and is considering me logged in as a visitor (the effect you get if you put nothing in for username OR password). Now if someone views the login.php page without having it match their $REMOTE_USER info to one in the table it shows them the normal login page with 2 empty text boxes so they could login.
I'm sure I'm missing somewhere simple but the more i look at it over and over the less I can tell.
Thanks for any insight
<?php
ini_set("register_globals", 1);
include("settings.php");
include("inc.functions.php");
$autolog=mysql_query("SELECT `id`,`uid`,`password` FROM $tb_user WHERE uid
= '$REMOTE_USER'") or die(mysql_error());
while($array = mysql_fetch_array($autolog,MYSQL_ASSOC))
$pwd=$autolog["password"];
$user=$autolog["id"];
$login='login';
}
if(isset($login)){
$query=mysql_query("SELECT * FROM $tb_user WHERE id='$user'") or die(mysql_error());
$tq++;
while($array = mysql_fetch_array($query,MYSQL_ASSOC)) {
$session["password"]=$array["password"];
$session["aid"]=$array["id"];
$session["unique"]=$unique;
}
if(empty($session["user"])){
header("Location: login.php?error=1");
}
if($pwd==$session["password"]){
@session_start();
session_register("aid","password","uniqu
$aid=$session["aid"];
$uniqueid=$session["unique"];
$password=$pwd;
header("Location: index.php");
exit;
} else {
header("Location: login.php?error=2");
exit;
}
}
if(isset($error)) {
if($error==1){
echo "<p>Login Failed<br>Wrong Username";
}
if($error==2){
echo "<p>Login Failed<br>Wrong Password";
}
}
$body = <<<EOV
<form method=post>
<p>Username: <input class=box type="text" name="user">
<br>Password: <input class=box type="password" name="pwd">
<br><input class=box type="submit" name="login"
value="Login">
</p>
</form>
EOV;
$body="$body user=$id, remote_user=$REMOTE_USER";
$stitle .= " - Logging In...";
include("inc.template.php");
?>
