Hazukiy

I think what I'll do mate is start all over again cause the code is a complete mess and I don't think it's going to work any time soon :/ So I'll make a basic sign up and login form without encryption and I'll go from there

Ok so with the register.php I entered the same details three times with the same password three times and it seems that it's changing the password encryption every time? So like one would be: "$1$5dd2moqP$F5yNWthBJ55c.y8PJ5VYM1" and the next time I enter it, it'll be: "$1$m8AYjsv3$7wvwqZNZZCWju6Ci9PCl8" Any ides? xD

Okie so it's encrypting the password again when you register but still can't log in :/ Here's an update on the latest code: Login.php <?php session_start(); include "dbConfig.php"; $errorMsg = ""; if ($_GET["op"] == "fail") { $errorMsg = "* You need to be logged in to access the members area!"; } if ($_SERVER['REQUEST_METHOD'] == "POST") { $username = trim($_POST["username"]); $password = trim($_POST["password"]); if (empty($username) || empty($password)) { $errorMsg = "* You need to provide a username & password."; } else { $usernameSQL = mysql_real_escape_string($username); $passwordSQL = crypt($password); $q = "SELECT * FROM Table1 WHERE username='$usernameSQL' AND password='$passwordSQL' LIMIT 1"; $r = mysql_query($q) or die("Error: " . mysql_error() . "<br>Query: " . $q); if(!$r) { $errorMsg = "* Wrong username or password."; } elseif(!mysql_num_rows($r)) { $errorMsg = "* Sorry, couldn't log you in. Wrong login information."; } else { $_SESSION["valid_id"] = $obj->id; $_SESSION["valid_user"] = $username; $_SESSION["valid_time"] = time(); header("Location: members.php"); exit(); } } } ?> Register.php <?php include ("dbConfig.php"); $errorMsg = ""; if ($_SERVER['REQUEST_METHOD'] == "POST") { $usernameSQL = mysql_real_escape_string($_POST['username']); $emailSQL = mysql_real_escape_string($_POST['email']); $passwordSQL = crypt($_POST['password']); $q = "INSERT INTO Table1(username, email, password)VALUES('$usernameSQL', '$emailSQL', '$passwordSQL')"; $r = mysql_query($q); header("Location: register.php?op=thanks"); exit(); } ?>

Ok so I've done the following that you said and what happens now is that when I register no password is put into the database, it's just a blank area. I suspect that's because they are no '$password' in the register.php.

Ok so I've removed "$passwordSQL = mysql_real_escape_string($_POST['password']);". So I echoed out the password and it would seem that the encryption is different to what the database has? What do you suggest?

Hi, I'm trying to make a php register and login form but it seems almost impossible. I've got this far and it keeps returning a row error and I have no idea what that means or what would be causing it? It keeps returning the "elseif(!mysql_num_rows($r))" and I have no idea why it's doing that? Really need help on this one cause I've been stuck on this problem for around 1 month now and no one seems to know why it's doing this. Thanks. LOGIN.PHP <?php session_start(); include "dbConfig.php"; $errorMsg = ""; if ($_GET["op"] == "fail") { $errorMsg = "* You need to be logged in to access the members area!"; } if ($_SERVER['REQUEST_METHOD'] == "POST") { $username = trim($_POST["username"]); $password = trim($_POST["password"]); if (empty($username) || empty($password)) { $errorMsg = "* You need to provide a username & password."; } else { $usernameSQL = mysql_real_escape_string($username); $passwordSQL = crypt($password); $q = "SELECT * FROM Table1 WHERE username='$usernameSQL' AND password='$passwordSQL' LIMIT 1"; $r = mysql_query($q) or die("Error: " . mysql_error() . "<br>Query: " . $q); if(!$r) { $errorMsg = "* Wrong username or password."; } elseif(!mysql_num_rows($r)) { $errorMsg = "* Sorry, couldn't log you in. Wrong login information."; } else { $_SESSION["valid_id"] = $obj->id; $_SESSION["valid_user"] = $username; $_SESSION["valid_time"] = time(); header("Location: members.php"); exit(); } } } ?> REGISTER.PHP <?php include ("dbConfig.php"); if ($_SERVER['REQUEST_METHOD'] == "POST") { $usernameSQL = mysql_real_escape_string($_POST['username']); $emailSQL = mysql_real_escape_string($_POST['email']); $passwordSQL = mysql_real_escape_string($_POST['password']); $passwordSQL = crypt($password); $q = "INSERT INTO Table1(username, email, password)VALUES('$usernameSQL', '$emailSQL', '$passwordSQL')"; $r = mysql_query($q); header("Location: register.php?op=thanks"); exit(); } ?>

So does anyone know why it's not working? Had this problem for around 2 months, I've googled left and right for answers and no one seems to know how to make it work? :/

Ah, great, thanks

The code above is the same. I've only changed: $passwordSQL = crypt($password);

Ah ok thanks, just did that. But it keeps giving me the ROW error

Ok, just did that yet it's still giving me the same ROW error? :/ Darn

Ok, so should I do that on both Login and Register forms?

