Jump to content

Login help please

Xzalious

By Xzalious
in PHP Coding Help

Recommended Posts

Xzalious Newbie

Xzalious

Posted
Posted

When a user enter login.php, nothing happens really, it's when they hit the login button that things go the wrong way. What is supposed to happen is that the users name and ID are stored into $_SESSION variables and then when they get to members.php it picks them up and takes the date/time from last login from a table.

 

So far, when i hit the submit image, it waits for my page, then says done and reloads the same page with blank forms so i was wondering if anyone could read through my code and give me some help as to why this is happening and what i can do to login properly, i suspect its the $_SESSION variables, but i'm not sure.

 

 

Login.php Code

<?php
include('lib/opendb.php');

//If i suck, tell me why 
error_reporting(E_ALL);
ini_set('display_errors', 'on');

//   1 - Maintenance in progress
//   0 - No maintenace underway
$maintenance = 0;

//If this returns TRUE the user has hit the submit button
    if ( array_key_exists ( '_submit_check', $_POST ) )
    {
	//Set the variables after the user hits submit to avoid NULL errors
	$user = $_POST['username'];
	$pass = $_POST['password'];

    	if ( $maintenance == 0 )
        {
		//If the Username or Password has nothing in it we can't process it
            if ( $_POST['username'] != '' && $_POST['password'] != '' )
            {
			//Set the query to find the user if he/she is in our database
                $query = 'SELECT ID, Username, Active, Password FROM users WHERE Username = "'.$user.'" AND Password = "'.md5($pass).'"';
			$result = mysql_query($query);

			//If there is one record then our user exists
                if (mysql_num_rows($result) == 1 or die(mysql_error()))
                {
				while(list($ID,$Username,$Active,$Password)= mysql_fetch_row($result) or die(mysql_error()))
				{
					if ( $Active == 1 )
					{

						// Calculate Australian time to be entered into the database
						$hourdiff = "14";
						$datenew = date("l jS \of F Y",time() + ($hourdiff * 3600));
						$timenew = date("g:i A",time() + ($hourdiff * 3600));

						// Set the queries to update the time and date of the current login
						$timequery = 'UPDATE `users` SET `Time_new` = "'.$timenew.'"';
						if (mysql_query($timequery) == TRUE or die(mysql_error()) ) {
							$error = "Time was written to table";
						}

						$datequery = 'UPDATE `users` SET `Date_new` = "'.$datenew.'"';
						if (mysql_query($datequery) == TRUE or die(mysql_error()) ) {
							$error = "Date was written to table";
						}														

						//start our logged in session
						session_start();

						//set the sessions
						$_SESSION['user_id'] = $ID;
						$_SESSION['logged_in'] = TRUE;

						//The user has successfully logged in, so we can send them to the members page
						header ( "Location: members.php");

					}
					//User has registered but not confirmed their email
					elseif ( $Active == 0 ) {
						$error = 'Your membership was not activated. Please open the activation link in the email we sent.';
					}
					//User has been suspended by an admin, deny access
					elseif ( $Active == 2 ) {
						$error = 'You are suspended!';
					}
				}
                }
			//User could not be found or there was an error in the data provided
                else {		
                    $error = 'Login failed!';		
                }
            }
		//Username or password was left blank
            else {
                $error = 'Please use both your username and password to access your account';
            }
        }
	//Database is under maintenance so that users do not login while a page is being edited.
        else {
            $error = 'The database is currently under maintenance, please wait before attempting to login again';
	}
    }

include('lib/closedb.php');
?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Xzaliouses Database - Login</title>
<link href="css/databasev3.css" rel="stylesheet" type="text/css" />
</head>
<body>

