Jump to content


Photo

PHP Membership System problem


  • Please log in to reply
56 replies to this topic

#41 Fruddy

Fruddy
  • Members
  • PipPipPip
  • Advanced Member
  • 43 posts

Posted 06 August 2006 - 12:46 PM

Yep! Now it works!!  ;D
But when i recieve the mail, theres no password:

  Du kan logge ind med følgende oplysninger
  Username: #Fruddy
  Password:

#42 tomfmason

tomfmason
  • Staff Alumni
  • Advanced Member
  • 1,696 posts
  • Locationstealing your wifi

Posted 06 August 2006 - 12:49 PM

ok change

   Password: $random_password

To

Password: $randompwd

Traveling East in search of instruction, and West to propagate the knowledge I have had gained.

current projects: pokersource

My Blog | My Pastebin | PHP Validation class | Backtrack linux


#43 Fruddy

Fruddy
  • Members
  • PipPipPip
  • Advanced Member
  • 43 posts

Posted 06 August 2006 - 01:21 PM

Yes, now it work!
thank you very much for your time tomfmason!

#44 tomfmason

tomfmason
  • Staff Alumni
  • Advanced Member
  • 1,696 posts
  • Locationstealing your wifi

Posted 06 August 2006 - 01:36 PM

Everything is working just fine then? The login as well? I swear from now on I will always test my scripts fully before posting them.lol

Glad I could help,
Tom

Traveling East in search of instruction, and West to propagate the knowledge I have had gained.

current projects: pokersource

My Blog | My Pastebin | PHP Validation class | Backtrack linux


#45 Fruddy

Fruddy
  • Members
  • PipPipPip
  • Advanced Member
  • 43 posts

Posted 06 August 2006 - 10:01 PM

well, i got a problem:

<?php 
				 
				if ( empty( $username ) ) { 
				include("http://www.my-project.dk/login.php"); 
				} else {
echo "Du er logget ind som<br><b>username</b>";

}				
				?>

It keeps showing the logn page, also if im logged in.


And hows my cookie going to look like? So it stores my username and pass?

#46 tomfmason

tomfmason
  • Staff Alumni
  • Advanced Member
  • 1,696 posts
  • Locationstealing your wifi

Posted 06 August 2006 - 11:15 PM

I think what you are wanting is something like this.

if (!$_SESSION['username']) {
   echo "You must login to view this page";
   include("login.php");
   exit(1);
}


You will need to set the session variables after a successful login.

Good Luck,
Tom

Traveling East in search of instruction, and West to propagate the knowledge I have had gained.

current projects: pokersource

My Blog | My Pastebin | PHP Validation class | Backtrack linux


#47 Fruddy

Fruddy
  • Members
  • PipPipPip
  • Advanced Member
  • 43 posts

Posted 07 August 2006 - 07:47 AM

  <?php 
if (!$_SESSION['username']) {
   include("login.php");
   exit(1);
}		
else {
echo "You are logged in as" $username;
}

				?>

When i login, it still shows the login.php?

#48 tomfmason

tomfmason
  • Staff Alumni
  • Advanced Member
  • 1,696 posts
  • Locationstealing your wifi

Posted 07 August 2006 - 08:12 AM

First you need to set the session variable username in the login script. Like this

if ($login_match == 1) {
    $_SESSION['username'] = $username;
    include("whatever.php");
}else{
//what ever was here before

Now to protect the page do this

if (!$_SESSION['username']) {
   echo "You must login to view this page";
   include("login.php");
   exit(1);
}		
echo "You are logged in as <b>" . $_SESSION['username'] . " </b>";

   

Traveling East in search of instruction, and West to propagate the knowledge I have had gained.

current projects: pokersource

My Blog | My Pastebin | PHP Validation class | Backtrack linux


#49 Fruddy

Fruddy
  • Members
  • PipPipPip
  • Advanced Member
  • 43 posts

Posted 07 August 2006 - 08:43 AM

hmm its still doesnt how my name when im logged in:

