SilverNova

WOOOO Thanks guys, very very much appreciated  ;D ;D

Argh omw, was filling it in automatically for a while using FF... but now that it's resolved - what script can i finally use?! :D Many thanks for all your help - i'll be sure to link back to you from all my sites in future!!  ;D

[code] login failed DEBUG INFO: Username: test Password: tets Password Hash: 45edd741812abf42a7b799a6fc558d9c MD5 Hash of 'test': 098f6bcd4621d373cade4e832627b4f6 MD5 Hash TEST: failed Query: SELECT * FROM users WHERE username='test' AND `password`='45edd741812abf42a7b799a6fc558d9c' [/code] TETS?! this means..?

Nope. sorry  :-\ [code] <?php session_start(); $username = $_POST["username"]; //get the username from the form, as $username $password = md5($_POST["password"]); //get the password from the form in md5 $users = mysql_connect("localhost", "lov3dco_users", "test");     if(!$users) {           echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";           exit();         } mysql_select_db("lov3dco_users");  //select what database to use $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $recieve = "SELECT * FROM users WHERE username =  '$username' AND password = '$password';"; $query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query if(mysql_num_rows($query) == '1'){     echo "login successful"; }else {     echo "login failed"; } ?> [/code] gives login failed

try again - i got parse error = the echo, login successful I know you mean "if" obviously.. :P

Yeah, "login failed" Here's my table just in case.. [img]http://www.lov3d.com/testdb.png[/img]

Ok, test.php now looks exactly like the above and returns a blank page.. Think businessman just put them in earlier to differentiate what was going on

changed php.ini [code] ; Lifetime in seconds of cookie or, if 0, until browser is restarted. session.cookie_lifetime = 0 [/code] to [code] ; Lifetime in seconds of cookie or, if 0, until browser is restarted. session.cookie_lifetime = 2400 [/code] and test.php now looks like this after taking out the echo: [code] <?php session_start(); ?> <?php $username = $_POST["username"]; //get the username from the form, as $username $password = md5($_POST["password"]); //get the password from the form in md5 $users = mysql_connect("localhost", "lov3dco_users", "test");     if(!$users) {           echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";           exit();         } echo "test3"; mysql_select_db("lov3dco_users");  //select what database to use $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $recieve = "SELECT * FROM users WHERE username =  '$username' AND password = '$password';"; $query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query echo "test4"; if($rows = mysql_num_rows($query)){     $_SESSION['password'] = $password; //store the users password in a sesions var     $_SESSION['username'] = $username; //store the username in a session var $page = "index.php";    header('Location: ' . $page); }else { echo "test6";     session_destroy(); } ?>[/code] Still blank, apart from the echo's - http://lov3d.com/test.htm

I changed it to: [code] <?php session_start(); ?> <?php echo "test1"; $username = $_POST["username"]; //get the username from the form, as $username $password = md5($_POST["password"]); //get the password from the form in md5 [/code] ..etc. Still nothing..

I've never had to use php.ini before, all I know is that it's a global set of events etc You're welcome to have a look - http://lov3d.com/php.ini I presume it's in the right place, I took it from php.net after being told I should use (well, open) it. I don't seem to have a php.ini file elsewhere on my server unless i'm not looking in the right places. It's not the .htaccess :\ - it's blank at the moment

[img]http://www.lov3d.com/test.png[/img] That's what I have. Also, why can't i see this warning message?!!!? I'm using FF, all I get after login is: "test1test3test4test6" on the test.php page :\ ???

yeah it is encoded with md5 in the table the password field for the row is 098f6bcd4621d373cade4e832627b4f6.. which = "test" there are other fields which just have blank entries so this shouldn't matter? like "email" for their email address etc.

http://lov3d.com/test.htm They all show.. :\ I thought test 2 didnt but realised you went 1,3,4.. :P See your sig - I had a brief look around  :)

