[Why doesn't this work?! :\]

WOOOO Thanks guys, very very much appreciated  ;D ;D

[Why doesn't this work?! :\]

Argh omw, was filling it in automatically for a while using FF... but now that it's resolved -

what script can i finally use?! :D

Many thanks for all your help - i'll be sure to link back to you from all my sites in future!!  ;D

[Why doesn't this work?! :\]

[code]
login failed

DEBUG INFO:
Username: test
Password: tets
Password Hash: 45edd741812abf42a7b799a6fc558d9c
MD5 Hash of 'test': 098f6bcd4621d373cade4e832627b4f6
MD5 Hash TEST: failed
Query: SELECT * FROM users WHERE username='test' AND `password`='45edd741812abf42a7b799a6fc558d9c'
[/code]

TETS?! this means..?

[Why doesn't this work?! :\]

Nope. sorry  :-\

[code]
<?php
session_start();

$username = $_POST["username"]; //get the username from the form, as $username
$password = md5($_POST["password"]); //get the password from the form in md5

$users = mysql_connect("localhost", "lov3dco_users", "test");
    if(!$users) {
          echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";
          exit();
        }

mysql_select_db("lov3dco_users");  //select what database to use
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$recieve = "SELECT * FROM users WHERE username =  '$username' AND password = '$password';";
$query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query

if(mysql_num_rows($query) == '1'){
    echo "login successful";
}else {
    echo "login failed";
}

?>
[/code]

gives login failed

[Why doesn't this work?! :\]

try again - i got parse error = the echo, login successful

I know you mean "if" obviously.. :P

[Why doesn't this work?! :\]

Yeah, "login failed"

Here's my table just in case..

[img]http://www.lov3d.com/testdb.png[/img]

[Why doesn't this work?! :\]

Ok, test.php now looks exactly like the above and returns a blank page..

Think businessman just put them in earlier to differentiate what was going on

[Why doesn't this work?! :\]

changed php.ini

[code]
; Lifetime in seconds of cookie or, if 0, until browser is restarted.
session.cookie_lifetime = 0
[/code]

to

[code]
; Lifetime in seconds of cookie or, if 0, until browser is restarted.
session.cookie_lifetime = 2400
[/code]

and test.php now looks like this after taking out the echo:

[code]
<?php
session_start();
?>
<?php

$username = $_POST["username"]; //get the username from the form, as $username
$password = md5($_POST["password"]); //get the password from the form in md5

$users = mysql_connect("localhost", "lov3dco_users", "test");
    if(!$users) {
          echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";
          exit();
        }
echo "test3";
mysql_select_db("lov3dco_users");  //select what database to use
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$recieve = "SELECT * FROM users WHERE username =  '$username' AND password = '$password';";
$query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query
echo "test4";
if($rows = mysql_num_rows($query)){
    $_SESSION['password'] = $password; //store the users password in a sesions var
    $_SESSION['username'] = $username; //store the username in a session var
$page = "index.php";   

header('Location: ' . $page);
}else {
echo "test6";
    session_destroy();
}


?>[/code]

Still blank, apart from the echo's - http://lov3d.com/test.htm

[Why doesn't this work?! :\]

I changed it to:

[code]
<?php
session_start();
?>
<?php
echo "test1";
$username = $_POST["username"]; //get the username from the form, as $username
$password = md5($_POST["password"]); //get the password from the form in md5
[/code]

..etc.

Still nothing..

[Why doesn't this work?! :\]

I've never had to use php.ini before, all I know is that it's a global set of events etc

You're welcome to have a look - http://lov3d.com/php.ini

I presume it's in the right place, I took it from php.net after being told I should use (well, open) it. I don't seem to have a php.ini file elsewhere on my server unless i'm not looking in the right places.

It's not the .htaccess :\ - it's blank at the moment

[Why doesn't this work?! :\]

[img]http://www.lov3d.com/test.png[/img]

That's what I have.

Also, why can't i see this warning message?!!!? I'm using FF, all I get after login is:

"test1test3test4test6" on the test.php page :\ ???

[Why doesn't this work?! :\]

yeah it is encoded with md5 in the table

the password field for the row is 098f6bcd4621d373cade4e832627b4f6.. which = "test"
there are other fields which just have blank entries so this shouldn't matter? like "email" for their email address etc.

[Why doesn't this work?! :\]

http://lov3d.com/test.htm

They all show.. :\ I thought test 2 didnt but realised you went 1,3,4.. :P

See your sig - I had a brief look around  :)

[Why doesn't this work?! :\]

Well, i'm expecting to be logged in and thus redirected to the main page - index.php

But nothing is happening - just a blank page. Try it if you like, i'm using the script businessman has last posted.

http://www.lov3d.com/test.htm

Username = test
Password = test

Any ideas?

