Jump to content

timecatcher

Members
 View Profile  See their activity

  • Posts

    78

  • Joined

  • Last visited

    Never

 Content Type 

Everything posted by timecatcher

  1. timecatcher
    Ok well im slightly confused about the script you posted, could you come on IRC chat if you can it might be easier to explain what I don't understand there as im quite new at PHP I didn't know sessions were any different from cookies or that you HAD to use the..or use the in conjunction with cookies anyway . Sorry. Time.C
  2. timecatcher
    Hey thanks, but I set everything up using cookies so shouldn't it be $_COOKIE['username']? Thanks. EDIT: Oh the code in your post changed xD, im stil pretty new to PHP don't know if I said so whats the login function about and global $login part please? Sorry to ask probably obvious questions. Timecatcher.
  3. timecatcher
    Hey I thought I would make the topic quite open as I seem to be hitting quite a few problems. I decided I would create a Virtual pet site and try and commit myself to something (PHP) however Im finding that PHP can sometimes be quite confusing so I decided to join an actual PHP forum so that I could speak with professionals! So urm here is my problem at the moment. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Login</title> <link rel='stylesheet' href='includes/layoutstylesheet.css' type='text/css'> </head> <body> <? require('includes/connect.inc.php'); require ("includes/loggedoutnavbar.inc.php") ; ?> <div id="content"> <? if (isset($_COOKIE['username']) && ($_COOKIE['password']) != "") { echo'You are logged in.' ; } else { echo 'Please login using the form below.' ; echo '<div id="signinupboxes">' ; echo '<form method="post" action="login.php">' ; echo '<br />' ; echo 'Username:' ; echo '<input type="text" name="username" />' ; echo '<br />' ; echo 'Password:' ; echo '<input type="password" name="password" />' ; echo '<br />' ; echo '<input type="submit" name="submit" value="Login" />' ; echo '<br />' ; echo '</form>' ; echo '</div>' ; } if (isset($_POST['username']) && isset($_POST['password'])) { if (empty($_POST['username'])) { echo'Please enter a username.' ; } elseif (empty($_POST['password'])) { echo'Please enter a password.' ; } else { $username = mysql_real_escape_string($_POST['username']) ; $username = stripslashes($username) ; $password = md5($_POST['password']) ; $password = stripslashes($password) ; $query = mysql_query("SELECT * FROM user ") ; $user_row = mysql_num_rows($query) ; if ($user_row['username'] && $user_row['password'] != $username && $password) { echo'Invalid Password/Username.' ; } else { $timestamp = time()+60*60*24*90 ; //3 Months setcookie('username',$username,$timestamp) ; setcookie('password',$password,$timestamp) ; echo'Welcome '. $username.', to Kuruklands.' ; } } } ?> </div> </body> </html> My problem is I want the login form ONLY to show when a user isn't logged in. The database and register system works fine. Also I want to know if the script will be safe against MYSQL injects is it..? Because I don't want my site being hacked if I can help it. Anyway I look forward to at least one reply . Thanks. Timecatcher.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.