<?php
if ($login_match == 1) {
    $_SESSION['username'] = $username;
    echo "du er logget ind som " ;
echo $username;
}else{
if (($message == "login_info") || ($message == "userinfo")) {
    if ($message == "login_info") {
    echo "Du har ikke skrevet dit brugernavn eller kodeord";
}
if ($message == "userinfo") {
    echo "dit brugernavn og kodeord matcher ikke sammen";
}
}
}
?>
<form action="checkuser.php" method="post" name="form1">
  <div align="justify">
    <table border="0" align="center">
      <tr>
        <td class="t11_grey">Brugernavn:</td></tr><tr>
        <td><input name="username" type="text" id="username"></td>
      </tr><br>
      <tr>
        <td class="t11_grey"><br>Kodeord</td></tr><tr>
        <td><input name="password" type="password" id="password"></td>
      </tr>
    <tr>
        <td><input type="submit" name="Submit" value="Submit"> <a href="http://www.my-projec.../register.php"> <u>opret bruger</u></a></td>
      </td>
    </table>
  </div>
</form> 

#50 tomfmason

tomfmason
  • Staff Alumni
  • Advanced Member
  • 1,696 posts
  • Locationstealing your wifi

Posted 07 August 2006 - 08:51 AM

Here make a a php file named test and try this

<?php
session_start();
$username = "Fruddy";
$_SESSION['username'] = $username;

echo 'hello ' . $_SESSION['username'] . ' your sessions are working just fine.';
?>

Try this and then post your login script here if it echos your name here.

Traveling East in search of instruction, and West to propagate the knowledge I have had gained.

current projects: pokersource

My Blog | My Pastebin | PHP Validation class | Backtrack linux


#51 Fruddy

Fruddy
  • Members
  • PipPipPip
  • Advanced Member
  • 43 posts

Posted 07 August 2006 - 08:56 AM

yea, it does:
http://www.my-project.dk/test.php


Login.php:

<?php
if ($login_match == 1) {
    $_SESSION['username'] = $username;
    echo "du er logget ind som " ;
		echo $username;
}else{
if (($message == "login_info") || ($message == "userinfo")) {
    if ($message == "login_info") {
	    echo "Du har ikke skrevet dit brugernavn eller kodeord";
	}
	if ($message == "userinfo") {
	    echo "dit brugernavn og kodeord matcher ikke sammen";
	}
}			
}
?>
<form action="checkuser.php" method="post" name="form1">
  <div align="justify">
    <table border="0" align="center">
      <tr> 
        <td class="t11_grey">Brugernavn:</td></tr><tr>
        <td><input name="username" type="text" id="username"></td>
      </tr><br>
      <tr> 
        <td class="t11_grey"><br>Kodeord</td></tr><tr>
        <td><input name="password" type="password" id="password"></td>
      </tr>
     <tr>
        <td><input type="submit" name="Submit" value="Submit"> <a href="http://www.my-project.dk/register.php"> <u>opret bruger</u></a></td>
      </td>
    </table>
  </div>
</form> 


#52 tomfmason

tomfmason
  • Staff Alumni
  • Advanced Member
  • 1,696 posts
  • Locationstealing your wifi

Posted 07 August 2006 - 09:01 AM

I'm sorry when I said to add that to your login script I meant the checkuser.php

like this

<?php
session_start(); 
include ('db.php');
array_pop($_POST); 
if ( get_magic_quotes_gpc() ) { 
    $_POST= array_map('stripslashes', $_POST); 
}
$username= mysql_real_escape_string(trim($_POST['username'])); 
$password= mysql_real_escape_string(trim($_POST['password']));
$mdpwd= md5($password);

if ((!$username) || (!$password)) {
    $message = "login_info";
    include("login.php");
	exit();
}			

 

$sql= sprintf("SELECT COUNT(*) AS login_match FROM `users` WHERE `username` = '%s' AND `password`= '%s'", $username, $mdpwd); 
$res= mysql_query($sql) or die(mysql_error()); 
$login_match= mysql_result($res, 0, 'login_match'); 

if ( $login_match == 1 ) { 
    $_SESSION['username']= "$username";
    include("somepage.php");
} else { 
    $message = "userinfo";
	include("login.php");
	exit(); 
}
?>

I would change the login.php back to what it was.

