phpzone Posted May 23, 2008 Share Posted May 23, 2008 You need $_SESSION as well, not $SESSION Quote Link to comment Share on other sites More sharing options...
Letterbomb05 Posted May 23, 2008 Author Share Posted May 23, 2008 Christ whats wrong with me today, will do that. Quote Link to comment Share on other sites More sharing options...
Letterbomb05 Posted May 23, 2008 Author Share Posted May 23, 2008 Still...Nothing. PHPzone, I don't expect you to, but would you be able to rewrite this script but with better bits and bobs? If you could it would be much appreciated. Quote Link to comment Share on other sites More sharing options...
phpzone Posted May 23, 2008 Share Posted May 23, 2008 When you say you are getting nothing, do you mean a completely blank white page, or just not the result you expect? Post the full code one more time. Quote Link to comment Share on other sites More sharing options...
Letterbomb05 Posted May 23, 2008 Author Share Posted May 23, 2008 What happens is, I type in the details, hit login and it pretty much just refreshed index.php and i see everything how index.php is suppost to look. www.Team-Recoil.com/newtemplate <-- register and try to login if you wish <?php error_reporting( E_ALL ); set_ini('display_errors','On'); session_start(); // database information $dbhost = "localhost"; $dbname = ""; $dbuser = ""; $dbpass = ""; // connect to database mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error()); mysql_select_db($dbname) or die(mysql_error()); // retrieve form input $username = htmlentities(mysql_real_escape_string($_POST['username'])); $password = (md5($_POST['password'])); // query the database $query = "SELECT * from users WHERE username='$username' and password='$password'"; $result = mysql_query($query) or die(mysql_error()); echo "query: $query"; $qAssoc = mysql_fetch_assoc($result); $rank = $qAssoc['rank']; if(mysql_num_rows($result) === 0 || $qAssoc['rank'] == 0){ include('incorrect.php'); }else{ if ( $rank == 1 ) { $_SESSION['registered'] = true; } if ( $rank == 2 ) { $_SESSION['member'] = true; } if ( $rank == 3 ) { $_SESSION['moderator'] = true; } if ( $rank == 4 ) { $_SESSION['admin'] = true; } header("Location: http://www.team-recoil.com/newtemplate/info.php"); } // end of script ?> Quote Link to comment Share on other sites More sharing options...
phpzone Posted May 23, 2008 Share Posted May 23, 2008 ok, give me a mo, get back to you soon as poss. Quote Link to comment Share on other sites More sharing options...
Letterbomb05 Posted May 23, 2008 Author Share Posted May 23, 2008 Thanks Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted May 23, 2008 Share Posted May 23, 2008 when i tried to log in,without a username i got a white screen, they may be something wrong with the form? Quote Link to comment Share on other sites More sharing options...
Letterbomb05 Posted May 23, 2008 Author Share Posted May 23, 2008 Thanks for that, Blade280891. This makes me think there might be something going on with the query, because the script can't be getting through very far. As far as I'm aware the form itself is fine. Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted May 23, 2008 Share Posted May 23, 2008 try echoing the username and password out, to make sure they are being read Quote Link to comment Share on other sites More sharing options...
phpzone Posted May 23, 2008 Share Posted May 23, 2008 I actually noticed I told you to do set_ini, i meant ini_set ... DOH! Well, it is 0:35am... lol Try the following and tell me if you get anything or if it just bombs, i've only syntax checked it as I don't have database set up here. <?php // database information $dbhost = "localhost"; $dbname = ""; $dbuser = ""; $dbpass = ""; error_reporting( E_ALL ); ini_set('display_errors', 'On'); session_start(); define( 'DEBUG', true ); function debug( $file, $line, $message ) { if ( !DEBUG ) return false; $message = htmlspecialchars( $message, ENT_QUOTES ); echo "<p>DEBUG> In file $file at line $line:<br />{$message}"; } // connect to database mysql_connect ( $dbhost, $dbuser, $dbpass ) or die("Could not connect: " . mysql_error() ); mysql_select_db( $dbname ) or die( "Unable to select database {$dbname}: " . mysql_error() ); // retrieve form input $username = htmlentities(mysql_real_escape_string($_POST['username'])); $password = $_POST['password']; debug( __FILE__, __LINE__, "Username = {$username} Password = {$password}"); // query the database $query = "SELECT * FROM users WHERE username='{$username}' AND password=MD5('{$password})'"; debug( __FILE__, __LINE__, "query: $query" ); $result = mysql_query($query) or die( mysql_error() ); $qAssoc = mysql_fetch_assoc($result); $rank =@ (int)$qAssoc['rank']; if( mysql_num_rows($result) == 0 || $rank == 0){ require_once 'incorrect.php'; } else { $ranks = array(1=>'registered', 2=>'member', 3=>'moderator', 4=>'admin' ); if ( array_key_exists( $rank, $ranks ) ) { $_SESSION[$ranks[$rank]] = true; } else { exit( debug( __FILE__, __LINE__, "There is no such rank "{$rank}"") ); } exit( header("Location: http://www.team-recoil.com/newtemplate/info.php") ); } // end of script ?> Quote Link to comment Share on other sites More sharing options...
