NTSmarkv

I added the echo on the do_login I tried it, no echo's

let me do that now,and see what I get

Ok So the main purpose of this is: 1). User has to grab a OTP from the generator (work's) 2) the OTC updates in the database field (work's) via the person's user_email 3). it sends an email containing the OTP what it is not doing is, when they go and login, it just keeps saying invalid login credentials. I'm pasting my code below to see if anyone can help me out here. this is still a work in progress. do_login.php (not working here) Keep's saying invalid password. <?php if(empty($_POST)) exit; include 'config.php'; // declare post fields $post_user_email = trim($_POST['user_email']); $post_password = trim($_POST['authcode']); $post_autologin = $_POST['autologin']; if(($post_user_email == $config_email) && ($post_password == $config_password)) { $_SESSION['Site-Key'] = $config_email; // Autologin Requested? if($post_autologin == 1) { $password_hash = md5($config_password); // will result in a 32 characters hash setcookie ($cookie_name, 'usr='.$config_email.'&hash='.$password_hash, time() + $cookie_time); } exit('OK'); } else { echo '<div id="error_notification">The submitted login info is incorrect.</div>'; } ?> Index.php <?php require_once 'config.php'; if(isset($_SESSION['google-ads123123'])) { header("Location: http://forum.site1.com"); exit; } ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML> <HEAD> <TITLE>Access Required</TITLE> <script type="text/javascript" src="js/mootools-1.2.1-core-yc.js"></script> <script type="text/javascript" src="js/process.js"></script> <link rel="stylesheet" type="text/css" href="style.css" /> </HEAD> <BODY> <center> <div id="status"> <fieldset><legend align="center">Authentication</legend> <div id="login_response"><!-- spanner --></div> <form id="login" name="login" method="post" action="do_login.php"> <table align="center" width="200" border="0"> <tr> <td width="80">Email</td><td><input id="user_email" type="text" name="user_email"></td> </tr> <tr> <td>AuthCode:</td> <td><input type="password" name="authcode"></td> </tr> <tr> <td> </td> <td><input type="checkbox" name="autologin" value="1">Remember Me</td> </tr> <tr> <td> </td> <td><input id="submit" type="submit" name="submit" value="Login"> <br /> <a href="getcode.php"> Get Auth Code </a> <div id="ajax_loading"><img align="absmiddle" src="images/spinner.gif"> Processing...</div></td> </tr> </table> </form> </fieldset> </div> </center> </BODY> </HTML> getcode.php (generates a MD5 and adds into db) <?php $db_host = '123'; $db_username = '123'; $db_password = '123'; $db_name = '123'; @mysql_connect($db_host, $db_username, $db_password) or die(mysql_error()); @mysql_select_db($db_name) or die(mysql_error()); // This is displayed if all the fields are not filled in $empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back"; // Convert to simple variables $email_address = $_POST['user_email']; if (!isset($_POST['user_email'])) { ?> <h2>Generate your Auth Code</h2> <form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>"> <p class="style3"><label for="user_email">Email:</label> <input type="text" title="Please enter your email address" name="user_email" size="30"/></p> <p class="style3"><label title="Generate Auth Code">&nbsp</label> <input type="submit" value="Submit" class="submit-button"/></p> </form> <?php } elseif (empty($email_address)) { echo $empty_fields_message; } else { $status = "OK"; $msg=""; //error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR); if (!stristr($email_address,"@") OR !stristr($email_address,".")) { $msg="Your email address is not correct<BR>"; $status= "NOTOK";} echo "<br><br>"; if($status=="OK"){ $query="SELECT username FROM users WHERE user_email = '$email_address'"; $st=mysql_query($query); $recs=mysql_num_rows($st); $row=mysql_fetch_object($st); $em=$row->user_email;// email is stored to a variable if ($recs == 0) { echo "<center><font face='Verdana' size='2' color=red><b>No Auth Code</b><br> Sorry Your address is not in our database ."; exit;} function makeRandomPassword() { $salt = "abchefghjkmnpqrstuvwxyz0123456789"; srand((double)microtime()*1000000); $i = 0; while ($i <= 7) { $num = rand() % 33; $tmp = substr($salt, $num, 1); $pass = $pass . $tmp; $i++; } return $pass; } $random_password = makeRandomPassword(); $db2_password = md5($random_password); $sql = mysql_query("UPDATE users SET authcode='$db2_password' WHERE user_email='$email_address'"); $subject = "Auth Code Verification"; $message = " Here is your Auth Code, Auth Code: $random_password Auth Code: $db2_password This is an automated response, please do not reply!"; mail($email_address, $subject, $message, "From: Auth Server<theslcguy@safe-mail.net.com>"); echo "Your Auth Code has been sent! <br /> Please check your email! <br /> Also Allow up to 5 minutes to recieve your Code...<br />"; echo "<br><br>Click <a href='http://auth.site1.com'>here</a> to login"; } else { echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";} } ?> Config.php <?php session_start(); // Start Session header('Cache-control: private'); // IE 6 FIX // always modified header('Last-Modified: ' . gmdate("D, d M Y H:i:s") . ' GMT'); // HTTP/1.1 header('Cache-Control: no-store, no-cache, must-revalidate'); header('Cache-Control: post-check=0, pre-check=0', false); // HTTP/1.0 header('Pragma: no-cache'); // ---------- LOGIN INFO ---------- // $config_email = $POST["user_email"]; $config_authcode = $POST["authcode"]; $cookie_name = 'google-ads123123'; $cookie_time = (3600 * 24 * 30); // 30 days if(!$_SESSION['google-ads123123']) { include_once 'autologin.php'; } ?>

