lewisstevens1

Hi i am having a problem, when i try logging in it is always saying "Invalid Login" im not sure what is going wrong, a week ago i had it working. I cant remember the change i did but i know its in one of theese files (dont worry about the styling, i know theres one div i havent closed lol : Login.php <?php include 'dbc.php'; $user_email = mysql_real_escape_string($_POST['email']); $full_name = mysql_real_escape_string($_POST['full_name']); $money = mysql_real_escape_string($_POST['money']); $id = mysql_real_escape_string($_POST['id']); $level = mysql_real_escape_string($_POST['level']); $crystals = mysql_real_escape_string($_POST['crystals']); $userdp = mysql_real_escape_string($_POST['userdp']); $health = mysql_real_escape_string($_POST['health']); $exp = mysql_real_escape_string($_POST['exp']); $rep = mysql_real_escape_string($_POST['rep']); $class = mysql_real_escape_string($_POST['class']); $bonus = mysql_real_escape_string($_POST['bonus']); $tutorial = mysql_real_escape_string($_POST['tutorial']); $mana = mysql_real_escape_string($_POST['mana']); if ($_POST['Submit']=='Login') { $md5pass = md5($_POST['pwd']); $sql = "SELECT id,user_email,full_name,money,level,crystals,userdp,health,exp,rep,class,bonus,tutorial,mana FROM users WHERE user_email = '$user_email' AND user_pwd = '$md5pass' AND user_activated='1'"; $result = mysql_query($sql) or die (mysql_error()); $num = mysql_num_rows($result); if ( $num != 0 ) { session_start(); list($id,$full_name,$user_email,$money,$level,$crystals,$userdp,$health,$exp,$rep,$class,$bonus,$tutorial,$mana) = mysql_fetch_row($result); // session variables $_SESSION['user']= $user_email; $_SESSION['full_name']= $full_name; $_SESSION['money']= $money; $_SESSION['id']= $id; $_SESSION['level']= $level; $_SESSION['crystals']= $crystals; $_SESSION['userdp']= $userdp; $_SESSION['health']= $health; $_SESSION['exp']= $exp; $_SESSION['rep']= $rep; $_SESSION['class']= $class; $_SESSION['bonus']= $bonus; $_SESSION['tutorial']= $tutorial; $_SESSION['mana']= $mana;*/ if (isset($_GET['ret']) && !empty($_GET['ret'])) { header("Location: $_GET[ret]"); } else { header("Location: index.php"); } exit(); } header("Location: login.php?msg=Invalid Login"); exit(); } ?> <link href="styles.css" rel="stylesheet" type="text/css"> <?php if (isset($_GET['msg'])) { echo "<div class=\"msg\"> $_GET[msg] </div>"; } ?> <p> </p><table width="40%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td bgcolor="#000066" class="mnuheader" > <div align="center"><font size="5"><strong>Login Members</strong></font></div></td> </tr> <tr> <td bgcolor="#000099" class="mnubody"><form name="form1" method="post" action=""> <p> </p> <p align="center">Your Email <input name="email" type="text" id="email"> </p> <p align="center"> Password: <input name="pwd" type="password" id="pwd"> </p> <p align="center"> <input type="submit" name="Submit" value="Login"> </p> <p align="center"><a href="register.php">Register</a> | <a href="forgot.php">Forgot</a></p> </form></td> </tr> </table> Register.php <?php session_start(); include ('dbc.php'); if ($_POST['Submit'] == 'Register') { if (strlen($_POST['email']) < 5) { die ("Incorrect email. Please enter valid email address.."); } if (strcmp($_POST['pass1'],$_POST['pass2']) || empty($_POST['pass1']) ) { //die ("Password does not match"); die("ERROR: Password does not match or empty.."); } if (strcmp(md5($_POST['user_code']),$_SESSION['ckey'])) { die("Invalid code entered. Please enter the correct code as shown in the Image"); } $rs_duplicates = mysql_query("select id from users where user_email='$_POST[email]'"); $duplicates = mysql_num_rows($rs_duplicates); if ($duplicates > 0) { //die ("ERROR: User account already exists."); header("Location: register.php?msg=ERROR: User account already exists.."); exit(); } $md5pass = md5($_POST['pass2']); $activ_code = rand(1000,9999); $server = $_SERVER['HTTP_HOST']; $host = ereg_replace('www.','',$server); mysql_query("INSERT INTO users (`user_email`,`user_pwd`,`sex`,`joined`,`activation_code`,`char_name`,`log_name`) VALUES ('$_POST[email]','$md5pass','$_POST[sex]',now(),'$activ_code','$_POST[char_name]','$_POST[log_name]')") or die(mysql_error()); $message = "Thank you for registering an account with $server. Here are the login details...\n\n User Email: $_POST[email] \n Password: $_POST[pass2] \n Activation Code: $activ_code \n ____________________________________________ *** ACTIVATION LINK ***** \n Activation Link: http://$server/myown/activate.php?usr=$_POST[email]&code=$activ_code \n\n _____________________________________________ Thank you. This is an automated response. PLEASE DO NOT REPLY. "; mail($_POST['email'] , "Login Activation", $message, "From: \"Auto-Response\" <notifications@$host>\r\n" . "X-Mailer: PHP/" . phpversion()); unset($_SESSION['ckey']); echo("Registration Successful! An activation code has been sent to your email address with an activation link..."); exit; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html lang="en-US" xml:lang="en-US" xmlns="http://www.w3.org/1999/xhtml"> <link rel="stylesheet" type="text/css" href="main.css"> <link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" /> <style type="text/css"></style> <title>The Website</title> <center> <html> <center> <head> <div style="border: 1px white solid;"> <div id="photolayer" style="z-index: 1; left: 5px; top: 1000px; width: 100%; height: 138px; background-color:#000; visibility: visible" div align = "center"> <img src="header.jpg" alt="Title" border="5px" style="padding-top: 4px"> </div> </div> </head> </center> <body> <p></p> </body> <body> <p></p> </body> <center> <div id="box"> <?php if (isset($_GET['msg'])) { echo "<div class=\"msg\"> $_GET[msg] </div>"; } ?> <div id="center1"> <h1>Registration</h1><img src="images/page1.png"> <form name="form1" method="post" action="tutorial.php"> <table border="0" width="500px";> <tr> <br><th><p>Please choose your <font color="red">characters</font> name:</th><td><br><input name="char_name" type="text" id="char_name"></p></td> </tr> <tr> <th><p>Please choose your <font color="red">login</font> name:</th><td><br><input name="log_name" type="text" id="log_name"></p></td> </tr> <tr> <th><p>Please choose your <font color="red">password</font>:</th><td><br><input name="pass1" type="password" id="pass1"></p></td> </tr> <tr> <th><p>Please <font color="red">re-enter</font> your <font color="red">password</font>:</th><td><br><input name="pass2" type="password" id="pass2"></p></td> </tr> <tr> <th><p>Please enter your <font color="red">email address</font>:</th><td><br><input name="email" type="text" id="email"></p></td> </tr> <tr> <th><br><img src="pngimg.php" align="middle"></th><td><br><input name="user_code" type="text" size="10"></td> </tr> </table> <br><br><input type="submit" name="Submit" value="Register"> </form> </div> </div> </center> <body> <p></p> </body> <div id="box"> <div id="footer"> </div> </div> </div> </div> </style> </center> </html> I dont think its this one as the connection is ok, but here it is anyway <?php $dbname = 'stonersg_myown'; $link = mysql_connect('localhost','stonersg_myown','davemira1') or die("Couldn't make connection."); $db = mysql_select_db($dbname, $link) or die("Couldn't select database"); ?> I thank you in advance for your help. Lewis Stevens

