login isnt doing anything :S

jamesxg1 · April 11, 2009

<?php session_start();

ini_set('display_errors', 1);
error_reporting(E_ALL);

include 'Database/Connection.php';

if (isset($_POST['submit'])) {

$username = mysql_real_escape_string(stripslashes($_POST['username']));
$password = mysql_real_escape_string(stripslashes($_POST['password']));

if ($username && $password) {

$sql = "SELECT * FROM `unlock` WHERE username = '$username' AND password = '$password'" or die(mysql_error());
$result = mysql_query($sql) or die(mysql_error());

if (mysql_num_rows($result) > 1) {

$morerow = mysql_fetch_array($result);

if (isset( $_SESSION['loggedin'] )) {
header('Location: Main.php');
}

if ($morerow['owner'] != "") { 
          	 $_SESSION['username'] = $username;
          	 $_SESSION['filename'] = $morerow['filename'];
                 $_SESSION['owner']    = $morerow['owner'];
                 $_SESSION['dir']      = $morerow['format'];


header('Location: DownloadFile.php');
}
else {
echo "Wrong Username or Password";
     }
  }
}
}
?>


<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
  <form method="POST" action="<?php $PHP_SELF ?>"> 
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="username" type="text" id="username"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="password" type="password" id="password"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>

it doesnt show any error at all even when it the password and username are entered wrong,

and it just refresh's (all form fields empty) upon trying to login :S

R4nk3d · April 11, 2009

if ($username && $password) {

Change that to:

if (isset($username) && isset($password)) {

Try that, because when you say

if ($username && $password) {

youre really saying

if($username == 1 && $password == 1)

not if they have info in them.

jamesxg1 · April 11, 2009

if ($username && $password) {
Change that to:
if (isset($username) && isset($password)) {
Try that, because when you say

if ($username && $password) {

youre really saying

if($username == 1 && $password == 1)

not if they have info in them.

cheers mate your logic is right, changed , but the script is still doing the same thing :S

jamesxg1 · April 11, 2009

ok heres the code,

<?php session_start();

ini_set('display_errors', 1);
error_reporting(E_ALL);

include 'Database/Connection.php';

if (isset($_POST['submit'])) {

$username = mysql_real_escape_string(stripslashes($_POST['username']));
$password = mysql_real_escape_string(stripslashes($_POST['password']));

if (isset($username) && isset($password)) {

$sql = "SELECT * FROM `unlock` WHERE username = '$username' AND password = '$password'" or die(mysql_error());
$result = mysql_query($sql) or die(mysql_error());

if (mysql_num_rows($result) > 0) {


$morerow = mysql_fetch_array($result);

if (isset( $_SESSION['loggedin'] )) {
header('Location: Main.php');
}

if ($morerow['owner'] != "") { 

          	 $_SESSION['username'] = $username;
          	 $_SESSION['filename'] = $morerow['filename'];
                 $_SESSION['owner']    = $morerow['owner'];
                 $_SESSION['dir']      = $morerow['format'];


header('Location: DownloadFile.php');
}
else {
echo "Wrong Username or Password";
     }
  }
}
}
?>


<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
  <form method="POST" action="<?php $PHP_SELF ?>"> 
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="username" type="text" id="username"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="password" type="password" id="password"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>

this is the problem

if (mysql_num_rows($result) > 0) {

mrMarcus · April 11, 2009

refreshes to where? you have a couple of header() functions in there.

always exit() your header() to avoid the possibility of code executing after the header redirection.

jamesxg1 · April 11, 2009

<?php session_start();

ini_set('display_errors', 1);
error_reporting(E_ALL);

include 'Database/Connection.php';

if (isset($_POST['submit'])) {

$username = mysql_real_escape_string(stripslashes($_POST['username']));
$password = mysql_real_escape_string(stripslashes($_POST['password']));

if (isset($username) && isset($password)) {

$sql = "SELECT * FROM `unlock` WHERE username = '$username' AND password = '$password'" or die(mysql_error());
$result = mysql_query($sql) or die(mysql_error());

$count = mysql_num_rows($result);

if ($count = '1') {

$morerow = mysql_fetch_array($result);

if ($morerow['owner'] != "") { 

          	 $_SESSION['username'] = $username;
          	 $_SESSION['filename'] = $morerow['filename'];
                 $_SESSION['owner']    = $morerow['owner'];
                 $_SESSION['dir']      = $morerow['format'];


header('Location: DownloadFile.php');
}
else {
echo "Wrong Username or Password";
     }
  }
}
}
?>


<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
  <form method="POST" action="<?php $PHP_SELF ?>"> 
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="username" type="text" id="username"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="password" type="password" id="password"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>

wokring now just displays the error now :S

waynew · April 11, 2009

Firstly, I'd advise you to use proper indentation as solving problems such as this one becomes a lot easier when you do.

