zyonsherlock

hey guy's! i need an answer to this problem... please........................thanks!

hi chriscloyd! thanks for your reply, but i've tried that yesterday and it still doesn't work. The error is that it doesn't show anything!just the logout link.

guys what's up? i got a problem, i dunno how to make php determine the privilege of the user, i use  sessions but it doesn't work, dunno if it was correct, here is the code: the login page: [code] <?php session_start(); $error = ''; if(isset($_POST['username']) && isset($_POST['password'])){     //if ($_POST['username'] == jovy && $_POST['password'] == jovy){   include 'library/dbconfig.php';   include 'library/dbconn.php';     $username = $_POST['username'];   $password = $_POST['password'];     $query="SELECT * FROM admin_sfs WHERE user = '$username' AND pass = PASSWORD('$password')"; $result = mysql_query($query) or die ('Error! Query Failed! '.mysql_error()); if (mysql_num_rows($result) == 1){     $_SESSION['db_logged_in'] = true; // $_SESSION['db_privileges'] = $result['privileges'];   if ($result['privileges'] == "admin"){   $_SESSION['db_privileges_admin'] = true;     } elseif($result['privileges'] == "accounting"){     $_SESSION['db_privileges_accounting'] = true; }   header('Location: main.php');   exit; }else{   $error = 'Wrong ID/Password! Sorry...'; } include 'library/close.php'; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Login Page</title> <link href="library/css.css" rel="stylesheet" type="text/css" /> <style type="text/css"> <!-- .style2 { font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 14px; } --> </style> </head> <body class="css"> <?php if ($error != '') { ?> <p align="center"><strong><?php echo $error; ?></strong></p> <?php } ?> <form id="frmLogin" name="frmLogin" method="post" action=""> <table width="309" height="109" border="1" align="center">   <tr bgcolor="#003366">     <td colspan="4"><div align="center" class="style2">Login</div></td>   </tr>   <tr>     <td width="37" height="24" align="left" valign="top" bgcolor="#003366">&nbsp;</td>     <td width="65" align="left" valign="top"><label><span class="css">Username:</span></label></td>     <td width="144" align="left" valign="top"><input type="text" maxlength=20 name="username" id="username"/></td>     <td width="35" align="left" valign="top" bgcolor="#003366">&nbsp;</td>   </tr>   <tr>     <td height="24" align="left" valign="top" bgcolor="#003366">&nbsp;</td>     <td align="left" valign="top"><label><span class="css">Password:</span></label></td>     <td align="left" valign="top"><input type="password" name="password" maxlegth=45 id="password" /></td>     <td align="left" valign="top" bgcolor="#003366">&nbsp;</td>   </tr>   <tr>     <td height="26" align="left" valign="top" bgcolor="#003366">&nbsp;</td>     <td align="left" valign="top" bgcolor="#003366">&nbsp;</td>     <td align="left" valign="top" bgcolor="#003366"><input name="Login" class="css" type="Submit" id="Login" value="Login" /></td>     <td align="left" valign="top" bgcolor="#003366">&nbsp;</td>   </tr> </table> <p>   <label></label> </p> </form> </body> </html> [/code] ...and the main page: [code] <?php session_start(); if(!isset($_SESSION['db_logged_in']) || $_SESSION['db_logged_in'] !== true){     header('Location: login.php');   exit; } ?> <table width="990" height="591" border="0" cellpadding="0" cellspacing="0">   <tr>     <td height="93" colspan="2">&nbsp;</td>   </tr>   <tr>     <td width="18%" height="603" valign="top"><table width="206" height="153" border="0" cellpadding="0" cellspacing="0">       <tr valign="top">         <td width="206" height="33">REQUEST FOR PROPOSALS </td>       </tr>       <tr valign="top">         <td class="navi"><p><a target="content" href="welcome.php">WELCOME TO SFS-OLP</a></p>             <p>REQUEST PROPOSALS</p>           <p><a target="content" href="peo-table.php">PEO</a></p>           <p>           <?php                     if (isset($_SESSION['db_logged_in'])){               /*include 'library/dbconfig.php';     include 'library/dbconn.php';         $query = "select * from admin_sfs";         $result = mysql_query($query)or die ('query error!' .mysql_error());     $row = mysql_fetch_assoc($result);*/             if (isset($_SESSION['db_privileges_admin'])){echo '<BR><a target="content" href="olp-table.php">OLP</a>';}     else { echo 'OLP'; }   if (isset($_SESSION['db_privileges_accounting'])){echo '<BR><a target="content" href="accounting.php">Accounting</a>';}     else { echo '<BR> Accounting'; } echo '<BR><a target="parent" href="logout.php">logout</a>';   }    ?>           </p>           <p>&nbsp; </p></td>       </tr>     </table>     <p>&nbsp;</p></td>     <td width="82%" height="603" valign="top" ><table width="810" height="602">       <tr>         <td bordercolor="#000000"><iframe name="content" src="welcome.php" width="100%" height="100%"></iframe></td>       </tr>     </table></td>   </tr> </table> [/code] hope someone can help me with this one. Thanks in advance!!!

just in case someone sees this topic and want some more information about it check this link: [url=http://dev.mysql.com/doc/refman/4.1/en/password-hashing.html]dev.mysql.com/doc/refman/4.1/en/password-hashing.html[/url]. this link end my 3day brain seizure! ;D

hi! thanks for your help! i solved my problem a while ago. i've read the documentation of mysql for this one and i've learned that my problem was my password length, it was set to 40, it must be set to at least 41 bytes so that it can accomodate the long hashes, i've set mine to 45 just in case, thanks again!!!  ;D

i like xbox360, because i have an xbox, and its great!its fast!and it has a hard disk! you don't need any memory card to save your game! but i love playstation, because a lot of my favorite games are exclusive only to playstation. :)

when i do the select "password('password')", it shows the encrypted version, but the encrypted version is 1 (letter or number) longer than the one that was selected in "select * from table;" . e.g. mysql>select * from users; user    password duh      p102p394kr843pouk mysql>select password('password');                           password('password')               p102p394kr843pouk[b]e[/b] When i copy that encrypted one and make a query for it, it still returns an empty set e.g. select username, password where username="duh" and password = "1o2j43ik4j34kjoipo"; is it the encryption of passwords?coz i think thats the problem. i've been stuck with this problem for the past 3 days already, and i dont find any typo errors or any errors at all with my query, if thats the problem, what should i do?

i'm using mysql 5.0.22, i'm using wamp, is wamp has something to do with my problem?

i've got a problem with my query, at first i thought it was in my php script, but it doesn't return any error. after that i run my query in mysql prompt, it seems that whenever i run a query with a "where password = password("password");", it returns an empty set. I search for some answers here and in other online forums, even in mysql ab but nothing helped me with this problem. i'm searching for errors for the past 2 days already, i don't know what to do with this, it's making me nuts already! anyone? help? please?  :'( all answers are welcome...thanks in advance! 

where are the variables coming from? ???