Jump to content

[SOLVED] login not working :S

runnerjp

By runnerjp
in PHP Coding Help

Recommended Posts

runnerjp Advanced Member

runnerjp

Posted
Posted

i have been imroving my login system but it does not seem to work... all it does is refresh my page..

 

login.php

<?php <link rel="stylesheet" type="text/css" href="css/login.css">

<table width="150" border="1" cellpadding="3" cellspacing="0" bordercolor="#000000">
  <tr>
    <td width="200" bordercolor="99b3b4" bgcolor="99b3b4"><span class="style5">
      <center>
      <em><u>Login</u></em>
        </center></span></td>
  </tr>
  <tr>
    <td bordercolor="99b3b4" bgcolor="#FFFFFF" ><form action="<?=$_SERVER['PHP_SELF']?>" method="post">

		<input type="hidden" name="_submit_check" value="1"/>
		  <div style="margin-top:12px; margin-bottom:10px">	
                <span class="style4"><em>Username:                </em></span>
                <input class="input" type="text" name="username" id="username" size="25" maxlength="30" value="" />
	  </div>
<div style="margin-top:12px; margin-bottom:10px">
                <span class="style4"><em>Password:</em></span>
  <input class="input" type="password" name="password" id="password" size="25" maxlength="30" />
</div>
<center><?php if ( ALLOW_REMEMBER_ME ):?>

			<input type="checkbox" name="remember" id="remember" />
			<label for="remember">Remember me</label>

		<?php endif;?></center>
				<table width="150" align="center">
              <tr>
                <td width="97" align="center" valign="middle"><div align="center">
                  <input name="Login" type="image"  class="submit-btn" title="submit" value="Login" src="images/btn.gif" alt="submit"  align="middle" />
                </div></td>
                <td width="41" align="center" valign="middle"> </td>
              </tr>
            </table>			
		<center>
		  <span class="style8"><a href="http://www.runningprofiles.com/register.php" onclick="NewWindow(this.href,'register','240','500','no','center');return false" onfocus="this.blur()" class="style6">
		Register</a> / <a href="forgot_password.php" onclick="NewWindow(this.href,'forgot_password','270','250','no','center');return false" onfocus="this.blur()" class="style6">Lost Password </a></span>
          

</center>  <center>
    <div  style="margin-top:12px; margin-bottom:10px"	id="log">
<?php if ( isset( $error ) ) { echo '			<p class="error">' . $error . '</p>' . "\n";}?>
</div>         </center>
    </form></td>
  </tr>
</table>

    
<!-- here is the function for the popup window dont delete jarratt -->

<script>
var win=null;
function NewWindow(mypage,myname,w,h,scroll,pos){
if(pos=="random"){LeftPosition=(screen.availWidth)?Math.floor(Math.random()*(screen.availWidth-w)):0;TopPosition=(screen.availHeight)?Math.floor(Math.random()*((screen.availHeight-h)-75)):0;}
if(pos=="center"){LeftPosition=(screen.availWidth)?(screen.availWidth-w)/2:0;TopPosition=(screen.availHeight)?(screen.availHeight-h)/2:0;}
if(pos=="default"){LeftPosition=0;TopPosition=0}
else if((pos!="center" && pos!="random" && pos!="default") || pos==null){LeftPosition=0;TopPosition=20}
settings='width='+w+',height='+h+',top='+TopPosition+',left='+LeftPosition+',scrollbars='+scroll+',location=no,directories=no,status=no,menubar=no,toolbar=no,resizable=no';
win=window.open(mypage,myname,settings);
if(win.focus){win.focus();}}
function CloseNewWin(){if(win!=null && win.open)win.close()}
window.onfocus=CloseNewWin;</script>

 

then loginfunction.php

 

<?php
if(isset($_GET['login'])) {
//removes sql injections from the data
$username= htmlspecialchars(addslashes($_POST[username])); 
//encrypts the password
$password = sha1(md5(md5(sha1(md5(sha1(sha1(md5($_POST[password]))))))));
//gets the username data from the members database
$uinfo = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error()); 
//see if the user exists
$checkuser = mysql_num_rows($uinfo);
//if user name not found in database error
if($checkuser == '0')
{
echo "Username not found";
}else{
//fetch the sql
$udata = mysql_fetch_array($uinfo);
//checks see if the account is verified
if($udata[userlevel] == 1) { 
echo "This account had not been verified.";
}
//if it is continue
else
//if the db password and the logged in password are the same login
if($udata[password] == $password) {
$query = mysql_query("SELECT * FROM `members` WHERE `username` = '$username'") or die(mysql_error()); 
//fetchs the sql
$user = mysql_fetch_array($query);
//sets the logged session
$_SESSION['id'] = "$user[id]";
$_SESSION['password'] = "$user[password]";

echo "You are now logged in, Please wait. . .";
//redirects them
echo "<meta http-equiv='Refresh' content='2; URL=/members/index.php'/>";
}
//wrong password
else{
echo "Incorrect username or password!"; 
}
}
}
echo "<center>";
?>

