Jump to content

nemanja28

New Members
 View Profile  See their activity

  • Posts

    9

  • Joined

  • Last visited

    Never

Profile Information

  • Gender
    Not Telling

nemanja28's Achievements

Newbie

Newbie (1/5)

0

Reputation

  1. nemanja28
    I try to implement your code but same problem again and again...
  2. nemanja28
    litebearer, are you have some time to see whole site and try to find what is the problem on this Login file? I will send you whole site if you want...
  3. nemanja28
    If that is the case then look VERY closely at the differences Side note: Did you rewrite your script to follow EXACTLY how my psuedo code showed? I looking 2 day for a mistake in a code or difference in regard to code of my friend and nothing can find :-/
  4. nemanja28
    I have everything but I can figure out where is the bug PS. I used code from my friend and change little bit for my site. On his site code working properly, on my site isn't working...
  5. nemanja28
    I try to login but they didn't do that i already have submit name and i dont need that code because I have ACTION on form to do login.php I dont understand what are you meaning there is a code <?php session_start(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> </head> <body> <?php error_reporting(E_ALL | E_STRICT); ini_set("display_errors", 0); ini_set("log_errors", 1); ini_set("error_log", "logovi.log"); if (isset($_POST['ime'])&&isset($_POST['pas'])) { // without sql injection $ime = $_POST['ime']; $pasvord = $_POST['pas']; // for sql injection // $ime = mysql_real_escape_string($_POST['ime']); // define('skrembl', '48762497&*%$#(%$1'); // $pasvord = md5(skrembl . $_POST['pas']); include "konekcija.php"; $sql="SELECT k.*, u.* FROM korisnik k JOIN uloga u ON k.UlogaID = u.UlogaID WHERE KorisnickoIme = '".$ime."' AND Lozinka = '".$pasvord."'"; $q = mysql_query($sql); if (mysql_num_rows($q)==1) { $_SESSION['ime'] = $_POST['ime']; $red=mysql_fetch_array($q); $_SESSION['korisnickoIme'] =$red["Ime"]; $_SESSION['prezime'] =$red["Prezime"]; $_SESSION['telefon'] =$red["Telefon"]; $_SESSION['email'] =$red["Mail"]; if($red["NazivUloge"] == "Administrator") header('Location: admin.php'); else header('Location: prva.php'); } else { header('Location: MojNalog.php'); } } else { //Ako POST parametri nisu prosledeni echo "Nisu prosledeni parametri!"; } mysql_close($db); ?> </body> </html>
  6. nemanja28
    OK, I agree with yours statments, but: 1. Session start before my output. What are you meaning that is my output before session start?? 2. I put on comment mysql_real_escape_string and try without sql injection and doesn't work login form. Therefore, I try every your suggestion and same problem again exist... :-\
  7. nemanja28
    Same thing, again login form doesn't work... PS. I forget to write that session start exist on file MojProfil.php at the beginning of the page before html code.
  8. nemanja28
    That doesn't resolve my problem....
  9. nemanja28
    I have a probrem with a login, and there are no one error in my log I'a tired looking for a mistake. Look at my code and tell me if see anything bad there is login.php <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Untitled Document</title> </head> <body> <?php error_reporting(E_ALL | E_STRICT); ini_set("display_errors", 0); ini_set("log_errors", 1); ini_set("error_log", "logovi.log"); session_start(); if (isset($_POST['ime'])&&isset($_POST['pas'])) { // without sql injection //$ime = $_POST['ime']; //$pasvord = $_POST['pas']; // for sql injection $ime = mysql_real_escape_string($_POST['ime']); define('skrembl', '48762497&*%$#(%$1'); $pasvord = md5(skrembl . $_POST['pas']); include "konekcija.php"; $sql="SELECT k.*, u.* FROM korisnik k JOIN uloga u ON k.UlogaID = u.UlogaID WHERE KorisnickoIme = '".$ime."' AND Lozinka = '".$pasvord."'"; $q = mysql_query($sql); if (mysql_num_rows($q)==1) { $_SESSION['ime'] = $_POST['ime']; $red=mysql_fetch_array($q); $_SESSION['korisnickoIme'] =$red["Ime"]; $_SESSION['prezime'] =$red["Prezime"]; $_SESSION['telefon'] =$red["Telefon"]; $_SESSION['email'] =$red["Mail"]; if($red["NazivUloge"] == "Administrator") header('Location: admin.php'); else header('Location: prva.php'); } else { header('Location: MojNalog.php'); } } else { //Ako POST parametri nisu prosledeni echo "Nisu prosledeni parametri!"; } mysql_close($db); ?> </body> </html> And there is my connection on database - konekcija.php (this database I use fore many other function, and i think that the file work properly ) <?php $mysql_server = "localhost"; $mysql_user = "root"; $mysql_password = ""; $mysql_db = "nekretnine"; if (!$db=mysql_connect($mysql_server, $mysql_user, $mysql_password)) { die ("<p>Spajanje na mysql server je bilo neuspešno</p>"); } if (!mysql_select_db($mysql_db, $db)) { die ("<p>Greška pri odabiru baze</p>"); } else { mysql_query("SET NAMES utf8"); mysql_query("SET CHARACTER SET utf8"); mysql_query("SET COLLATION_CONNECTION='utf8_unicode_ci'"); } ?> and code where is input of username and password is in file MojNalog.php <form method="post" action="login.php"> <div class="contact_form"> <?php //[b]View if user succeed to login[/b] if (isset($_SESSION['korisnickoIme'])) { print "<div class=\"form_row\"> <label class=\"contact\"><strong>Vasi Podaci</strong></label><p></p> <label class=\"contact\"><strong>Ime: </strong></label> <label class=\"contact\"><strong>".$_SESSION['korisnickoIme']."</strong></label> </div> <div class=\"form_row\"> <label class=\"contact\"><strong>Prezime: </strong></label> <label class=\"contact\"><strong>".$_SESSION['prezime']."</strong></label> </div> <div class=\"form_row\"> <label class=\"contact\"><strong>Korisnicko ime: </strong></label> <label class=\"contact\"><strong>".$_SESSION['ime']."</strong></label> </div> <div class=\"form_row\"> <label class=\"contact\"><strong>Telefon: </strong></label> <label class=\"contact\"><strong>".$_SESSION['telefon']."</strong></label> </div> <div class=\"form_row\"> <label class=\"contact\"><strong>Email: </strong></label> <label class=\"contact\"><strong>".$_SESSION['email']."</strong></label> </div> "; } else { //[b]LOGIN FORM[/b] print "<div class=\"form_row\"> <label class=\"contact\"><strong>Unesite korisni&#269;ko ime:</strong></label> <input type=\"text\" class=\"contact_input\" name = \"ime\"/> </div> <div class=\"form_row\"> <label class=\"contact\"><strong>Unesite šifru:</strong></label> <input type=\"password\" class=\"contact_input\" name=\"pas\"/> </div> <div class=\"form_row\"> <input type=\"submit\" class=\"contact\" value= \"Log In\"/> </div> "; } ?> </div> </form> please help i don't see any mistake
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.