Jump to content

login script


newb

Recommended Posts

[code] <form action="modules.php?name=admin&amp;op=login" method="post" enctype="multipart/form-data">
Username:&nbsp;<input type="text" name="name" /><br />
Password:&nbsp;&nbsp;<input type="password" name="pass" />
<input type="submit" value="Login" />
</form>

<?php

require $dir."config.php";

$Query = "SELECT * FROM user WHERE username = '$_POST[user]'";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {


$username = $row['username'];
$password = $row['password'];
$randomword = dsiadopdjkspodjsadchocolatemousse;

if (isset($_COOKIE['cplogin'])) {
  if ($_COOKIE['cplogin'] == md5($password.$randomword)) {

      exit;
  } else {
      echo "<p>Bad cookie. Clear please clear them out and try to login again.</p>";
      exit;
  }
}

if (isset($_GET['p']) && $_GET['op'] == "login") {
  if ($_POST['name'] != $username) {
      echo "<p>Sorry, that username does not match. Use your browser back button to go back and try again.</p>";
      exit;
  } else if md5($_POST['pass']) != $password) {
      echo "<p>Sorry, that password does not match. Use your browser back button to go back and try again.</p>";
      exit;
  } else if ($_POST['name'] == $username && md5($_POST['pass']) == $password) {
      setcookie('cplogin', md5($_POST['pass'].$randomword));
      echo "<p>Welcome to the Control Panel</p>";
  } else {
      echo "<p>Sorry, you could not be logged in at this time. Refresh the page and try again.</p>";
  }
}
?>[/code]

i get this error: [code]

Parse error: syntax error, unexpected T_STRING, expecting '(' in /home/xxxxxxxxxxxx/login.php on line 34[/code]

how do i fix?
Link to comment
Share on other sites

Manichean is right, but you had a couple other errors. My solution that may or may not save you a lot of time:

Complete new code:

[code]<form action="modules.php?name=admin&amp;op=login" method="post" enctype="multipart/form-data">
Username:&nbsp;<input type="text" name="name" /><br />
Password:&nbsp;&nbsp;<input type="password" name="pass" />
<input type="submit" value="Login" />
</form>

<?php

require $dir."config.php";

$Query = "SELECT * FROM user WHERE username = '$_POST[user]'";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {


$username = $row['username'];
$password = $row['password'];
$randomword = dsiadopdjkspodjsadchocolatemousse;
$postpass = (md5($_POST['pass']));

if (isset($_COOKIE['cplogin'])) {
  if ($_COOKIE['cplogin'] == md5($password.$randomword)) {

      exit;
  } else {
      echo "<p>Bad cookie. Clear please clear them out and try to login again.</p>";
      exit;
  }
}

if (isset($_GET['p']) && $_GET['op'] == "login") {
  if ($_POST['name'] != $username) {
      echo "<p>Sorry, that username does not match. Use your browser back button to go back and try again.</p>";
      exit;
  } else if ($postpass != $password) {
      echo "<p>Sorry, that password does not match. Use your browser back button to go back and try again.</p>";
      exit;
  } else if ($_POST['name'] == $username && $postpass == $password) {
      setcookie('cplogin', md5($_POST['pass'].$randomword));
      echo "<p>Welcome to the Control Panel</p>";
  } else {
      echo "<p>Sorry, you could not be logged in at this time. Refresh the page and try again.</p>";
  }
}
}
?>[/code]

Be sure you copy your old code into a new file, so that if this doesn't work you'll have it.

Next time, tell us where line 34 is so we don't have to count.

Link to comment
Share on other sites

it worked, and i changed code around a lil bit.
[code]
<form action="modules.php?name=admin&amp;op=login" method="post" enctype="multipart/form-data">
Username:&nbsp;<input type="text" name="username" /><br />
Password:&nbsp;&nbsp;<input type="password" name="password" />
<input type="submit" value="Login" />
</form>

<?php

require $dir."config.php";

$username = $_POST['username'];
$password = $_POST['password'];
$password2 = md5($_POST['password']);


$query = "SELECT * FROM user WHERE username = '$username'";
$result = mysql_query($query);
while ($row = mysql_fetch_array($result)) {

if ( $_GET['p'] == 'login' ) {
  if ($username != $row['username']) {
      echo "<p>Sorry, that username does not match. Use your browser back button to go back and try again.</p>";
      echo "Inputed Username: '$username'<br />";
     
} else if ($password2 != $row['password']) {
      echo "<p>Sorry, that password does not match. Use your browser back button to go back and try again.</p>";
      echo "Inputed Password: '$password'<br />";

  } else if ($username == $row['username'] && $password2 == $row['password']) {
      session_start();
$_SESSION['username']="$username";
$_SESSION['password']="$password";
      echo "<p>Hello $username, <br /><br />Welcome to the Control Panel.</p> <br /><a href=\"modules.php?name=admin&p=news\">Submit News</a>";
  } else {
      echo "<p>Sorry, you could not be logged in at this time. Refresh the page and try again.</p>";
  }

} else if ( $_GET['p'] == 'logout' ) {
session_destroy();
echo "<p>$username sucessfully logged out</p>";

}
}


  $query = "SELECT * FROM `user` ORDER by username ASC;";
$result = mysql_query( $query );
$nums = mysql_num_rows( $result );

while($row = mysql_fetch_row($result))
{

echo("<b>$row[3]</b> :: $row[2]<br> ");

}

echo "<br /><br />$nums Total Tables";

{
}[/code]

It wont log in at all now though, just gives me a blank page upon post submission. any ideas fellas?
Link to comment
Share on other sites

Hey there,

the problem is with your $_Get['p'] it does not exist. Your form decleration is as follows
[quote]
<form action="modules.php?name=admin&amp;[b]op=login[/b]" method="post" enctype="multipart/form-data">
[/quote]

which means all all your GET declerations should look like this
[quote]
$_GET['op']
[/quote]

let me know how it works out
:D
Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.