Hi, I'm trying to create a Login & Register form which will create a profile for that user but I'm getting a lot of problems and I can't seem to figure out why it's not working correctly? I've created a post on the forums before about this problem but the problem was never resolved, I am new to PHP hence my noobieness. Basicly the problem at the moment is when I try to login it gives me a 'Wrong details error' which is expressed like so: elseif(!mysql_num_rows($r)) { $errorMsg = "* Sorry, couldn't log you in. Wrong login information."; } As far as the register form goes, it works fine to my knowledge as it's adding users to the database when they register and it's encrypting their passwords by using the crypt(); function. I'll link the Login form, the register form and the dbConfig below but I'll replace any sensitive details with '-HIDDEN-' for safety. I would really appreshiate if someone could help me out on this one cause I've been stuck with this problem for quite a while now and I can't figure it out, thanks a lot Register.php <?php include ("dbConfig.php"); if ($_SERVER['REQUEST_METHOD'] == "POST") { $usernameSQL = mysql_real_escape_string($_POST['username']); $emailSQL = mysql_real_escape_string($_POST['email']); $passwordSQL = mysql_real_escape_string($_POST['password']); $passwordSQL = crypt('$password'); $q = "INSERT INTO -HIDDEN-(username, email, password)VALUES('$usernameSQL', '$emailSQL', '$passwordSQL')"; $r = mysql_query($q); header("Location: register.php?op=thanks"); } ?> <form action="?op=reg" method="POST"> Username:<br><font color="red">*</font><input class="GeneralForm" type="text" name="username" id="username" maxlength="20"><br> <br> Email:<br><font color="red">*</font><input class="GeneralForm" type="text" name="email" id="email" maxlength="50"><br> <br> Password:<br><font color="red">*</font><input class="GeneralForm" type="password" name="password" id="password" maxlength="50"><br> <br> <input type="checkbox" name="tick"><font color="gray" size="3"> I agree to the Terms of Use<br> <br> <button type="submit" name="submit" class="InputButton" value="Submit">Submit</button> </form> <br><font size="2" color="gray">* You can edit details on your profile when you login!</font> Login.php <?php session_start(); include "dbConfig.php"; $errorMsg = ""; if ($_GET["op"] == "fail") { $errorMsg = "* You need to be logged in to access the members area!"; } if ($_SERVER['REQUEST_METHOD'] == "POST") { $username = trim($_POST["username"]); $password = trim($_POST["password"]); if (empty($username) || empty($password)) { $errorMsg = "* You need to provide a username & password."; } else { $usernameSQL = mysql_real_escape_string($username); $passwordSQL = crypt('$password'); $q = "SELECT id FROM -HIDDEN- WHERE username='{$usernameSQL}' AND password='{$passwordSQL}' LIMIT 1"; $r = mysql_query($q) or die("Error: " . mysql_error() . "<br>Query: " . $q); if(!$r) { //Error running query $errorMsg = "* Wrong username or password."; } elseif(!mysql_num_rows($r)) { //User not found $errorMsg = "* Sorry, couldn't log you in. Wrong login information."; } else { // Login good, create session variables and redirect $_SESSION["valid_id"] = $obj->id; $_SESSION["valid_user"] = $username; $_SESSION["valid_time"] = time(); // Redirect to member page header("Location: members.php"); } } } ?> <form action="?op=login" method="POST"> Username:<br> <input class="GeneralForm" type="text" name="username" id="username" maxlength="20" value="<?php echo htmlentities($usernameSQL); ?>"> <br><br> Password:<br> <input class="GeneralForm" type="password" name="password" id="password" maxlength="50"> <br><br> <button type="submit" name="Submit" class="InputButton" value="Login">Login</button> <h1 class="FailLoginState"><?php echo $errorMsg; ?></h1> </form> dbConfig.php <? $host = "-HIDDEN-"; $user = "-HIDDEN-"; $pass = "-HIDDEN-"; $db = "-HIDDEN-"; $ms = mysql_pconnect($host, $user, $pass); if ( !$ms ) { echo "Error connecting to database.\n"; } mysql_select_db($db); ?>

Okie dokie, did some research and I found out you can change CSS styles through Javascript so here's what I've done: var BackgroundOne = "images/structure/background-1.jpg" var BackgroundTwo = "images/structure/background-2.jpg" var BackgroundThree = "images/structure/background-3.jpg" var BackgroundFour = "images/structure/background-4.jpg" var Timer = setTimeout(BackgroundChange, 1000) function BackgroundChange() { if (Timer >= 1000) { document.getElementById("IndexContent").style = BackgroundOne } else if (Timer >= 2000) { document.getElementById("IndexContent").style = BackgroundTwo } else if (Timer >= 3000) { document.getElementById("IndexContent").style = BackgroundThree } else if (Timer >= 4000) { document.getElementById("IndexContent").style = BackgroundFour } } window.onload = BackgroundChange Just got a quick question: If you put this code in your HTML / PHP document where the script will take place, do you need to include and santax's? So like semi-colons at the end?