:S still dont really understand... how will i get it so it echos the users level from the database of that user.

Hello i am using mysql sessions to bring back data recalled from a database, the thing is i had to use a premade login script and dont know how to get this working, i can get it working by like selecting id 1, though i wanted to have it so it selects the data by the person logged in, this is some of the code i have. i am only posting the usefull parts though i will attach the files used here as an attachment, if theres any more you want just ask and i can send the whole entire script. I know some divs may not be closed but thats because i shortened it. index.php <?php session_start(); if (!isset($_SESSION['user'])) { header("Location: login.php"); } ?> <?php require_once 'connect.php'; $sql="SELECT * FROM $tbl_name ORDER BY id DESC"; // OREDER BY id DESC is order result by descending $result=mysql_query($sql); ?> <?php while($rows=mysql_fetch_array($result)){ // Start looping table row ?> <?php if (isset($_SESSION['user'])) { ?> <p>Logged as <?php echo $_SESSION['user']; ?> | <a href="settings.php">Settings</a> | <a href="logout.php">Logout</a> </p> <?php } ?> <center> <div id="main_wrapper" style="border: 1px #123 solid;"> <div id="left_navigation_bar" style="border: 1px #000 solid;"> <p><br><br><br> Name: <?php echo $_SESSION['full_name']; ?> [<?php $id ?>]<br> Money: £<?php echo $full_name ?><br> Level: <?php $userlevel ?><br> Crystals: <?php $usercrystals ?><br> Special item: <?php $specialitems ?><br> <br><br> <?php // Exit looping and close connection } mysql_close(); ?> [LOGOUT] </p> register.php <?php session_start(); include ('dbc.php'); if ($_POST['Submit'] == 'Register') { if (strlen($_POST['email']) < 5) { die ("Incorrect email. Please enter valid email address.."); } if (strcmp($_POST['pass1'],$_POST['pass2']) || empty($_POST['pass1']) ) { //die ("Password does not match"); die("ERROR: Password does not match or empty.."); } if (strcmp(md5($_POST['user_code']),$_SESSION['ckey'])) { die("Invalid code entered. Please enter the correct code as shown in the Image"); } $rs_duplicates = mysql_query("select id from users where user_email='$_POST[email]'"); $duplicates = mysql_num_rows($rs_duplicates); if ($duplicates > 0) { //die ("ERROR: User account already exists."); header("Location: register.php?msg=ERROR: User account already exists.."); exit(); } $md5pass = md5($_POST['pass2']); $activ_code = rand(1000,9999); $server = $_SERVER['HTTP_HOST']; $host = ereg_replace('www.','',$server); mysql_query("INSERT INTO users (`user_email`,`user_pwd`,`sex`,`joined`,`activation_code`,`full_name`) VALUES ('$_POST[email]','$md5pass','$_POST[sex]',now(),'$activ_code','$_POST[full_name]')") or die(mysql_error()); $message = "Thank you for registering an account with $server. Here are the login details...\n\n User Email: $_POST[email] \n Password: $_POST[pass2] \n Activation Code: $activ_code \n ____________________________________________ *** ACTIVATION LINK ***** \n Activation Link: http://$server/myown/activate.php?usr=$_POST[email]&code=$activ_code \n\n _____________________________________________ Thank you. This is an automated response. PLEASE DO NOT REPLY. "; mail($_POST['email'] , "Login Activation", $message, "From: \"Auto-Response\" <notifications@$host>\r\n" . "X-Mailer: PHP/" . phpversion()); unset($_SESSION['ckey']); echo("Registration Successful! An activation code has been sent to your email address with an activation link..."); exit; } ?> <link href="styles.css" rel="stylesheet" type="text/css"> <?php if (isset($_GET['msg'])) { echo "<div class=\"msg\"> $_GET[msg] </div>"; } ?> <p> </p> <table width="65%" border="0" cellpadding="0" cellspacing="0"> <tr> <td bgcolor="d5e8f9" class="mnuheader"><strong><font size="5">Register Account</font></strong></td> </tr> <tr> <td bgcolor="e5ecf9" class="forumposts"><form name="form1" method="post" action="register.php" style="padding:5px;"> <p><br> Name: <input name="full_name" type="text" id="full_name"> Ex. Bob Jo Wilson</p> <p>Email: <input name="email" type="text" id="email"> Ex. bobjowilson@domain.com</p> <p>Password: <input name="pass1" type="password" id="pass1"> Atleast 5 chars</p> <p>Retype Password: <input name="pass2" type="password" id="pass2"> </p> <p>Sex: <select name="sex" id="select8"> <option value="Male">Male</option> <option value="Female">Female</option> <option value="PreferNotToSay">Prefer Not To Say</option> </select> </p> <p> <input name="user_code" type="text" size="10"> <img src="pngimg.php" align="middle"> </p> <p align="center"> <input type="submit" name="Submit" value="Register"> </p> </form></td> </tr> </table> <div align="left"></div> </body> </html> login.php <?php include 'dbc.php'; $user_email = mysql_real_escape_string($_POST['email']); if ($_POST['Submit']=='Login') { $md5pass = md5($_POST['pwd']); $sql = "SELECT id,user_email FROM users WHERE user_email = '$user_email' AND user_pwd = '$md5pass' AND user_activated='1'"; $result = mysql_query($sql) or die (mysql_error()); $num = mysql_num_rows($result); if ( $num != 0 ) { // A matching row was found - the user is authenticated. session_start(); list($user_id,$user_email) = mysql_fetch_row($result); // this sets variables in the session $_SESSION['user']= $user_email; if (isset($_GET['ret']) && !empty($_GET['ret'])) { header("Location: $_GET[ret]"); } else { header("Location: index.php"); } //echo "Logged in..."; exit(); } header("Location: login.php?msg=Invalid Login"); //echo "Error:"; exit(); } ?> <link href="styles.css" rel="stylesheet" type="text/css"> <?php if (isset($_GET['msg'])) { echo "<div class=\"msg\"> $_GET[msg] </div>"; } ?> <p> </p><table width="40%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td bgcolor="#000066" class="mnuheader" > <div align="center"><font size="5"><strong>Login Members</strong></font></div></td> </tr> <tr> <td bgcolor="#000099" class="mnubody"><form name="form1" method="post" action=""> <p> </p> <p align="center">Your Email <input name="email" type="text" id="email"> </p> <p align="center"> Password: <input name="pwd" type="password" id="pwd"> </p> <p align="center"> <input type="submit" name="Submit" value="Login"> </p> <p align="center"><a href="register.php">Register</a> | <a href="forgot.php">Forgot</a></p> </form></td> </tr> </table> [attachment deleted by admin]

