Jump to content

Problem with cookies, remember and registration page

DeanWhitehouse

By DeanWhitehouse
in PHP Coding Help

 Share

Recommended Posts

DeanWhitehouse Advanced Member

DeanWhitehouse

Posted
Posted

i

<?php
// Random Game Design: PHP Website Template
//  Version 1
//  Copyright Dean Whitehouse, 2008

require_once 'db_connect.php';

// Connect to database
mysql_connect($dbhost,$dbuser,$dbpass)
or die('Could not connect: ' . mysql_error());

$user_name = $_POST["user_name"];		
$user_password = $_POST["user_password"];		
$user_password2 = $_POST["user_password2"];
$user_email = $_POST["user_email"];		
$user_email2 = $_POST["user_email2"];
$ip = $_SERVER['REMOTE_ADDR'];
//if(isset($_POST['agree'])){
if(isset($_POST['signup'])){
if ($user_name && $user_password && $user_password2 && $user_email && $user_email2)
{
	$user_check = mysql_num_rows(mysql_query("SELECT * FROM `$user` WHERE user_name='$user_name'"));	
	if ($user_check >= 1)	
{
require_once 'register.php';
	echo "Sorry, but the username you requested is already in use. Please enter a different username.";
}

elseif ($user_password == $user_password2 && $user_email == $user_email2)
{
$salt = substr($user_password, 0, 2);
$userPswd = crypt($user_password, $salt);
mysql_query("INSERT INTO `$user` (user_id,  user_name, user_password, user_email, user_ip, userlevel) VALUES ('','$user_name','$userPswd','$user_email','$ip','2')")
or die('Error ' . mysql_error());
header("Location:http://".$_SERVER[HTTP_HOST]);//header("Location:http://".$_SERVER[HTTP_HOST])"/login.php";
 }
else
{
require_once 'register.php';
echo "Either the passwords or emails you entered do not match. Please check these details and try again";
}
} 
}
else 
{
require_once 'register.php';
echo "Please fill in all of the required fields.";
}
//}
;
?>
<html>
<table bgcolor='#999999' align='center' width="400px">
<form action='<?php $_SERVER['PHP_SELF']; ?>' method='POST'>
<tr><td width="10px">Username: </td><td><input type='text' name='user_name' maxlength="20" width="400px" /><br /></td></tr>
<tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr>
<tr><td width="10px">E-mail Address:</td> <td><input type='text' name='user_email' /><br /></td></tr>
<tr><td width="10px">Confirm E-mail Address: </td><td><input type='text' name='user_email2' /><br /></td></tr>
<tr><td width="10px">Password:</td><td> <input type='password' name='user_password' maxlength="30" /><br /></td></tr>
<tr><td width="10px">Maximum Length<br /> 20 characters.</td></tr>
<tr><td width="10px">Confirm Password:</td><td> <input type='password' name='user_password2'  maxlength="30"/><br /></td></tr>
<tr><td><input type='submit' value='Complete Registration' name='signup' /></td><td><input type="reset" value="Reset Fields" name="reset" /></td></tr>
</form>
</table>
</html>
<?php 
mysql_close();
?>

 

this is my registration code. this is a link to the page. http://deanwhitehouse.awardspace.co.uk/test/register.php

 

this is my login code.

<?php
require_once 'db_connect.php';

if ($_SESSION['is_valid'] == false){
if (isset($_POST['login'])){

$user_name = $_POST["user_name"];        
$user_password = $_POST["user_password"]; 
$cookiename = forumcookie;   
$verify_username = strlen($user_name);
$verify_pass = strlen($user_password);
if ($verify_pass > 0 && $verify_username > 0)
{
$salt = substr($user_password, 0, 2);
$userPswd = crypt($user_password, $salt);
$sql = "SELECT * FROM `$user` WHERE user_name='$user_name' AND user_password='$userPswd' LIMIT 1;";
$result = mysql_query($sql);
if (mysql_num_rows($result) == 1){
	$row = mysql_fetch_assoc($result);
	$user_level = $row['userlevel'];
	if ($user_level == 1) {
		$login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = 	'$_GET[p]'"));

		$userright = array($login_check['user_name'], $login_check['userlevel']);
		$s_userpass = serialize($userpass);
	$_SESSION['username'] = $row['user_name'];
	$_SESSION['user_password'] = $row['user_password'];
	$_SESSION['user_level'] = $row['userlevel'];
	header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]);
	$_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files
	 if(isset($_POST['remember'])){
    	  setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
    	  setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/");
   		}
	} 
		elseif ($user_level == 2){    
			$login_check = @mysql_fetch_array(mysql_query("SELECT * from `$user` WHERE user_name = '$_GET[u]' AND user_password = '$_GET[p]'"));

			$userright = array($login_check['user_name'], $login_check['userlevel']);
		$s_userpass = serialize($userpass);
	$_SESSION['username'] = $row['user_name'];
	$_SESSION['user_password'] = $row['user_password'];
	$_SESSION['user_level'] = $row['userlevel'];
	header("Location:http://".$_SERVER[HTTP_HOST].$_SERVER[REQUEST_URI]);
	$_SESSION['is_valid'] = true; //change the session variable name to what you want, just remember it for all files
	 if(isset($_POST['remember'])){
    	  setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
    	  setcookie("cookpass", $_SESSION['user_password'], time()+60*60*24*100, "/");
   		}
	}
}
else{
	echo "Login failed. Username and Password did not match database entries.";    
}
}

else
{
echo "Form was not completed. Please go back and make sure that the form was fully completed.";    
}
}
?> 

<html>
<table bgcolor='#999999' align='right'><form action="<?php $_SERVER['PHP_SELF']; ?>" method='POST'>
<tr><td>Username: </td><td><input type='text' name='user_name' /><br /></td></tr>
<tr><td>Password:</td><td> <input type='password' name='user_password' /><br /></td></tr>
<tr><td><input type="hidden" name="login" value="true"><input type="submit" value="Submit"></td></tr>
<tr><td><input type="checkbox" value="1" name="remember"> Remember Me </td></tr><tr><td><a href="register.php">[Register]</a></td></tr><tr><td><a href="forgot_password.php">[Forgot Password?]</a></td></tr></table>
</form>
</html>

<?php 
mysql_close();
}
else
{
header("Location:http://".$_SERVER[HTTP_HOST]);
}
?>

 

when you register it should

1. redirect to the login page

2.if not all fields are filled in show an echo

3.if the passwords or emails don't match it should show an echo.

 

this kinda works, but when i clicked remember me on the login page, it went all wrong, when i go to the registration page, it enters my username and password.

If i delete these then fill them all in when i click submit it reloads the page, with no errors, same if i submit with nothin or different passwords.

Link to comment
Share on other sites
DeanWhitehouse Advanced Member

DeanWhitehouse

Posted
  • Author
Posted

the commented part doesn't work when i use it, and when i go the registration page it has the data from the remember me , although i used this to kill the cookie in the logout script

logout.php

<?php
require_once 'db_connect.php';
session_unset();
session_destroy();
setcookie("cookname", $_SESSION['username'], time() - 3600, "/");
setcookie("cookpass", $_SESSION['user_password'], time() - 3600, "/");
header("Location:http://".$_SERVER[HTTP_HOST]);
?>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.