Well, i'm expecting to be logged in and thus redirected to the main page - index.php But nothing is happening - just a blank page. Try it if you like, i'm using the script businessman has last posted. http://www.lov3d.com/test.htm Username = test Password = test Any ideas? Many thanks for the help so far guys Form page: (test.htm) [code] <html> <form action="test.php" method="post"> Username: <input type="text" name="username" size="30"><br><br> Password: <input type="password" name="password" size="30"><br><br> <input type="submit" value="Login!"> </form> </html> [/code] Processor Page: (test.php) [code] <?php session_start(); //start a sessions :D $username = $_POST["username"]; //get the username from the form, as $username $password = md5($_POST["password"]); //get the password from the form in md5 $users = mysql_connect("localhost", "lov3dco_users", "test");     if(!$users) {           echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";           exit();         } mysql_select_db("lov3dco_users");  //select what database to use $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $recieve = "SELECT * FROM users WHERE username =  '$username' AND password = '$password';"; $query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query if($rows = mysql_num_rows($query)){     $_SESSION['password'] = $password; //store the users password in a sesions var     $_SESSION['username'] = $username; //store the username in a session var $page = "index.php";    header('Location: ' . $page); }else {     session_destroy(); } ?> [/code]

[quote author=businessman332211 link=topic=102574.msg407287#msg407287 date=1154445340] I found the problem [code]<?php session_start(); //start a sessions :D $username = $_POST["username"]; //get the username from the form, as $username $password = md5($_POST["password"]); //get the password from the form in md5 $users = mysql_connect("localhost", "lov3dco_users", "test");     if(!$users) {           echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";           exit();         } mysql_select_db("lov3dco_users");  //select what database to use $username = mysql_real_escape_string($username); $password = mysql_real_escape_string($password); $recieve = "SELECT * FROM users WHERE username =  '$username' AND password = '$password';"; $query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query if($rows = mysql_fetch_array($query)){     $_SESSION['password'] = $password; //store the users password in a sesions var     $_SESSION['username'] = $username; //store the username in a session var $page = "index.php";    header('Location: ' . $page); }else {     session_destroy(); } ?>[/code] Use exactly what I show above, I changed mysql_num_rows to mysql_fetch_array that should make it run smoothly.  don't forget to upload the php.ini file, ti's not showing your errors.  Either that or your host doesn't support it. [/quote] I tried the exact code you used above and the one previous, businessman. It's STILL not showing anything wrong!!! My php.ini file is in the same directory as test.php and all files are in the main directory anyway. This is what test.htm looks like [code] <html> <form action="test.php" method="post"> Username: <input type="text" name="username" size="30"><br><br> Password: <input type="password" name="password" size="30"><br><br> <input type="submit" value="Login!"> </form> </html> [/code] Nothing wrong there, right? But yeah, still blank :\ This is getting very frustrating now ???

I got a php.ini file from php.net: http://cvs.php.net/viewvc.cgi/php-src/php.ini-recommended?revision=1.179.2.11.2.2&view=markup Changed what you said: [code] error_reporting  =  E_ALL & ~E_NOTICE ; Print out errors (as a part of the output).  For production web sites, ; you're strongly encouraged to turn this feature off, and use error logging ; instead (see below).  Keeping display_errors enabled on a production web site ; may reveal security information to end users, such as file paths on your Web ; server, your database schema or other information. display_errors = On [/code] And then put the php.ini file in the same (main) directory. Then, just to make sure - changed lines 1 and 2 of test.php: [code] <?php session_start(); //start a sessions :D [/code] ____ I've taken out the line [code] echo $recieve [/code] This was only here in the small hope to find what was going wrong. Explain what you changed to get it working please Ron?! I now have this code: [code] <?php session_start(); //start a sessions :D $username = $_POST["username"]; //get the username from the form, as $username $password = md5($_POST["password"]); //get the password from the form in md5 $users = mysql_connect("localhost", "lov3dco_users", "test");     if(!$users) //error checking :D         {             echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";         } mysql_select_db("lov3dco_users");  //select what database to use $recieve = "SELECT * FROM users WHERE username='".mysql_real_escape_string($username)."' AND `password`='".mysql_real_escape_string($password)."'"; $query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query if($rows = mysql_num_rows($query)) //if the query resulted with a row, start the sessions and go to the index {     $_SESSION["password"] = $password; //store the users password in a sesions var     $_SESSION["username"] = $username; //store the username in a session var     header("Location: index.php"); } else //if not, end incorrect sessions, and go to the index {     @session_destroy(); } ?> [/code]

