Jump to content


Photo

login script


  • Please log in to reply
7 replies to this topic

#1 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 20 July 2006 - 04:49 AM

<form action="modules.php?name=admin&amp;op=login" method="post" enctype="multipart/form-data">				
		Username:&nbsp;<input type="text" name="name" /><br />
		Password:&nbsp;&nbsp;<input type="password" name="pass" />
		<input type="submit" value="Login" />
	</form>

<?php

require $dir."config.php";

$Query = "SELECT * FROM user WHERE username = '$_POST[user]'";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {


$username = $row['username'];
$password = $row['password'];
$randomword = dsiadopdjkspodjsadchocolatemousse;

if (isset($_COOKIE['cplogin'])) {
   if ($_COOKIE['cplogin'] == md5($password.$randomword)) {

      exit;
   } else {
      echo "<p>Bad cookie. Clear please clear them out and try to login again.</p>";
      exit;
   }
}

if (isset($_GET['p']) && $_GET['op'] == "login") {
   if ($_POST['name'] != $username) {
      echo "<p>Sorry, that username does not match. Use your browser back button to go back and try again.</p>";
      exit;
   } else if md5($_POST['pass']) != $password) {
      echo "<p>Sorry, that password does not match. Use your browser back button to go back and try again.</p>";
      exit;
   } else if ($_POST['name'] == $username && md5($_POST['pass']) == $password) {
      setcookie('cplogin', md5($_POST['pass'].$randomword));
      echo "<p>Welcome to the Control Panel</p>";
   } else {
      echo "<p>Sorry, you could not be logged in at this time. Refresh the page and try again.</p>";
   }
}
?>

i get this error:
 	
Parse error: syntax error, unexpected T_STRING, expecting '(' in /home/xxxxxxxxxxxx/login.php on line 34

how do i fix?

#2 manichean

manichean
  • Members
  • PipPip
  • Member
  • 29 posts

Posted 20 July 2006 - 05:15 AM

Hello newb,

Your Error:
} else if md5($_POST['pass']) != $password) { /*Your line 34 should read like my answer code*/

My Answer Code:
} else if (md5($_POST['pass']) != $password) {


#3 treilad

treilad
  • Members
  • PipPipPip
  • Advanced Member
  • 58 posts

Posted 20 July 2006 - 05:20 AM

Manichean is right, but you had a couple other errors. My solution that may or may not save you a lot of time:

Complete new code:

<form action="modules.php?name=admin&amp;op=login" method="post" enctype="multipart/form-data">				
		Username:&nbsp;<input type="text" name="name" /><br />
		Password:&nbsp;&nbsp;<input type="password" name="pass" />
		<input type="submit" value="Login" />
	</form>

<?php

require $dir."config.php";

$Query = "SELECT * FROM user WHERE username = '$_POST[user]'";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {


$username = $row['username'];
$password = $row['password'];
$randomword = dsiadopdjkspodjsadchocolatemousse;
$postpass = (md5($_POST['pass']));

if (isset($_COOKIE['cplogin'])) {
   if ($_COOKIE['cplogin'] == md5($password.$randomword)) {

      exit;
   } else {
      echo "<p>Bad cookie. Clear please clear them out and try to login again.</p>";
      exit;
   }
}

if (isset($_GET['p']) && $_GET['op'] == "login") {
   if ($_POST['name'] != $username) {
      echo "<p>Sorry, that username does not match. Use your browser back button to go back and try again.</p>";
      exit;
   } else if ($postpass != $password) {
      echo "<p>Sorry, that password does not match. Use your browser back button to go back and try again.</p>";
      exit;
   } else if ($_POST['name'] == $username && $postpass == $password) {
      setcookie('cplogin', md5($_POST['pass'].$randomword));
      echo "<p>Welcome to the Control Panel</p>";
   } else {
      echo "<p>Sorry, you could not be logged in at this time. Refresh the page and try again.</p>";
   }
}
}
?>

Be sure you copy your old code into a new file, so that if this doesn't work you'll have it.

Next time, tell us where line 34 is so we don't have to count.



#4 treilad

treilad
  • Members
  • PipPipPip
  • Advanced Member
  • 58 posts

Posted 20 July 2006 - 05:21 AM

Be sure and tell me if it works. :)

#5 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 20 July 2006 - 06:22 AM

it worked, and i changed code around a lil bit.
<form action="modules.php?name=admin&amp;op=login" method="post" enctype="multipart/form-data">				
		Username:&nbsp;<input type="text" name="username" /><br />
		Password:&nbsp;&nbsp;<input type="password" name="password" />
		<input type="submit" value="Login" />
	</form>

<?php

require $dir."config.php";

$username = $_POST['username'];
$password = $_POST['password'];
$password2 = md5($_POST['password']);


$query = "SELECT * FROM user WHERE username = '$username'";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {

if ( $_GET['p'] == 'login' ) {
   if ($username != $row['username']) {
      echo "<p>Sorry, that username does not match. Use your browser back button to go back and try again.</p>";
      echo "Inputed Username: '$username'<br />";
      
	} else if ($password2 != $row['password']) {
      echo "<p>Sorry, that password does not match. Use your browser back button to go back and try again.</p>";
      echo "Inputed Password: '$password'<br />";

   } else if ($username == $row['username'] && $password2 == $row['password']) {
      session_start();
$_SESSION['username']="$username"; 
$_SESSION['password']="$password"; 
      echo "<p>Hello $username, <br /><br />Welcome to the Control Panel.</p> <br /><a href=\"modules.php?name=admin&p=news\">Submit News</a>";
   } else {
      echo "<p>Sorry, you could not be logged in at this time. Refresh the page and try again.</p>";
   }

 } else if ( $_GET['p'] == 'logout' ) {
		session_destroy();
	echo "<p>$username sucessfully logged out</p>";

}
}


  	$query = "SELECT * FROM `user` ORDER by username ASC;";
	$result = mysql_query( $query );
	$nums = mysql_num_rows( $result );

while($row = mysql_fetch_row($result))
{

echo("<b>$row[3]</b> :: $row[2]<br> ");

}

echo "<br /><br />$nums Total Tables";

{
}

It wont log in at all now though, just gives me a blank page upon post submission. any ideas fellas?

#6 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 20 July 2006 - 06:26 AM

and ur code didnt work treilad

#7 manichean

manichean
  • Members
  • PipPip
  • Member
  • 29 posts

Posted 20 July 2006 - 07:30 AM

Hey there,

the problem is with your $_Get['p'] it does not exist. Your form decleration is as follows

<form action="modules.php?name=admin&amp;op=login" method="post" enctype="multipart/form-data">


which means all all your GET declerations should look like this

$_GET['op']


let me know how it works out
:D

#8 newb

newb
  • Members
  • PipPipPip
  • Advanced Member
  • 454 posts

Posted 20 July 2006 - 07:40 PM

oh yeah, duh




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users