Ok. I'm just wondering how I would change a CSS class code through javascript. Basically want it to work so after a certain amount of time it changes the background; my background is defined in CSS.

Ok so how would I do it?

Hi, I'm just messing around with a website and I'm just wondering how would I make it so that it changes the background image to a random one? I was thinking something around this: Images = new Array Images[1] = "Background-1.jpg" Images[2] = "Background-2.jpg" Images[3] = "Background-3.jpg" Images[4] = "Background-4.jpg" But Instead of it just changing when you refresh the page every time, I was hoping to have a timer or something fixed to it? Would it be possible to have it so it gets the time of the server and if that time is equal it'll change? Help will be much appreciated

I don't know why it's doing that? I've set the database up correctly and it's registering users correctly? :/ Weird

Ok so all the code's fine now apart from this. It keeps giving the error displayed.

Ok so I did that and it came up with this error:

Ok so do I put that in the registration form or login form? The registration form works fine now but the login form still does not work? :/ It's as if it's not reading the password or something?

Hi, I'm currently learning PHP so I'm getting some help from people on the forums but I got given a piece of code by one of the members for a login form but not a registration form, so I did what anyone else would and I gave making the registration form ago, so far I came up with the code below, I don't know weather that's the correct way of doing it but it works, it adds those who register to the database, now my only problem is that the login form doesn't work and I'm not 100% why? I'm starting to think it's something to do with the MD5 encryption? But anyway some help and advise would be very much appreciated, thanks Registration Form: <?php include ("dbConfig.php"); if ($_SERVER['REQUEST_METHOD'] == "POST") { $usernameSQL = mysql_real_escape_string($_POST['username']); $emailSQL = mysql_real_escape_string($_POST['email']); $passwordSQL = mysql_real_escape_string($_POST['password']); $passwordSQL = MD5($password); $q = "INSERT INTO TABLENAME(name, email, password)VALUES('$usernameSQL', '$emailSQL', '$passwordSQL')"; $r = mysql_query($q); header('Location: register.php?op=thanks'); } ?> <form action="?op=reg" method="POST"> Username:<br><font color="red">*</font><input class="InputForm" type="text" name="username" id="username"><br> <br> Email:<br><font color="red">*</font><input class="InputForm" type="text" name="email" id="email"><br> <br> Password:<br><font color="red">*</font><input class="InputForm" type="password" name="password" id="password"><br> <br> <input type="checkbox" name="tick"><font color="gray" size="3"> I agree to the Terms of Use<br> <br> <button type="submit" name="submit" class="InputButton" value="Submit">Submit</button> </form> Login Form: <?php session_start(); include "dbConfig.php"; $errorMsg = ""; if ($_GET["op"] == "fail") { $errorMsg = "* You need to be logged in to access the members area!"; } if ($_SERVER['REQUEST_METHOD'] == "POST") { $username = trim($_POST["username"]); $password = trim($_POST["password"]); if (empty($username) || empty($password)) { $errorMsg = "* You need to provide a username & password."; } else { $usernameSQL = mysql_real_escape_string($username); $passwordSQL = MD5($password); $q = "SELECT id FROM 'TABLENAME' WHERE 'username'='{$usernameSQL}' AND 'password'='{$passwordSQL}' LIMIT 1"; $r = mysql_query($q); if(!$r) { $errorMsg = "* Wrong username or password."; } elseif(!mysql_num_rows($r)) { $errorMsg = "* Sorry, couldn't log you in. Wrong login information."; } else { $_SESSION["valid_id"] = $obj->id; $_SESSION["valid_user"] = $username; $_SESSION["valid_time"] = time(); header("Location: members.php"); } } } ?> <form action="?op=login" method="POST"> Username:<br> <input class="InputForm" type="text" name="username" id="username" value="<?php echo htmlentities($usernameSQL); ?>"> <br><br> Password:<br> <input class="InputForm" type="password" name="password" id="password"> <br><br> <button type="submit" name="submit" class="InputButton" value="Login">Submit</button> <h1 class="FailLoginState"><?php echo $errorMsg; ?></h1> </form>

Still doesn't work

Ah okie, cheers. Ok so I'm guessing I'm going to have to completely redo the login form? (Excuse my noobness)

Oh, that's really weird, in the database the passwords are hashed? :/ Hmm