<div id="container">
<div id="box">
        <div id="header">
        	
        </div>
        <?php
		if ( isset($error)):
	?>
        <div id="error">
        <table>
          <tr>
            <td width="10"></td>
            <td width="520"> <?php echo $error ?></td>
          </tr>
        </table>
        </div>
        <div id="spacer">
        <!-- nothing  !-->
        </div>
        <?php
		endif;
	?>
        <div id="login">
        <form class="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">
        <table border="0">
          <tr>
          	<td width="58"></td>
            <td width="200">
                <input type="hidden" name="_submit_check" value="1"/>
            	Username:
                <br />
           		<input class="input" type="text" name="username" id="username" size="25" maxlength="40" value="" />
           		<br />
			Password:
                <br />
           		<input class="input" type="password" name="password" id="password" size="25" maxlength="32" />
            </td>
              <td width="75">
              <input name="Loginimg" type="image" src="images/Login.png" title="submit" value="Login" alt="submit" /><br /></td>
            <td width="196">
            <input name="Login" type="image" src="images/logintext.png" value="Login" /><br />Access the database to interact with features, settings and users.</td>
          </tr>
        </table>
        </form>
        </div>
        <div id="spacer">
        <!-- nothing  !-->
        </div>
        <div id="updates">
        <table>
          <tr>
          	<td width="45"></td>
            <td width="470">28/6/08 - Worked on MySQL side of login.php</td>
          </tr>
          <tr>
            <td width="45"></td>
            <td width="470">27/6/08 - Added Error checking and worked on login.php</td>
          </tr>
          <tr>
            <td width="45"></td>
            <td width="470">26/6/08 - Added cookie support to login.php</td>
          </tr>
          <tr>
            <td width="45"></td>
            <td width="470">24/6/08 - Configured CSS and finalized layout</td>
          </tr>
          <tr>
            <td width="45"></td>
            <td width="470">23/6/08 - Finished members.php and login.php layout</td>
          </tr>
          <tr>
            <td width="45"></td>
            <td width="470">22/6/08 - Refined login.php code</td>
          </tr>
          <tr>
            <td width="45"></td>
            <td width="470">21/6/08 - Split members.php code to make login.php</td>
          </tr>
        </table>
        </div>
        <div id="spacer">
        <!-- nothing  !-->
        </div>
        <div id="footer">
        	<center>© Xzalious 2008</center>
        </div>

  </div>
</div>
</body>
</html>

 

Members.php Code

<?php 
include('lib/opendb.php');

// If i suck, tell me why 
error_reporting(E_ALL);
ini_set('display_errors', 'on');

// Is the visitor logged in? This page is only available to members
if ( isset($_SESSION['logged_in']) && ($_SESSION['user_id']) ) {
	// It may be set but does it have the right information?
	if ($_SESSION['logged_in'] == TRUE) {
		// So the visitor is logged in, what's his name then?
		$userquery = "SELECT `Username` FROM `users` WHERE `ID` = ".$_SESSION['user_id'];
		$userresult = mysql_query($userquery) or die(mysql_error());

		// If there is more then one result for the query then we obviously have a problem
		if ( mysql_num_rows($userquery) == 1 or die(mysql_error()) ) {
			// User is logged in so we store his username in a variable
			$user = mysql_fetch_row($userresult) or die(mysql_error());

			//Now that the user is logged in and we know it we need
			//to get the last time and date that he/she logged in
			$gettimedate = "SELECT `Time_old`, `Date_old` FROM `users` WHERE `Username` = ".$user;
			$timedateresult = mysql_query($gettimedate) or die(mysql_error());

			// Get all the results from our query and stick them in $row
			$row = mysql_fetch_row($timedateresult) or die(mysql_error());				

			// Put the results into there respected variables for display later
			$time = $row['time_old'];
			$date = $row['date_old'];

			//If we've successfully gotten the data we put it into a variable for display later
			if ( mysql_num_rows($gettimedate) == 1 or die(mysql_error()) ) {
				list($time, $date) = mysql_fetch_row($timedateresult);
			}
		}
	} else {
		// Sessions exist but the user is not logged in, redirect to allow visitor to login
		header("Location: login.php");
	}
} else {
	// Sessions are not set, redirect to the login page
	header("Location: login.php");
}

$messages = "0";
$time = "0";
$date = "0";

include('lib/closedb.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>xzaliouses Database - Members</title>
<link href="css/databasev3.css" rel="stylesheet" type="text/css" />
</head>