Letterbomb05 Posted May 23, 2008 Author Share Posted May 23, 2008 Thanks very much! I'll check it out now. Quote Link to comment Share on other sites More sharing options...
Letterbomb05 Posted May 23, 2008 Author Share Posted May 23, 2008 Uploaded, I try to login and just get a whitescreen. It's an advance from earlier though, I'll try replacing the header with an include. Quote Link to comment Share on other sites More sharing options...
Letterbomb05 Posted May 23, 2008 Author Share Posted May 23, 2008 Don't know whats going on now...Same thing that was happening earlier :S Quote Link to comment Share on other sites More sharing options...
phpzone Posted May 23, 2008 Share Posted May 23, 2008 Are you successfully using MySQL in any scripts on your site? Quote Link to comment Share on other sites More sharing options...
Letterbomb05 Posted May 23, 2008 Author Share Posted May 23, 2008 Yes Quote Link to comment Share on other sites More sharing options...
Letterbomb05 Posted May 23, 2008 Author Share Posted May 23, 2008 <form method="post" name="login" action="login.php"> <ul> <li id="loginform">Username: <input id="username" type="text" name="username" /> Password: <input id="password" type="password" name="password" /></li> <li> <input type="image" value="Submit" src="login.gif" height="18px" style="padding-top:2px;" /> </li> </ul> </form> I myself don't see any errors there. encase you hadn't guessed, I'm not very experienced. Quote Link to comment Share on other sites More sharing options...
phpzone Posted May 23, 2008 Share Posted May 23, 2008 I made a boob, might not be the problem though, query line should be: $query = "SELECT * FROM users WHERE username='{$username}' AND password=MD5('{$password}')"; The closing MD5 bracket was out of place. I'm stumped otherwise, maybe someone else can pick this one up 'cos I need sleep.. hehe Quote Link to comment Share on other sites More sharing options...
Letterbomb05 Posted May 24, 2008 Author Share Posted May 24, 2008 Nope, doesn't work, and I also need sleep. Answer PM and I might talk to you soon, I'll see if maybe somebody can help me work something out tomorow. Thanks for your help. Quote Link to comment Share on other sites More sharing options...
phpzone Posted May 24, 2008 Share Posted May 24, 2008 No probs. I'm guessing your php install is refusing to output error messages on that page for some reason, if you have access, try checking the apache error_log because if php error logging is on the answer could be in there. You could also try inserting the following snippet starting near the top of the page and working down as you manage to get an 'OK' at certain lines. Try placing it first just before you connect to mysql, if you get the OK, move it down after the connect, if get OK move it down again. Sometimes it just takes steps like this to work it out... lol exit("Got to line " . __LINE__ . " - OK "); Quote Link to comment Share on other sites More sharing options...
Letterbomb05 Posted May 24, 2008 Author Share Posted May 24, 2008 ended up messing around with webhost a bit and rewriting the login file, still need to edit it for multiple ranks but for the moment, it works. Thanks to all who helped! Final Code: <?php //database info $dbhost = "localhost"; $dbname = ""; $dbuser = ""; $dbpass = ""; //connect to db mysql_connect($dbhost, $dbuser, $dbpass)or die("Could not connect:".mysql_error()); mysql_select_db($dbname)or die(mysql_error()); //make sure data was entered in the fields if($_POST['username']!='' && $_POST['password']!='') { //set field data vars $username = htmlentities(mysql_real_escape_string($_POST['username'])); $password = md5($_POST['password']); //query db $query = "SELECT userid, username, rank FROM users WHERE username='".$username."' AND password='".$password."'"; $result = mysql_query($query) or die(mysql_error()); //check to see if there is a db match, if so do the following if(mysql_num_rows($result) === 1) { //check the rank of the user is 1, if so set $_SESSION['registered'] $row = mysql_fetch_assoc($result); if($row['rank'] == 1) { //set the session and redirect user $_SESSION['registered'] = TRUE; include('info.php'); }else{ //tell the user the account isn't activated if their rank is 0 echo "Your account is not activated"; } }else{ //tell the user that they have entered an invalid username or password if this be the case echo "Invalid username or password"; } }else{ //if they havn't entered anything in the login form, tell them echo "No username/password entered"; } //end script ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.