Hello- I have this custom code for a login for our WordPress site and there is a short code calling in on the page; a few days ago I noticed the code was duplicating on the page, not sure why. result of page attached. Thank you for your help.
PHP:
ob_start();
function member_login_form() {
global $wpdb;
if(isset($_POST['btn_login'])){
$userEmail = $_POST['user_email'];
$userPass = $_POST['user_pass'];
//matching with the new record
$resultNew = $wpdb->get_results( "SELECT * FROM `wp_custom_members` WHERE `user_ID` = '$userEmail' AND `password` = '$userPass'");
if($resultNew){
//start a session if not started yet
// if (session_status() == PHP_SESSION_NONE) {
// session_start();
// }
// start a session... code added 27-sep-2021 by galib
foreach($resultNew as $userData){
$compName = $userData->company_name;
$compType = $userData->company_type;
$accessLvl = $userData->access_level;
$accessCode = $userData->access_code;
$newUserId = $userData->user_ID;
$newPass = $userData->password;
$compId = $userData->company_id;
$firstName = $userData->first_name;
$lastName = $userData->last_name;
if($accessLvl == 'E'){
$levelTxt = 'Employee';
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
$_SESSION["authKey"] = $newUserId;
$_SESSION["authLevel"] = $accessLvl;
$_SESSION["comp_name"] = $compName;
$_SESSION["comp_type"] = $compType;
$_SESSION["comp_id"] = $compId;
$_SESSION["first_name"] = $firstName;
$_SESSION["last_name"] = $lastName;
$_SESSION["acc_code"] = $accessCode;
header('Location: /welcome-employees?aid='.$accessCode); //changed
exit();
}
else if($accessLvl == 'S' && $compType == 'M'){
$levelTxt = 'Stock Holder';
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
$_SESSION["authKey"] = $newUserId;
$_SESSION["authLevel"] = $accessLvl;
$_SESSION["comp_name"] = $compName;
$_SESSION["comp_type"] = $compType;
$_SESSION["comp_id"] = $compId;
$_SESSION["first_name"] = $firstName;
$_SESSION["last_name"] = $lastName;
$_SESSION["acc_code"] = $accessCode;
header('Location: /members-shareholders?aid='.$accessCode);
exit();
}
else if($accessLvl == 'G' && $compType == 'M' ){
$levelTxt = 'Generic';
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
$_SESSION["authKey"] = $newUserId;
$_SESSION["authLevel"] = $accessLvl;
$_SESSION["comp_name"] = $compName;
$_SESSION["comp_type"] = $compType;
$_SESSION["comp_id"] = $compId;
$_SESSION["first_name"] = $firstName;
$_SESSION["last_name"] = $lastName;
$_SESSION["acc_code"] = $accessCode;
header('Location: /member-general?aid='.$accessCode); //changed
exit();
}
else if($accessLvl == 'G' && $compType == 'V' ){
$levelTxt = 'Generic';
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
$_SESSION["authKey"] = $newUserId;
$_SESSION["authLevel"] = $accessLvl;
$_SESSION["comp_name"] = $compName;
$_SESSION["comp_type"] = $compType;
$_SESSION["comp_id"] = $compId;
$_SESSION["first_name"] = $firstName;
$_SESSION["last_name"] = $lastName;
$_SESSION["acc_code"] = $accessCode;
header('Location: /vendor-general?aid='. $accessCode); //changed
exit();
}
else if($accessLvl == 'A' && $compType == 'M'){
$levelTxt = 'Accounting';
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
$_SESSION["authKey"] = $newUserId;
$_SESSION["authLevel"] = $accessLvl;
$_SESSION["comp_name"] = $compName;
$_SESSION["comp_type"] = $compType;
$_SESSION["comp_id"] = $compId;
$_SESSION["first_name"] = $firstName;
$_SESSION["last_name"] = $lastName;
$_SESSION["acc_code"] = $accessCode;
header('Location: /accounting?aid=' . $accessCode); //changed
exit();
}
else if($accessLvl == 'A' && $compType == 'V'){
$levelTxt = 'Accounting';
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
$_SESSION["authKey"] = $newUserId;
$_SESSION["authLevel"] = $accessLvl;
$_SESSION["comp_name"] = $compName;
$_SESSION["comp_type"] = $compType;
$_SESSION["comp_id"] = $compId;
$_SESSION["first_name"] = $firstName;
$_SESSION["last_name"] = $lastName;
$_SESSION["acc_code"] = $accessCode;
header('Location: /vendor-accounting?aid='.$accessCode); //changed
//header('Location: /session.php');
//header('Location: /vendor-accounting-backup-copy');
exit();
}
}
}
else{
//matching with the old record
$resultOld = $wpdb->get_results( "SELECT * FROM `wp_custom_members` WHERE `old_userid` = '$userEmail' AND `old_password` = '$userPass'");
if($resultOld){
foreach($resultOld as $userData){
$compName = $userData->company_name;
$accessLvl = $userData->access_level;
$newUserId = $userData->user_ID;
$newPass = $userData->password;
$resid = $userData->ID;
}
//checking if the user have new id or password
if(!empty($resid)){
header('Location: /member-registration/?recid=' . $resid);
exit();
}
}
else{
$errorMessage = "Incorrect user name or password!... Please try again.";
}
}
}
?>
<form action ="" method ="post">
<div class="form-group">
<label class="lblTxt" for name="comp_name"> User ID / Email ID <span style="color: red;">*</span></label><br />
<input type="text" class="regInput" name="user_email" id="comp_name" placeholder="Enter your email or user id" ><br />
</div>
<div class="form-group">
<label class="lblTxt" for name="comp_name"> Password <span style="color: red;">*</span></label><br />
<input type="password" class="regInput" name="user_pass" id="comp_name" placeholder="Enter your password" ><br />
</div>
<?php if(!empty($errorMessage)){?>
<div class="form-group">
<label><span style="color: red;"><?php echo $errorMessage; ?></span></label><br />
</div>
<?php } ?>
<div class="form-group">
<input class="regBtn" type = "submit" name = "btn_login" id="updateBtn" value = "Log In">
</div>
<div class="form-group">
<label><span><a href="/forgot-password" class="fpass"> Forgot Password? </a></span></label><br />
</div>
</form>
<style>
.form-group{
padding: 20px 20px 20px 0px;
text-align: center;
}
.lblTxt{
float: left;
padding-left: 20%;
font-weight: bold;
}
.regInput{
width: 60% !important;
}
.regBtn{
background-color: #3ba1da !important;
border: none;
width: 15%;
border-radius: 5px !important;
vertical-align: middle !important;
height: auto !important;
font-size: 15px !important;
cursor: pointer !important;
box-shadow: none !important;
text-shadow: none !important;
font-family: inherit;
outline: none !important;
margin: 0 !important;
opacity: 1 !important;
-webkit-appearance: none;
}
.regBtn:hover{
background-color: #387090;
}
.fpass{
color: #bebebe;
}
.fpass:hover{
color: #3ba1da !important;
}
</style>
<?php
}
//adding short code
add_shortcode('display_login_form', 'member_login_form');
?>