Re: WAP login script in php
Its not a big problem. You will need to change field names accordingly in the first page which is a form and second processes the info. If every thing is correct and you succeeded, it creates another form and this field is validated in the admin.php page. And of course you can use $_SESSION's.
PHP Code:
// login.php
<?php
# Header Info
header('Content-Type: text/vnd.wap.wml', true);
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
# Version Type
print "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>";
# Import config file
include "/home/jamieb/private/conf.php";
# Connect to database
mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
<wml>
<!-- THIS IS THE LOGIN CARD -->
<card id="login" title="Login">
<p>
<do type="accept" label="Login">
<go href="process.php" method="post">
<postfield name="userName" value="$userName" />
<postfield name="password" value="$password" />
</go>
</do>
</p>
<p>
User Name: <input title="userName" name="userName" /> <br />
Password : <input title="password" name="password" type="password" /> <br />
</p>
</card>
</wml>
PHP Code:
// process.php
<?php
# Header Info
header('Content-Type: text/vnd.wap.wml', true);
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
# Version Type
print "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>";
# Import config file
include "/home/jamieb/private/conf.php";
# Connect to database
mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
# Verify the user
$sql = mysql_query("SELECT userName,nickName FROM table WHERE userName = '".strtolower($_POST['userName'])."' AND password = '".md5($_POST['password'])."'");
$row = mysql_num_rows($sql);
$login = mysql_fetch_array($sql);
$user = md5($login['userName']);
$nick = $login['nickName'];
if ($row == 0):
?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
<wml>
<card id="failed" title="Login Failed">
<p>
Sorry, username or password incorrect!
</p>
<p>
<anchor>Home
<go href="index.php#menu" />
</anchor>
<do type="prev" label="Back"><prev/></do></p>
</card>
</wml>
<?php
exit;
else:
?>
<!DOCTYPE wml PUBLIC "-//WAPFORUM//DTD WML 1.1//EN" "http://www.wapforum.org/DTD/wml_1.1.xml">
<wml>
<card id="success" title="Login Success">
<p>
<do type="accept" label="Admin">
<go href="admin.php" method="post">
<postfield name="session" value="<?php echo "$user"; ?>" />
</go>
</do>
</p>
<p>Welcome <?php echo "$nick"; ?>, please enter the admin area.</p>
</card>
</wml>
<?php
endif;
?>
Hope it works for you....
Re: WAP login script in php
Try this as well for login script:-
PHP Code:
<?php
/* $Id: login.php,v 1.1 2002/09/20 20:01:18 shaggy Exp $ */
if ($_SESSION['logged']) {
redirect('/user/');
}
require_once 'html_form.php';
$form = new Form(uri_self());
$form->addText('username', 'Username');
$form->addPassword('password', 'Password');
$form->addCheckbox('remember', 'Remember me');
$form->addSubmit('Log in');
$form->addRule('username', 'range:5:20', 'Enter your username, 5 - 20 characters.');
$form->addRule('password', 'range:5:20', 'Enter your password, 5 - 20 characters.');
$form->addFilter('_ALL_', 'db');
if ($form->valid()) {
$processed = $form->getProcessed();
$remember = $form->getValue('remember');
if (!isset($_SESSION['login'])) {
$_SESSION['login'] = 3;
} else {
if ($_SESSION['login'] <= 1) {
die('You cannot log in.');
}
}
if ($user->_checkLogin($processed['username'], $processed['password'], $remember)) {
if (isset($_SESSION['log_to'])) {
redirect($_SESSION['log_to']);
} else {
redirect('/user/');
}
} else {
failed($form);
}
} else {
begin_html();
$form->display();
}
function failed(&$form) {
begin_html();
echo "<p>You could not be logged in, $_SESSION[login] attempts left.</p>
<p>Possible reasons for this are:</p>
<ul>
<li>Your username and/or password is not correct.
Check your username and password and then try again.</li>
<li>You haven't" .
'<a href="/user/signup" title="Sign up for an account, it is free">
registered</a> yet</li>
<li>Your account is temporarily disabled.</li>
<li>You are trying to login simultaneously from two different computers or
two browsers on the same computer.</li>
</ul>';
$form->display();
}
?>
Re: WAP login script in php
To ensure that queries to the database are safe
Use $db->quote('value') where $db is a PEAR instance or if you are using native MySQL functions mysql_escape_string(). If you deal with numbers always cast them explicitely: $value = (int) $value.