Many thanks for the help so far guys





Form page: (test.htm)

[code]
<html>
<form action="test.php" method="post">
Username: <input type="text" name="username" size="30"><br><br>
Password: <input type="password" name="password" size="30"><br><br>
<input type="submit" value="Login!">
</form>
</html>
[/code]


Processor Page: (test.php)

[code]
<?php
session_start(); //start a sessions :D

$username = $_POST["username"]; //get the username from the form, as $username
$password = md5($_POST["password"]); //get the password from the form in md5

$users = mysql_connect("localhost", "lov3dco_users", "test");
    if(!$users) {
          echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";
          exit();
        }

mysql_select_db("lov3dco_users");  //select what database to use
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$recieve = "SELECT * FROM users WHERE username =  '$username' AND password = '$password';";
$query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query

if($rows = mysql_num_rows($query)){
    $_SESSION['password'] = $password; //store the users password in a sesions var
    $_SESSION['username'] = $username; //store the username in a session var
$page = "index.php";   
header('Location: ' . $page);
}else {
    session_destroy();
}


?>
[/code]

[Why doesn't this work?! :\]

[quote author=businessman332211 link=topic=102574.msg407287#msg407287 date=1154445340]
I found the problem

[code]<?php
session_start(); //start a sessions :D

$username = $_POST["username"]; //get the username from the form, as $username
$password = md5($_POST["password"]); //get the password from the form in md5

$users = mysql_connect("localhost", "lov3dco_users", "test");
    if(!$users) {
          echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";
          exit();
        }

mysql_select_db("lov3dco_users");  //select what database to use
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$recieve = "SELECT * FROM users WHERE username =  '$username' AND password = '$password';";
$query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query

if($rows = mysql_fetch_array($query)){
    $_SESSION['password'] = $password; //store the users password in a sesions var
    $_SESSION['username'] = $username; //store the username in a session var
$page = "index.php";   
header('Location: ' . $page);
}else {
    session_destroy();
}


?>[/code]

Use exactly what I show above, I changed mysql_num_rows to mysql_fetch_array that should make it run smoothly.  don't forget to upload the php.ini file, ti's not showing your errors.  Either that or your host doesn't support it.
[/quote]

I tried the exact code you used above and the one previous, businessman.

It's STILL not showing anything wrong!!! My php.ini file is in the same directory as test.php and all files are in the main directory anyway.

This is what test.htm looks like
[code]
<html>
<form action="test.php" method="post">
Username: <input type="text" name="username" size="30"><br><br>
Password: <input type="password" name="password" size="30"><br><br>
<input type="submit" value="Login!">
</form>
</html>
[/code]

Nothing wrong there, right?

But yeah, still blank :\ This is getting very frustrating now ???

[Why doesn't this work?! :\]

I got a php.ini file from php.net:

http://cvs.php.net/viewvc.cgi/php-src/php.ini-recommended?revision=1.179.2.11.2.2&view=markup

Changed what you said:

[code]
error_reporting  =  E_ALL & ~E_NOTICE

; Print out errors (as a part of the output).  For production web sites,
; you're strongly encouraged to turn this feature off, and use error logging
; instead (see below).  Keeping display_errors enabled on a production web site
; may reveal security information to end users, such as file paths on your Web
; server, your database schema or other information.
display_errors = On
[/code]

And then put the php.ini file in the same (main) directory.

Then, just to make sure - changed lines 1 and 2 of test.php:

[code]
<?php
session_start(); //start a sessions :D
[/code]

____

I've taken out the line
[code]
echo $recieve
[/code]

This was only here in the small hope to find what was going wrong.
Explain what you changed to get it working please Ron?! I now have this code:

[code]
<?php
session_start(); //start a sessions :D

$username = $_POST["username"]; //get the username from the form, as $username
$password = md5($_POST["password"]); //get the password from the form in md5

$users = mysql_connect("localhost", "lov3dco_users", "test");
    if(!$users) //error checking :D
        {
            echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";
        }

mysql_select_db("lov3dco_users");  //select what database to use


$recieve = "SELECT * FROM users WHERE username='".mysql_real_escape_string($username)."' AND `password`='".mysql_real_escape_string($password)."'";

$query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query

if($rows = mysql_num_rows($query)) //if the query resulted with a row, start the sessions and go to the index

{
    $_SESSION["password"] = $password; //store the users password in a sesions var
    $_SESSION["username"] = $username; //store the username in a session var
   
header("Location: index.php");

}

else //if not, end incorrect sessions, and go to the index

{
    @session_destroy();

}


?>
[/code]

[Why doesn't this work?! :\]

[quote author=businessman332211 link=topic=102574.msg407232#msg407232 date=1154440520]
and cut on display errors in the php.ini and you will probably notice it says headers already sent/
[/quote]

Ok, forgive me for being such a noob here.. I don't think I use a php.ini file -

www.lov3d.com/test.htm

user=test
pass=test

I've also taken out the space at the beginning as you instructed, so line one now reads:
[code]
<?php session_start(); //start a sessions :D
[/code]

Any guidance would be very much appreciated! Thanks Joyel  :)

[Why doesn't this work?! :\]

A session script, which seems to do nothing but display a blank screen after logging in with it.