Ah found what was wrong $con = mysql_connect("localhost","stonersg_dfadmin","password"); if (!$con) { die('Could not connect: ' . mysql_error()); }mysql_select_db("stonersg_darkfamily", $con); mysql_query("UPDATE available SET deathknight='Available' WHERE id = '1'", $con) or die(mysql_error($con)); echo "<br/>UPDATED ". mysql_affected_rows($con)." rows<br/>"; mysql_close($con); another script which i tried before didnt seem to make a difference but changed it from not available to available, so when i was trying to run that script, it couldnt make any further changes. Its working now, and thanks for all who tried to help and thanks Ratcateme for pointing that out lol. thanks all.

Woah now i gettin a strange page: http://www.stonersgathering.com/darkfamily/process.php

Parse error: syntax error, unexpected T_VARIABLE in /home/stonersg/public_html/darkfamily/process.php on line 11 line 11: mysql_query("UPDATE available SET deathknight='Available' WHERE id = '1'"$con) or die(mysql_error($con));

sorry i lost you there, all i have is a php.ini file...i dont have a cllue that the phpinfo() is.

So what could be wrong?

also i found error_reporting = E_ALL & ~E_NOTICE

actually...mines not displaying any kind of error, not even in my error log...and the display errors_on in php.ini is set to on. lol i just echoed anywhere just to try and display some kind of error or an echoed statement as its not displaying else.

display errrors_on also in my error log there is no error which are displayed for today.

