Got the code below for a login form to check that users dont miss a field and then to check wether or not the data user and pass fields match what is in the database but i cant seem to structure my if, elseif, else statements correctly
<?php
/**
* Checks to see if the user has submitted his
* username and password through the login form,
* if so, checks authenticity in database and
* creates session.
*/
if(isset($_POST['sublogin'])){
$_POST['user'] = trim($_POST['user']);
/* Check that all fields were typed in */
if(!$_POST['user'] || !$_POST['pass']){
echo "<p>Missed a field</p>";
}
elseif(strlen($_POST['user']) > 30){
echo "<p>Sorry too long</p>";
}
/* Checks that username is in database and password is correct */
$md5pass = md5($_POST['pass']);
$result = confirmUser($_POST['user'], $md5pass);
/* Check error codes */
elseif($result == 1){
die('That username doesn\'t exist in our database.');
}
elseif($result == 2){
die('Incorrect password, please try again.');
}
else{
/* Username and password correct, register session variables */
$_POST['user'] = stripslashes($_POST['user']);
$_SESSION['username'] = $_POST['user'];
$_SESSION['password'] = $md5pass;
/**
* This is the cool part: the user has requested that we remember that
* he's logged in, so we set two cookies. One to hold his username,
* and one to hold his md5 encrypted password. We set them both to
* expire in 100 days. Now, next time he comes to our site, we will
* log him in automatically.
*/
if(isset($_POST['remember'])){
setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
}
}
/* Quick self-redirect to avoid resending data on refresh */
echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">";
return;
}
/* Sets the value of the logged_in variable, which can be used in your code */
$logged_in = checkLogin();
?>