<body>
<div id="container">
<div id="box">
        <div id="header">
        	
        </div>
        <div id="user">
        <table border="0">
          <tr>
            <td width="125">
            	<img src="images/noavatar.jpg" name="avatar" id="avatar" /><br />
            </td>
		<td width="412">
                Hello, <? echo $user ?>.<br /><br />
                You have <? echo $messages ?> messages in your inbox.<br />
                Your last login was <? echo $time." on ".$date ?>
            </td>
          </tr>
        </table>
        </div>
   	  	<div id="spacer">
        <!-- nothing  !-->
        </div>
        <div id="content">
          <table style="margin-left:25px;" width="500" border="0">
            <tr>
              <td width="500">You are here: /<a href="members.php">members</a>/</td>
            </tr>
          </table>
          <table style="margin-left:25px;margin-top:10px;" width="500" border="0">
          	<tr>
              <td width="75" height="80"><img src="images/inbox.png" width="72" height="72" /></td>
              <td width="175" height="80"><p><span class="tablelink"><a href="inbox.php">Inbox</a></span><br />Access your inbox to read, compose and delete mail.</p></td>
              <td width="75" height="80"><img src="images/avatar.png" width="72" height="72" /></td>
              <td width="175" height="80"><span class="tablelink"><a href="avatar.php">Avatar</a></span><br />Change your avatar settings for the database.</td>
            </tr>
            <tr>
              <td width="75" height="80"><img src="images/controlpanel.png" width="72" height="72" /></td>
              <td width="175" height="80"><a href="usercp.php" class="tablelink">Control Panel</a><br />Change your database settings for this site and it's pages.</td>
              <td width="75" height="80"><img src="images/profile.png" width="72" height="72" /></td>
              <td width="175" height="80"><a href="profile.php"><span class="tablelink">Profile</span></a><br />Change your profile details that other members can see.</td>
            </tr>
            <tr>
              <td width="75" height="80"><img src="images/members.png" width="72" height="72" /></td>
              <td width="175" height="80"><a href="members.php" class="tablelink">Members</a><br />Search through the public member list and profiles.</td>
              <td width="75" height="80"><img src="images/settings.png" width="72" height="72" /></td>
              <td width="175" height="80"><a href="datacp.php" class="tablelink">Database Settings</a><br />Configure how you use the database and its features.</td>
            </tr>
            <tr>
              <td width="75" height="80"><img src="images/help.png" width="72" height="72" /></td>
              <td width="175" height="80"><a href="help.php" class="tablelink">Help</a><br />Get help using the database with FAQs or submit a ticket.</td>
              <td width="75" height="80"><img src="images/logout.png" width="72" height="72" /></td>
              <td width="175" height="80"><a href="logout.php" class="tablelink">Logout</a><br />Sign out of the database and end your session.</td>
            </tr>
            <tr>
              <td width="75" height="80"><img src="images/affiliates.png" width="72" height="72" /></td>
              <td width="175" height="80"><a href="affiliates.php" class="tablelink">Affiliates</a><br />Links to places who helped make the database.</td>
              <td width="75" height="80"><img src="images/about.png" width="72" height="72" /></td>
              <td width="175" height="80"><a href="about.php" class="tablelink">About</a><br />All about Xzalious, his profile is also on this page for viewing.</td>
            </tr>        
          </table>
      	</div>
        <div id="footer">
        	<center>© Xzalious 2008</center>
        </div>
  </div>
</div>
</body>
</html>

Link to comment
https://forums.phpfreaks.com/topic/112538-login-help-please/
Share on other sites
MasterACE14 Advanced Member

MasterACE14

Posted
Posted

this is what my logout.php page is.

 

<?php // Logout User - Destroy Session

// Start the session
session_start();

// Destroy the session
session_destroy();

// Automatically redirect the user to the homepage
header("Location: index.php?page=home");


?>

 

Regards ACE

Link to comment
https://forums.phpfreaks.com/topic/112538-login-help-please/#findComment-577903
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.