Jump to content

Archived

This topic is now archived and is closed to further replies.

newb

login script

Recommended Posts

[code] <form action="modules.php?name=admin&amp;op=login" method="post" enctype="multipart/form-data">
Username:&nbsp;<input type="text" name="name" /><br />
Password:&nbsp;&nbsp;<input type="password" name="pass" />
<input type="submit" value="Login" />
</form>

<?php

require $dir."config.php";

$Query = "SELECT * FROM user WHERE username = '$_POST[user]'";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {


$username = $row['username'];
$password = $row['password'];
$randomword = dsiadopdjkspodjsadchocolatemousse;

if (isset($_COOKIE['cplogin'])) {
  if ($_COOKIE['cplogin'] == md5($password.$randomword)) {

      exit;
  } else {
      echo "<p>Bad cookie. Clear please clear them out and try to login again.</p>";
      exit;
  }
}

if (isset($_GET['p']) && $_GET['op'] == "login") {
  if ($_POST['name'] != $username) {
      echo "<p>Sorry, that username does not match. Use your browser back button to go back and try again.</p>";
      exit;
  } else if md5($_POST['pass']) != $password) {
      echo "<p>Sorry, that password does not match. Use your browser back button to go back and try again.</p>";
      exit;
  } else if ($_POST['name'] == $username && md5($_POST['pass']) == $password) {
      setcookie('cplogin', md5($_POST['pass'].$randomword));
      echo "<p>Welcome to the Control Panel</p>";
  } else {
      echo "<p>Sorry, you could not be logged in at this time. Refresh the page and try again.</p>";
  }
}
?>[/code]

i get this error: [code]

Parse error: syntax error, unexpected T_STRING, expecting '(' in /home/xxxxxxxxxxxx/login.php on line 34[/code]

how do i fix?

Share this post


Link to post
Share on other sites
Hello newb,

Your Error:
[code]
} else if md5($_POST['pass']) != $password) { /*Your line 34 should read like my answer code*/
[/code]

My Answer Code:
[code]
} else if (md5($_POST['pass']) != $password) {
[/code]

Share this post


Link to post
Share on other sites
Manichean is right, but you had a couple other errors. My solution that may or may not save you a lot of time:

Complete new code:

[code]<form action="modules.php?name=admin&amp;op=login" method="post" enctype="multipart/form-data">
Username:&nbsp;<input type="text" name="name" /><br />
Password:&nbsp;&nbsp;<input type="password" name="pass" />
<input type="submit" value="Login" />
</form>

<?php

require $dir."config.php";

$Query = "SELECT * FROM user WHERE username = '$_POST[user]'";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {


$username = $row['username'];
$password = $row['password'];
$randomword = dsiadopdjkspodjsadchocolatemousse;
$postpass = (md5($_POST['pass']));

if (isset($_COOKIE['cplogin'])) {
  if ($_COOKIE['cplogin'] == md5($password.$randomword)) {

      exit;
  } else {
      echo "<p>Bad cookie. Clear please clear them out and try to login again.</p>";
      exit;
  }
}

if (isset($_GET['p']) && $_GET['op'] == "login") {
  if ($_POST['name'] != $username) {
      echo "<p>Sorry, that username does not match. Use your browser back button to go back and try again.</p>";
      exit;
  } else if ($postpass != $password) {
      echo "<p>Sorry, that password does not match. Use your browser back button to go back and try again.</p>";
      exit;
  } else if ($_POST['name'] == $username && $postpass == $password) {
      setcookie('cplogin', md5($_POST['pass'].$randomword));
      echo "<p>Welcome to the Control Panel</p>";
  } else {
      echo "<p>Sorry, you could not be logged in at this time. Refresh the page and try again.</p>";
  }
}
}
?>[/code]

Be sure you copy your old code into a new file, so that if this doesn't work you'll have it.

Next time, tell us where line 34 is so we don't have to count.

Share this post


Link to post
Share on other sites
it worked, and i changed code around a lil bit.
[code]
<form action="modules.php?name=admin&amp;op=login" method="post" enctype="multipart/form-data">
Username:&nbsp;<input type="text" name="username" /><br />
Password:&nbsp;&nbsp;<input type="password" name="password" />
<input type="submit" value="Login" />
</form>

<?php

require $dir."config.php";

$username = $_POST['username'];
$password = $_POST['password'];
$password2 = md5($_POST['password']);


$query = "SELECT * FROM user WHERE username = '$username'";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {

if ( $_GET['p'] == 'login' ) {
  if ($username != $row['username']) {
      echo "<p>Sorry, that username does not match. Use your browser back button to go back and try again.</p>";
      echo "Inputed Username: '$username'<br />";
     
} else if ($password2 != $row['password']) {
      echo "<p>Sorry, that password does not match. Use your browser back button to go back and try again.</p>";
      echo "Inputed Password: '$password'<br />";

  } else if ($username == $row['username'] && $password2 == $row['password']) {
      session_start();
$_SESSION['username']="$username";
$_SESSION['password']="$password";
      echo "<p>Hello $username, <br /><br />Welcome to the Control Panel.</p> <br /><a href=\"modules.php?name=admin&p=news\">Submit News</a>";
  } else {
      echo "<p>Sorry, you could not be logged in at this time. Refresh the page and try again.</p>";
  }

} else if ( $_GET['p'] == 'logout' ) {
session_destroy();
echo "<p>$username sucessfully logged out</p>";

}
}


  $query = "SELECT * FROM `user` ORDER by username ASC;";
$result = mysql_query( $query );
$nums = mysql_num_rows( $result );

while($row = mysql_fetch_row($result))
{

echo("<b>$row[3]</b> :: $row[2]<br> ");

}

echo "<br /><br />$nums Total Tables";

{
}[/code]

It wont log in at all now though, just gives me a blank page upon post submission. any ideas fellas?

Share this post


Link to post
Share on other sites
Hey there,

the problem is with your $_Get['p'] it does not exist. Your form decleration is as follows
[quote]
<form action="modules.php?name=admin&amp;[b]op=login[/b]" method="post" enctype="multipart/form-data">
[/quote]

which means all all your GET declerations should look like this
[quote]
$_GET['op']
[/quote]

let me know how it works out
:D

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.