Secondly, what error are you seeing?

mrMarcus · April 11, 2009

<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);

session_start();

include 'Database/Connection.php';

if (isset($_POST['submit'])) {
if (!$_SESSION['loggedin']) {
	if (isset ($_POST['username']) && isset ($_POST['password']))
	{
		$username = mysql_real_escape_string(stripslashes($_POST['username']));
		$password = mysql_real_escape_string(stripslashes($_POST['password']));

		$sql = "SELECT * FROM `unlock` WHERE username = '$username' AND password = '$password'";
		$result = mysql_query($sql) or die(mysql_error());

		if (mysql_num_rows($result) > 1) {

			$morerow = mysql_fetch_array($result);

			if ($morerow['owner'] != "") { 
				$_SESSION['username'] = $morerow['username'];
				$_SESSION['filename'] = $morerow['filename'];
				$_SESSION['owner']    = $morerow['owner'];
				$_SESSION['dir']      = $morerow['format'];

				header('Location: DownloadFile.php');
				exit;
			}
			else {
				echo 'insufficient privledges.';
			}
		} else {
			echo 'no results returned / Wrong Username or Password.';
		}
	} else {
		echo 'please enter your username and/or password!';
	}
} else {
	header('Location: Main.php');
	exit;
}
} else { //display the form;
?>
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
	<tr>
	  <form method="POST" action="<?php $PHP_SELF ?>">
	<td>
	<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
	<tr>
	<td colspan="3"><strong>Member Login </strong></td>
	</tr>
	<tr>
	<td width="78">Username</td>
	<td width="6">:</td>
	<td width="294"><input name="username" type="text" id="username"></td>
	</tr>
	<tr>
	<td>Password</td>
	<td>:</td>
	<td><input name="password" type="password" id="password"></td>
	</tr>
	<tr>
	<td> </td>
	<td> </td>
	<td><input type="submit" name="submit" value="Login"></td>
	</tr>
	</table>
	</td>
	</form>
	</tr>
</table>
<?php
}
?>

add echo's throughout your code so you know where you stand.

waynew · April 11, 2009

Hi. What if the password contains slashes? You're stripping those away? Just use mysql_real_escape_string. You have nothing more to gain by using stripslashes.

jamesxg1 · April 11, 2009

Firstly, I'd advise you to use proper indentation as solving problems such as this one becomes a lot easier when you do.

Secondly, what error are you seeing?

i had to modify the code so here it is. . .

<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);

session_start();

include 'Database/Connection.php';

if (isset($_POST['submit'])) {





if (isset ($_POST['username']) && isset ($_POST['password']))





{







$username = mysql_real_escape_string(stripslashes($_POST['username']));







$password = mysql_real_escape_string(stripslashes($_POST['password']));







$sql = "SELECT * FROM `unlock` WHERE username = '$username' AND password = '$password'";







$result = mysql_query($sql) or die(mysql_error());







if (mysql_num_rows($result) > 1) {









$morerow = mysql_fetch_array($result);









if ($morerow['owner'] != "") { 











$_SESSION['username'] = $morerow['username'];











$_SESSION['filename'] = $morerow['filename'];











$_SESSION['owner']    = $morerow['owner'];











$_SESSION['dir']      = $morerow['format'];






















header('Location: DownloadFile.php');











exit;









}









else {











echo 'insufficient privledges.';









}







} else {









echo 'no results returned / Wrong Username or Password.';







}





} else {







echo 'please enter your username and/or password!';





}



} else {





header('Location: Main.php');





exit;




?>



<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">





<tr>





  <form method="POST" action="<?php $PHP_SELF ?>">





<td>





<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">





<tr>





<td colspan="3"><strong>Member Login </strong></td>





</tr>





<tr>





<td width="78">Username</td>





<td width="6">:</td>





<td width="294"><input name="username" type="text" id="username"></td>





</tr>





<tr>





<td>Password</td>





<td>:</td>





<td><input name="password" type="password" id="password"></td>





</tr>





<tr>





<td> </td>





<td> </td>





<td><input type="submit" name="submit" value="Login"></td>





</tr>





</table>





</td>





</form>





</tr>



</table>



<?php
}
?>

no results returned / Wrong Username or Password.

