Not logging in

eaglelegend · October 29, 2008

for some reason when I try logging in my account on my site it if is correct just shows the homepage, like it is meant to, however it dont show the nav bar updated with the members thing.

however if I fail at logging in it will show incorrect username or password.

here is a link of code I am concerned about within the member page, ios it filled out correctly do you think?

if($_COOKIE['User']=="" && $_COOKIE['Admin']=="") {

Member.php:

<?php
if($Z!="") {
	$check = @mysql_num_rows(mysql_query("SELECT * FROM `members` WHERE `username`='{$_COOKIE['User']}' AND `site`=\"$Z\""));

if($_COOKIE['User']=="" && $_COOKIE['Admin']=="") {
 	header("Location: /$Z");
}

$creditsSQL = mysql_query("SELECT * FROM `members` WHERE `username`='{$_COOKIE['User']}' AND `site`=\"$Z\"");
while($creditsROW = mysql_fetch_array($creditsSQL)) {
 	$MONEY = $creditsROW["money"];
 	$POINTS = $creditsROW["points"];
 	$FROZEN = $creditsROW["frozen"];
}

if($FROZEN==1) {
 	print "<b>YOUR ACCOUNT IS FROZEN! PLEASE CONTACT THE SITE ADMIN. YOU HAVE BEEN LOGGED OUT!</b>";

	setcookie("User",null,time()-(99999*999));
}
}
?>

Login.php

<?php
include("header.php");



$username = $_POST['username'];
$password = $_POST['password'];


if($username && $password) {

	setcookie("User",null,time()-(9999*9999),"/",".",0);
	setcookie("Site",null,time()-(9999*9999),"/",".",0);
	setcookie("Admin",null,time()-(9999*9999),"/",".",0); 

	$check = mysql_num_rows(mysql_query("SELECT * FROM `members` WHERE `username`=\"$username\" AND `password`=\"$password\" AND `site`=\"$Z\""));

if($check == 1) { 	
	 	$sql = mysql_query("SELECT * FROM `members` WHERE `username`=\"$username\" AND `site`=\"$Z\"");
	 	while($row = mysql_fetch_array($sql)) {
	 	 	$admin = $row["admin"];

	 	}

	 	if(setcookie("User",$username,time()+(3600*24),"/",".",0)) {
	 		if($admin == 1) {
			  	if(setcookie("Admin",$username,time()+(3600*24),"/",".",0) && setcookie("Site",$Z,time()+(3600*24),"/",".",0)) {
				   	?>
				   	<meta http-equiv="refresh" content="0;url=/<?php echo $Z; ?>" />
<?php
				}
				else {
				 	print "Cant set admin cookie!";
				}
			}
			else {
			 	?>
			 	<meta http-equiv="refresh" content="0;url=/<?php echo $Z; ?>" />
<?php
			}
	 	}
	 	else {
	 	 	print "Cant set cookie";
	 	}
}
else {
 	print "Sorry, username/password mismatch!";
}

}
else {
?>
<h2>Login</h2><p>
<form action="/login.php" method="post">
Username<br>
<input type="text" name="username" size="20"><p>
Password<br>
<input type="password" name="password" size="20"><p>
<input type="submit" value=" Login "></form>
<?php
}

include("footer.php");
?>

adminlogin.php:

<?php
include("mheader.php");

$username = $_POST['username'];
$password = $_POST['password'];
$to = $_POST['to'];

if($username && $password) {

	setcookie("User",null,time()-(9999*9999),"/",".",0);
	setcookie("Site",null,time()-(9999*9999),"/",".sitename",0);
	setcookie("Admin",null,time()-(9999*9999),"/",".sitename",0); 

$check = mysql_num_rows(mysql_query("SELECT * FROM `members` WHERE `username`=\"$username\" AND `password`=\"$password\" AND `admin`='1'"));

if($check == 1) {
 	$sql = mysql_query("SELECT * FROM `members` WHERE `username`=\"$username\" AND `admin`='1'");
 	while($row = mysql_fetch_array($sql)) {
 	 	$url = $row["url"];
 	}

 	if(setcookie("Admin",$username,time()+(3600*24),"/",".",0) && setcookie("Site",$url,time()+(3600*24),"/",".",0) && setcookie("Z",$url,time()+(9999*999)) && setcookie("User",$username,time()+(3600*24),"/",".",0)) {
 	 	if($to == 1) {

?>
			 	<meta http-equiv="refresh" content="0;url=/managesite.php" />
<?php
 		}
 		else {
 		?>
			 	<meta http-equiv="refresh" content="0;url=/index.php" />	 		
<?php
 		}
	 }
 	else {
 	 	print "Cant set cookie";
 	}
}
else {
 	print "Sorry, username/password mismatch!";
}

}
else {
?>
<h2>Login</h2><p>
<form action="/adminlogin.php" method="post">
Username<br>
<input type="text" name="username" size="20"><p>
Password<br>
<input type="password" name="password" size="20"><p>
<input type="submit" value=" Login "></form>
<?php
}

include("mfooter.php");
?>

runnerjp · October 29, 2008

think need to see more code!

eaglelegend · October 29, 2008

ok just edited it - sorry

revraz · October 29, 2008

Why are you doing the exact same query twice?

eaglelegend · October 29, 2008

where?

Sign In

Not logging in

Recommended Posts

eaglelegend

Link to comment

Share on other sites

runnerjp

Link to comment

Share on other sites

eaglelegend

Link to comment

Share on other sites

revraz

Link to comment

Share on other sites

eaglelegend

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information