 

 

 

i will also add register.php so you can see how the data is beeing put into the table :)

 

register.php

<?php
session_start(); //allows session
include "config.php";
echo "<center>";
//checks if there trying to veriy there account
if(isset($_GET['verify'])) {
//gets the code and makes it safe
$code = addslashes($_GET['code']);
//gets the code from the database
$getcode=mysql_query("SELECT * FROM `verification` WHERE `code` = '$code'");
//counts the number of rows
$getcode = mysql_num_rows($getcode);
//if the ammount of rows is 0 the code does not exist
if($getcode == 0) { 
echo "Invalid verification code!"; 
} 
//or if the code does exist we will activiate there account
else{
//get the data from the database
$getcode=mysql_query("SELECT * FROM `verification` WHERE `code` = '$code'");
//fetchs the data from the db
$dat = mysql_fetch_array($getcode);
//sets the users user level to 2 which means they can now use there account
$update = mysql_query("UPDATE `members` SET `userlevel` = '2' WHERE `username` = '".$dat['username']."'") or die(mysql_error());
//deletes the code as there is no use of it now
$delete = mysql_query("DELETE FROM `verification` WHERE code = '$code'");
//says thanks and your account is ready for use
echo "Thank you, Your account has been verified.";
}
}else
//if we have posted the register for we will register this user
if(isset($_GET['register'])) {
//check to see if any fields were left blank
if((!$_POST[username]) || (!$_POST[password]) || (!$_POST[cpassword]) || (!$_POST[email])) {
echo "A field was left blank please go back and try again.";
}else{
//posts all the data from the register form
$username = $_POST[username]; 
$password = $_POST[password]; 
$cpassword = $_POST[cpassword]; 
$email = $_POST[email];
//check see if the 2 passwords are the same
if($password == $cpassword)
{
//encrypts the password 8 times
$password = sha1(md5(md5(sha1(md5(sha1(sha1(md5($password)))))))); 
$cname = mysql_query("SELECT `username` FROM `members` WHERE `username` = '$username'"); 
$cname= mysql_num_rows($cname); 
//checks to see if the username or email allready exist
if($cname>=1) { 
echo "The username is already in use"; 
}else{
//gets rid of bad stuff from there username and email
$username = addslashes(htmlspecialchars($username)); 
$email = addslashes(htmlspecialchars($email));

if($semail == "1") { // $email set as 1 means email activation is active
//adds them to the db
$adduser = mysql_query("INSERT INTO `members` (`username`, `password`, `email`) VALUES('$username','$password','$email')");
//posible letters for the verification code
$alphanum  = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
//shuffles the letters around to create a 16 long code
$code = substr(str_shuffle($alphanum), 0, 16); 
//adds there code along with there user name to the db
$addcode = mysql_query("INSERT INTO `verification` (`username`, `code`) VALUES('$username','$code')");
//don't edit this, this is the link for there activication
$link = "http://$host$self?verify&code=$code";
//sends the email to the person
mail("$email", "Member-Ship Validation", "Thank you for registering on $sitename.
Please copy the below link into you address bar,

$link", "From: Site Verification");
//message sent now lets tell them to check there email
echo "You are now registered,<br><br>Please check your email to activate your account.";
}else{ //no need for email activation
$adduser = mysql_query("INSERT INTO `members` (`username`, `password`, `email`, `userlevel`) VALUES('$username','$password','$email','2')");
echo "You are now registered,<br><br>You can now loggin to your account";
}
}
}else{
echo "Your password and conformation password do not match!";
}
}
}else{
//none of the above so lets show the register form
echo "<form action='register.php?register' method='post'>
<table width='350'>
  <tr>
    <td width='150'>Username:</td>
    <td width='200'><input type='text' name='username' size='30' maxlength='25'></td>
  </tr>
  <tr>
    <td>Password:</td>
    <td><input type='password' name='password' size='30' maxlength='25'></td>
  </tr>
  <tr>
    <td>Confirm Password:</td>
    <td><input type='password' name='cpassword' size='30' maxlength='25'></td>
  </tr>
  <tr>
    <td>Email:</td>
    <td><input type='text' name='email' size='30' maxlength='55'></td>
  </tr>
  <tr>
    <td colspan='2'><center><input type='submit' value='Register'></center></td>
  </tr>
</table>
</form>";
}
echo "<center>";
?>

Link to comment
https://forums.phpfreaks.com/topic/104849-solved-login-not-working-s/
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.