^^ thats all i get now, no form is displayed.

waynew · April 11, 2009

Do you have the correct username and pass?

jamesxg1 · April 11, 2009

Do you have the correct username and pass?

yes, but im not getting the form :S

mrMarcus · April 11, 2009

did you try the code i supplied?

plus, this won't work :

if (mysql_num_rows($result) > 1) {

you're seeing if more than 1 row is returned .. not usually the case when doing a login script.

jamesxg1 · April 11, 2009

did you try the code i supplied?

plus, this won't work :
if (mysql_num_rows($result) > 1) {
you're seeing if more than 1 row is returned .. not usually the case when doing a login script.

yes, it had some errors and it wouldnt display the form it just showed a error :S

waynew · April 11, 2009

What error?

mrMarcus · April 11, 2009

did you try the code i supplied?

plus, this won't work :
if (mysql_num_rows($result) > 1) {
you're seeing if more than 1 row is returned .. not usually the case when doing a login script.
yes, it had some errors and it wouldnt display the form it just showed a error :S

my bad .. change

if (mysql_num_rows($result) > 1)

to

if (mysql_num_rows($result) > 0)

and it was the structure i was giving .. surely you can add-on what you need.

jamesxg1 · April 11, 2009

did you try the code i supplied?

plus, this won't work :
if (mysql_num_rows($result) > 1) {
you're seeing if more than 1 row is returned .. not usually the case when doing a login script.
yes, it had some errors and it wouldnt display the form it just showed a error :S
my bad .. change
if (mysql_num_rows($result) > 1)
to
if (mysql_num_rows($result) > 0)
and it was the structure i was giving .. surely you can add-on what you need.

<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);

session_start();

include 'Database/Connection.php';

if (isset($_POST['submit'])) {

if (isset ($_POST['username']) && isset ($_POST['password'])) {

$username = mysql_real_escape_string(stripslashes($_POST['username']));

$password = mysql_real_escape_string(stripslashes($_POST['password']));


$sql = "SELECT * FROM `unlock` WHERE username = '$username' AND password = '$password'";

$result = mysql_query($sql) or die(mysql_error());

if (mysql_num_rows($result) > 1) {

$morerow = mysql_fetch_array($result);

if ($morerow['owner'] != "") { 

$_SESSION['username'] = $morerow['username'];	

$_SESSION['filename'] = $morerow['filename'];	

$_SESSION['owner']    = $morerow['owner'];	

$_SESSION['dir']      = $morerow['format'];	

header('Location: DownloadFile.php');

exit;

} else {

echo 'no results returned / Wrong Username or Password.';


}

} else {

echo 'please enter your username and/or password!';

}

} else {

header('Location: Main.php');

exit;

}
} else { //display the form;



?>



<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">





<tr>





  <form method="POST" action="<?php $PHP_SELF ?>">





<td>





<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">





<tr>





<td colspan="3"><strong>Member Login </strong></td>





</tr>





<tr>





<td width="78">Username</td>





<td width="6">:</td>





<td width="294"><input name="username" type="text" id="username"></td>





</tr>





<tr>





<td>Password</td>





<td>:</td>





<td><input name="password" type="password" id="password"></td>





</tr>





<tr>





<td> </td>





<td> </td>





<td><input type="submit" name="submit" value="Login"></td>





</tr>





</table>





</td>





</form>





</tr>



</table>



<?php
}
?>

please enter your username and/or password!

is what i get

mrMarcus · April 11, 2009

change

if (mysql_num_rows($result) > 1) {

to

if (mysql_num_rows($result) > 0) {

*note the zero

jamesxg1 · April 11, 2009

change

if (mysql_num_rows($result) > 1) {

to

if (mysql_num_rows($result) > 0) {

*note the zero

<?php
ini_set('display_errors', 1);
error_reporting(E_ALL);

session_start();

include 'Database/Connection.php';

if (isset($_POST['submit'])) {

if (isset ($_POST['username']) && isset ($_POST['password'])) {

$username = mysql_real_escape_string(stripslashes($_POST['username']));

$password = mysql_real_escape_string(stripslashes($_POST['password']));


$sql = "SELECT * FROM `unlock` WHERE username = '$username' AND password = '$password'";

$result = mysql_query($sql) or die(mysql_error());

if (mysql_num_rows($result) > 0) {

$morerow = mysql_fetch_array($result);

if ($morerow['owner'] != "") { 

$_SESSION['username'] = $morerow['username'];	

$_SESSION['filename'] = $morerow['filename'];	

$_SESSION['owner']    = $morerow['owner'];	

$_SESSION['dir']      = $morerow['format'];	

header('Location: DownloadFile.php');

exit;

} else {

echo 'no results returned / Wrong Username or Password.';


}

} else {

echo 'please enter your username and/or password!';

}

} else {

header('Location: Main.php');

exit;

}
} else { //display the form;



?>
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
  <form method="POST" action="<?php $PHP_SELF ?>">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="username" type="text" id="username"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="password" type="password" id="password"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="submit" value="Login"></td>
</tr>
</table>
</td>
</form>	
</tr>
</table>
<?php
}
?>

done, still the same :S

mrMarcus · April 11, 2009

is your password being encrypted in the db? ie. md5()? do you have a record with that username and password even? you need to double check those things .. 'cause that code will return a result if the correct username and password are entered.

Sign In

login isnt doing anything :S

Recommended Posts

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Link to comment

Share on other sites

Join the conversation

Important Information