Is there anything visibly wrong with it?

[code]
<?php

session_start(); //start a sessions :D

$username = $_POST["username"]; //get the username from the form, as $username
$password = md5($_POST["password"]); //get the password from the form in md5

$users = mysql_connect("localhost", "lov3dco_users", "test");
    if(!$users) //error checking :D
        {
            echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";
        }

mysql_select_db("lov3dco_users");  //select what database to use


$recieve = "SELECT * FROM users WHERE username='".mysql_real_escape_string($username)."' AND `password`='".mysql_real_escape_string($password)."'";


echo $receive;

$query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query

if($rows = mysql_num_rows($query)) //if the query resulted with a row, start the sessions and go to the index

{
    $_SESSION["password"] = $password; //store the users password in a sesions var
    $_SESSION["username"] = $username; //store the username in a session var
   
header("Location: index.php");

}

else //if not, end incorrect sessions, and go to the index

{
    @session_destroy();

}


?>
[/code]

[Dodgy Sessions - Please help!!]

Ok, so I've changed

[code]
{
    $_SESSION["password"] = $password; //store the users password in a sesions var
    $_SESSION["username"] = $username; //store the username in a session var
   
echo "<meta http-equiv='refresh' content='0; url=index.php' />";

[/code]

to

[code]
{
    $_SESSION["password"] = $password; //store the users password in a sesions var
    $_SESSION["username"] = $username; //store the username in a session var
   
header("Location: index.php");

[/code]

but still no redirecting to the index?! ???

the files are found here: http://www.lov3d.com/test.htm

Username = test
Password = test

[Dodgy Sessions - Please help!!]

Ok thanks for translation :) hehe

Well it works, as much as it doesn't give an error. I log in via "test.htm" and "test.php" is the script above.

Although this doesn't redirect me to "index.php"..

[code]
{
    $_SESSION["password"] = $password; //store the users password in a sesions var
    $_SESSION["username"] = $username; //store the username in a session var
   
echo "<meta http-equiv='refresh' content='0; url=index.php' />";

}
[/code]

Is this telling me that the session did not start? And if not, how do I check that it has started? :)

Many thanks guys

[Dodgy Sessions - Please help!!]

Wow, someone that offers help - that works! :D

Now getting:

[code]
Unable to peform query - Unknown column 'membername' in 'where clause'
[/code]

Not sure where the column "membername" comes into it? It doesn't exists in my table, but "username" does..

[Dodgy Sessions - Please help!!]

Ah yeah!

The amount of times I've looked through and must have missed that  :-\

SQL query, ok. How do I get around this? If you dont mind :)

[Dodgy Sessions - Please help!!]

Any help here would be GREATLY appreciated!! I'm a complete noob, so be warned  :P

- I'm trying to set up a decent and secure enough log in system using sessions.

Here's the code I have:

[code]
<?php

session_start(); //start a sessions :D

$username = $_POST["username"]; //get the username from the form, as $username
$password = md5($_POST["password"]); //get the password from the form in md5

$members = mysql_connect("localhost", "***_users", "***");
    if(!$users) //error checking :D
        {
            echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";
        }

mysql_select_db("***_users");  //select what database to use


$recieve = "SELECT * FROM users WHERE membername='".mysql_real_escape_string($username)."' AND password='".mysql_real_escape_string($password)."'";

echo $receive;

$query = mysql_query($recieve); //do the query

if($rows = mysql_num_rows($query)) //if the query resulted with a row, start the sessions and go to the index

{
    $_SESSION["password"] = $password; //store the users password in a sesions var
    $_SESSION["username"] = $username; //store the username in a session var
   
echo "<meta http-equiv='refresh' content='0; url=index.php' />";

}

else //if not, end incorrect sessions, and go to the index

{
    @session_destroy();
}


?>
[/code]


After logging in with the correct username and password I get:
[code]
Sorry! We could not log you in at this time. Please Try again later!

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/***/public_html/test.php on line 23
[/code]

I realised that there is no defined $rows, does this matter? I'm thinking that my SQL may be wrong?!  ???

Thanks for your help! :)

NOTE: Assume " *** " as the correct info  :D