Traveling East in search of instruction, and West to propagate the knowledge I have had gained.

current projects: pokersource

My Blog | My Pastebin | PHP Validation class | Backtrack linux


#53 Fruddy

Fruddy
  • Members
  • PipPipPip
  • Advanced Member
  • 43 posts

Posted 07 August 2006 - 09:46 AM

Well i think i have to change the login.php, because in the index, when i login the login.php apear, but i dont want it to apear, when im logged in.
But i want to have the "you are now logged in as $username"" to appear, instead of the login.php

#54 tomfmason

tomfmason
  • Staff Alumni
  • Advanced Member
  • 1,696 posts
  • Locationstealing your wifi

Posted 07 August 2006 - 10:00 AM

are you pasting this exact code at the top of the protected file.

session_start();
if (!$_SESSION['username']) {
   echo "You must login to view this page";
   include("login.php");
   exit(1);
}		
echo "You are logged in as <b>" . $_SESSION['username'] . " </b>";

If you used that checkuser.php that I posted with this ^ piece of code at the begining of the protected file. Then you should have no trouble.

Traveling East in search of instruction, and West to propagate the knowledge I have had gained.

current projects: pokersource

My Blog | My Pastebin | PHP Validation class | Backtrack linux


#55 Fruddy

Fruddy
  • Members
  • PipPipPip
  • Advanced Member
  • 43 posts

Posted 07 August 2006 - 10:48 AM

all pople can view all sites, i just want to make sure that i am logged in.

My checkuser:
<?php
session_start(); 
include ('database.php');
array_pop($_POST); 
if ( get_magic_quotes_gpc() ) { 
    $_POST= array_map('stripslashes', $_POST); 
}
$username= mysql_real_escape_string(trim($_POST['username'])); 
$password= mysql_real_escape_string(trim($_POST['password']));
$mdpwd= md5($password);

if ((!$username) || (!$password)) {
    $message = "login_info";
    include("login.php");
	exit();
}			

 

$sql= sprintf("SELECT COUNT(*) AS login_match FROM `users` WHERE `username` = '%s' AND `password`= '%s'", $username, $mdpwd); 
$res= mysql_query($sql) or die(mysql_error()); 
$login_match= mysql_result($res, 0, 'login_match'); 

if ( $login_match == 1 ) { 
    $_SESSION['username']= "$username";
   echo "Du er nu logget ind som<b> ";
	 echo $username;
	 echo "</b>";
} else { 
    $message = "userinfo";
	include("login.php");
	exit(); 
}
?>


The login bar:
  <?php 
session_start();
if (!$_SESSION['username']) {				
include ("login.php");
   exit(1);
}
else {
echo "Du er logget ind som <b>" . $_SESSION['username'] . " </b>";}
				?>





#56 tomfmason

tomfmason
  • Staff Alumni
  • Advanced Member
  • 1,696 posts
  • Locationstealing your wifi

Posted 07 August 2006 - 11:10 AM

Ok now in your checkuser.php change this
if ( $login_match == 1 ) { 
    $_SESSION['username']= "$username";
   echo "Du er nu logget ind som<b> ";
   echo $username;
   echo "</b>";
} else { 
    $message = "userinfo";
    include("login.php");
    exit(); 
}
?>

To this

if ( $login_match == 1 ) { 
    $_SESSION['username']= "$username";
    echo "Du er nu logget ind som<b> ";
    include("some_protected_page.php");//this is were you want people to go after login
	 echo "</b>";
} else { 
    $message = "userinfo";
    include("login.php");
    exit(); 
}



Now say you have a file called some_protected_page.php You would do this.

<?php
session_start();
if (!$_SESSION['username']) {
   echo "You must login to view this page";
   include("login.php"); 
   exit(1);
}
?>
<!---html goes below here--->
<html>
<head><title>Some Protected Page</title></head>

<body>
<p>
   <?php echo 'Hello <b> ' . $_SESSION['username'] . '</b> you are now viewing a protected page.'; ?>
</p>
</body>
</html>


Give this a try and you will see the proper use

Traveling East in search of instruction, and West to propagate the knowledge I have had gained.

current projects: pokersource

My Blog | My Pastebin | PHP Validation class | Backtrack linux


#57 trulu

trulu
  • New Members
  • Pip
  • Newbie
  • 1 posts

Posted 25 November 2006 - 05:38 AM

hmmm can you send me all the working php page from the membership system tutorial T_T or copy all the php script in here plzzz....




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users