[quote author=businessman332211 link=topic=102574.msg407232#msg407232 date=1154440520] and cut on display errors in the php.ini and you will probably notice it says headers already sent/ [/quote] Ok, forgive me for being such a noob here.. I don't think I use a php.ini file - www.lov3d.com/test.htm user=test pass=test I've also taken out the space at the beginning as you instructed, so line one now reads: [code] <?php session_start(); //start a sessions :D [/code] Any guidance would be very much appreciated! Thanks Joyel  :)

A session script, which seems to do nothing but display a blank screen after logging in with it. Is there anything visibly wrong with it? [code] <?php session_start(); //start a sessions :D $username = $_POST["username"]; //get the username from the form, as $username $password = md5($_POST["password"]); //get the password from the form in md5 $users = mysql_connect("localhost", "lov3dco_users", "test");     if(!$users) //error checking :D         {             echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";         } mysql_select_db("lov3dco_users");  //select what database to use $recieve = "SELECT * FROM users WHERE username='".mysql_real_escape_string($username)."' AND `password`='".mysql_real_escape_string($password)."'"; echo $receive; $query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query if($rows = mysql_num_rows($query)) //if the query resulted with a row, start the sessions and go to the index {     $_SESSION["password"] = $password; //store the users password in a sesions var     $_SESSION["username"] = $username; //store the username in a session var     header("Location: index.php"); } else //if not, end incorrect sessions, and go to the index {     @session_destroy(); } ?> [/code]

Ok, so I've changed [code] {     $_SESSION["password"] = $password; //store the users password in a sesions var     $_SESSION["username"] = $username; //store the username in a session var     echo "<meta http-equiv='refresh' content='0; url=index.php' />"; [/code] to [code] {     $_SESSION["password"] = $password; //store the users password in a sesions var     $_SESSION["username"] = $username; //store the username in a session var     header("Location: index.php"); [/code] but still no redirecting to the index?! ??? the files are found here: http://www.lov3d.com/test.htm Username = test Password = test

Ok thanks for translation :) hehe Well it works, as much as it doesn't give an error. I log in via "test.htm" and "test.php" is the script above. Although this doesn't redirect me to "index.php".. [code] {     $_SESSION["password"] = $password; //store the users password in a sesions var     $_SESSION["username"] = $username; //store the username in a session var     echo "<meta http-equiv='refresh' content='0; url=index.php' />"; } [/code] Is this telling me that the session did not start? And if not, how do I check that it has started? :) Many thanks guys

Wow, someone that offers help - that works! :D Now getting: [code] Unable to peform query - Unknown column 'membername' in 'where clause' [/code] Not sure where the column "membername" comes into it? It doesn't exists in my table, but "username" does..

Ah yeah! The amount of times I've looked through and must have missed that  :-\ SQL query, ok. How do I get around this? If you dont mind :)

Any help here would be GREATLY appreciated!! I'm a complete noob, so be warned  :P - I'm trying to set up a decent and secure enough log in system using sessions. Here's the code I have: [code] <?php session_start(); //start a sessions :D $username = $_POST["username"]; //get the username from the form, as $username $password = md5($_POST["password"]); //get the password from the form in md5 $members = mysql_connect("localhost", "***_users", "***");     if(!$users) //error checking :D         {             echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";         } mysql_select_db("***_users");  //select what database to use $recieve = "SELECT * FROM users WHERE membername='".mysql_real_escape_string($username)."' AND password='".mysql_real_escape_string($password)."'"; echo $receive; $query = mysql_query($recieve); //do the query if($rows = mysql_num_rows($query)) //if the query resulted with a row, start the sessions and go to the index {     $_SESSION["password"] = $password; //store the users password in a sesions var     $_SESSION["username"] = $username; //store the username in a session var     echo "<meta http-equiv='refresh' content='0; url=index.php' />"; } else //if not, end incorrect sessions, and go to the index {     @session_destroy(); } ?> [/code] After logging in with the correct username and password I get: [code] Sorry! We could not log you in at this time. Please Try again later! Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/***/public_html/test.php on line 23 [/code] I realised that there is no defined $rows, does this matter? I'm thinking that my SQL may be wrong?!  ??? Thanks for your help! :) NOTE: Assume " *** " as the correct info  :D