OK so I created my own OTP auth system, and It work's 100% but this is what I need help with; When you go to my site, it will load the auth system. You click on get auth code, it will then either SMS the code to you or send via email depending on your preference. Then you enter your email and your code you just got. Now my problem is when you enter both, it doesn't direct you to the right part of the site, it keep's loading the auth system. checkauth.php if(isSet($cookie_name)) { // Check if the cookie exists if(isSet($_COOKIE[$cookie_name])) { parse_str($_COOKIE[$cookie_name]); // Make a verification if(($usr == $config_username) && ($hash == md5($config_password))) { // Register the session $_SESSION['Site-Key'] = $config_username; } } } dologin.php if(empty($_POST)) exit; include 'config.php'; // declare post fields $post_username = trim($_POST['username']); $post_password = trim($_POST['authcode']); $post_autologin = $_POST['autologin']; if(($post_username == $config_username) && ($post_password == $config_password)) { $_SESSION['Site-Key'] = $config_username; // Autologin Requested? if($post_autologin == 1) { $password_hash = md5($config_password); // will result in a 32 characters hash setcookie ($cookie_name, 'usr='.$config_username.'&hash='.$password_hash, time() + $cookie_time); } exit('OK'); } else { echo '<div id="error_notification">The submitted login info is incorrect.</div>'; } doauth.php if(isSet($_COOKIE['Site-Key'])) { header("Location: http://mysite.com/forum"); } else { header("Location: http://auth.mysite.com"); exit; } Any help would be greatly appreciated, everything work's but the Cookies, and redirect from cookie auth

gotcha, yeah Irc been having probs over the last 6 months recently, a Fix would be: /msg nickserv release [username] [password] then have an OP change thier name into your's, then back to thiers, adn you can now login to your nick. Tested, and worked for me, thanks Salathe

Howdy, not sure where to put this, But I login to IRC, try to use my username, and BAM. * PHPhreak H enforcer@phpfreaks.com :0 Services Enforcer phphreak End of /WHO list. anyone know how long the actual enforcer hod is on the irc server?

1). Dont use $_GET or $_POST anymore... Please use $_REQUEST it does them both. 2). Create another table called Report or whatever you want. 3). Make a <a href like you did, add the variables include an onclick() to check if sent or make a popup. go from there.

work above code it should echo out MT... just keep adding or change to array..

just use header()... example: Header("Location: index.php"); anytime you have that on a page. it will always redirect you, so if you have a main header.php on your site add near top under session. Bam your done, when your done updating to go back live just comment it out.

Go from here: <?php function week_of_year($day) { //Get date supplied Timestamp; $thisdate = mktime($day); if (date("D", mktime(1)) == "Mon"){ echo "M"; } $thisdate = mktime($day); if (date("D", mktime(1)) == "Tues"){ echo "T"; }

Add your image into a variable: $html ="<img src='beerchug.gif'> then in $msg call the variable.. at the very beginning example: $message = "$html;<br />Thankyou for registering at Test, your login details are as follows: <br />

perhaps maybe your connection info?? I see a few things wrong with it

{echo "<option value='freshman' selected = 'selected'>Freshman</option>}";} to this: { echo "<option value='freshman' selected = 'selected'>Freshman</option>"; }

function br2nl($string) { return preg_replace('/\<br(\s*)?\/?\>/i', "\n", $string); } That should simplify it for yah

Server: phpfreaks.sytes.net Port 6667 Same Channels as other IRC server; #Help - Join this channel if you need help, or wish to help others. #Chat - Join here just to relax and have fun. all general comments, and suggestions go here. I did this basically Im a big fan of Phpfreaks IRC... And I'm hurting it's not on...