Any thoughts mate?

though i may have forgot the <p> tags there, though i tried in process.php here and i am not getting any sort of output...just a blank screen like usual. <?php //Deathknight Available-Not Available $con = mysql_connect("localhost","stonersg_dfadmin","password"); if (!$con) { die('Could not connect: ' . mysql_error()); }mysql_select_db("stonersg_darkfamily", $con); mysql_query("UPDATE available SET deathknight='Available' WHERE id = '1'", echo "<p>Hi</p>";$con) or die(mysql_error($con)); mysql_close($con); echo "<p>Vye</p>"; ?>

woah i accidently echoed it within the wrong document, the one that is ment to have the words change once it echos from the database, though i had nothing change when i echoed here echo "<tr><img src='classimg/warrior_small.gif'> Warrior:"; echo "<td><font color='green'> " . $row['warrior'] . "<br></font></td>"; echo "Updating Now Inside"; echo "</tr>";

the only ifs i have are: if (!$con) { die('Could not connect: ' . mysql_error()); } in the connection variable though between my connection part, and the echo part there is a function i am not sure, if needed. i will signify with wrapping --------- around it. mysql_select_db("stonersg_darkfamily", $con); ------------------------------------------------------------------ $result = mysql_query("SELECT * FROM available WHERE id='1'"); ------------------------------------------------------------------ echo "Recruitment Table:<br><br>"; ?> <div id="class" div align="left"> <?php while($row = mysql_fetch_array($result)) { echo "<tr><img src='classimg/deathknight_small.gif'> Death Knight:"; echo "<td><font color='green'> ". $row['deathknight'] . "<br></font></td>";

Ok?

Did it work?

i think he means that he get an error "you are not logged in" once you press the login button? i cannot be certian but it would need his conformation

Well i using sorta same code as the one to get the data to display before the update the next code will make more sense if you read the private message i sent you. $result = mysql_query("SELECT * FROM available WHERE id='1'"); while($row = mysql_fetch_array($result)) { echo "<td><font color='green'> ". $row['deathknight'] . "<br></font></td>"; mysql_close($con);

Well im not sure if this will help you. but i done something like that. I first added a file called connect2.php where i had like my connection functions to connect then i created simple html doc called main_login.php where i just used input fields for the data <input name="myusername" type="text" id="myusername"><input name="mypassword" type="text" id="mypassword"> then created a new file called checklogin.php <?php require_once 'connect2.php'; // username and password sent from form $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "login_success.php" session_register("myusername"); session_register("mypassword"); header("location:login_success.php"); } else { echo "Invalid Username or Password"; } ?> then created a doc called login_success.php <? session_start(); if(!session_is_registered(myusername)){ header("location:http://www.whatever.com ?> then for the logout i used <? session_start(); session_destroy(); header("location:http://www.whatever.com"); ?> something like that i think.

Mmm ratcateme or anyone? still able to help? please?

Ah...sorry, such a silly mistake lol. Well, no error, though no change to the database either. =S What do you think could be wrong?

Parse error: syntax error, unexpected T_VARIABLE in /home/stonersg/public_html/darkfamily/process.php on line 10 Line 10: mysql_query("UPDATE available SET sex='Male' WHERE id = '1'" $con) or die(mysql_error($con));

Hello i need some help updating a field in my database, i dont know what i am doing wrong...heres my code. <?php $con = mysql_connect("localhost","*********","**********"); if (!$con) { die('Could not connect: ' . mysql_error()); }mysql_select_db("**********", $con); mysql_query("UPDATE available SET sex= 'Male' WHERE id = '1'");mysql_close($con); ?> available = table | sex = field I on the front page it says if they are male or female, what i want is it to change when they click a button, it has to be on a seperate page, so i thought just add the Male/Female words in a database and then just recall that, i can recall that, though when i update the field, it does nothing. if i add a field it will show it twice. What can i do? please can someone help Many thanks Lewis Stevens

...well i found out in alot of my code, when im trying to put a navigation url, it normally works if i take the . out so try include('/config.php'); include ($sm['path_inc'] . 'header.php'); $sm['page_name'] = 'Welcome to ' . $sm['page_name']; problem is, that would only like to the file in the same directory, if you wanted one in another directory you would have to do something like this, e.g. my folder is called Newfolder and my file im trying to link to is called Newfile.php: include('Newfolder/Newfile.php')... is this what you were trying to get at?