Xtremer360 Posted October 28, 2009 Share Posted October 28, 2009 Okay second part almost have me getting back to where I was originally. My login almost works flawlessly however the only thing that isn't quite right again is the password field. I mean no matter what I put in the field it says "Incorrect password, please try again." everytime. I went through and put in through the users table and created the following fields: id(tinyint) auto-increment username(varchar) 25 password(text) admin(tiny) And then I went through and put a record manually as: 1 Admin password 1 Is there anything that I've done wrong that you can notice? <?php require "backstageconfig.php"; ob_start(); //if the login form is submitted if(isset($_POST['submit'])) { // makes sure they filled it in if(!$_POST['username'] || !$_POST['password']) { die('You did not fill in a required field.'); } $username = mysql_real_escape_string($_POST['username']); $pass = mysql_real_escape_string($_POST['password']); $check = mysql_query("SELECT * FROM users WHERE username = '".$username."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database.'); } while($info = mysql_fetch_array( $check )) { $pass = md5(stripslashes($_POST['password'])); $info['password'] = stripslashes($info['password']); //$_POST['pass'] = md5($_POST['pass']); THIS IS DONE IN THE ABOVE STATEMENT //gives error if the password is wrong if ($pass != $info['password']) { die('Incorrect password, please try again.'); } else // if login is ok then we add a cookie and send them to the correct page { $username = stripslashes($username); $_SESSION['username'] = $username; $_SESSION['loggedin'] = time(); // Finds out the user type $query = "SELECT `admin` FROM `users` WHERE `username` = '" . $username . "'"; $result = mysql_query($query) or die(mysql_error()); $row = mysql_fetch_array($result); $admin = $row['admin']; $_SESSION['admin'] = $admin; ######################################### ######## ADMIN SCRIPT CAN BE ADDED BELOW ######################################### if(isset($_SESSION['admin'])) { ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <meta http-equiv="Content-Style-Type" content="text/css"> <meta http-equiv="Content-Language" content="en-us"> <meta name="language" content="en-us"> <title>Backstage V1 Administration Console</title> <link rel="stylesheet" href="backstage.css" type="text/css" media="screen"> <link rel="stylesheet" href="backstage_print.css" type="text/css" media="print"> <script src="prototype.js" type="text/javascript"></script> <script src="scriptaculous.js" type="text/javascript"></script> <script type="text/javascript" src="ajax.js"></script> <script type="text/javascript"> var page = document.cookie.match(/page=[\w][\w\-\.]+;/); if(page != null) { ajaxpage("page", "content"); } else { ajaxpage("home", "content"); } </script> <link rel=stylesheet href=backstage.css type=css media=screen> <link rel=stylesheet href=backstage_print.css type=css media=print> </head> <body> <div id=container> <div class=header> <table cellpadding="0" cellspacing="0" border="0" width="95%"> <tr> <td width=110 align=center></td> <td></td> <td width=40 valign=bottom align=right> <a href="#" onclick="ajaxpage('home', 'content'); return false;">Home</a> | <a href="#" onclick="ajaxpage('logout', 'content'); return false;">Logout</a> | <a target="_blank" href="http://kansasoutlawwrestling.com/phpBB3">Forums</a></td> </tr> </table> </div> <div id=container2> <div id=nav> <?php if(isset($_SESSION['loggedin'])) { ?> <h1>Character</h1> <ul> <li><a href="#" onclick="ajaxpage('bio', 'content'); return false;">Bio</a></li> <li><a href="#" onclick="ajaxpage('allies', 'content'); return false;">Allies</a></li> <li><a href="#" onclick="ajaxpage('rivals', 'content'); return false;">Rivals</a></li> <li><a href="#" onclick="ajaxpage('quotes', 'content'); return false;">Quotes</a></li> </ul> <?php } ?> <?php if(isset($_SESSION['loggedin'])) { ?> <h1>Submit</h1> <ul> <li><a href="#" onclick="ajaxpage('roleplay', 'content'); return false;">Roleplay</a></li> <li><a href="#" onclick="ajaxpage('news', 'content'); return false;">News</a></li> <li><a href="#" onclick="ajaxpage('match', 'content'); return false;">Match</a></li> <li><a href="#" onclick="ajaxpage('seg', 'content'); return false;">Seg</a></li> </ul> <?php } ?> <?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?> <h1>Handler</h1> <ul> <li><a href="#" onclick="ajaxpage('directory', 'content'); return false;">Directory</a></li> </ul> <?php } ?> <?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?> <h1>Booking</h1> <ul> <li><a href="#" onclick="ajaxpage('champions', 'content'); return false;">Champions</a></li> <li><a href="#" onclick="ajaxpage('booker', 'content'); return false;">Booker</a></li> <li><a href="#" onclick="ajaxpage('compiler', 'content'); return false;">Compiler</a></li> <li><a href="#" onclick="ajaxpage('archives', 'content'); return false;">Archives</a></li> </ul> <?php } ?> <?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?> <h1>Fed Admin</h1> <ul> <li><a href="#" onclick="ajaxpage('handlers', 'content'); return false;">Handlers</a></li> <li><a href="#" onclick="ajaxpage('characters', 'content'); return false;">Characters</a></li> <li><a href="#" onclick="ajaxpage('applications', 'content'); return false;">Applications</a></li> <li><a href="#" onclick="ajaxpage('eventnames', 'content'); return false;">Event Names</a></li> <li><a href="#" onclick="ajaxpage('titlenames', 'content'); return false;">Title Names</a></li> <li><a href="#" onclick="ajaxpage('matchtypes', 'content'); return false;">Match Types</a></li> <li><a href="#" onclick="ajaxpage('divisions', 'content'); return false;">Divisions</a></li> <li><a href="#" onclick="ajaxpage('countries', 'content'); return false;">Arenas</a></li> </ul> <?php } ?> <?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?> <h1>Site Admin</h1> <ul> <li><a href="#" onclick="ajaxpage('templates', 'content'); return false;">Templates</a></li> <li><a href="#" onclick="ajaxpage('content', 'content'); return false;">Content</a></li> <li><a href="#" onclick="ajaxpage('biosconfig', 'content'); return false;">Bio Configuration</a></li> <li><a href="#" onclick="ajaxpage('newscat', 'content'); return false;">News Categories</a></li> <li><a href="#" onclick="ajaxpage('menus', 'content'); return false;">Menus</a></li> </ul> <?php } ?> </div> <div id=content> </div> <div id="footer">Backstage 1 © 2009 </div> </div> </div> </body> </html> <?php ######################################### ######## ADMIN SCRIPT HAS TO END ABOVE ######################################### } } } } else { // if they have not submitted the form ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> <meta http-equiv="Content-Style-Type" content="text/css"> <meta http-equiv="Content-Language" content="en-us"> <meta name="language" content="en-us"> <title>Backstage V1 Administration Console</title> <link rel="stylesheet" href="backstage.css" type="text/css" media="screen"> <link rel="stylesheet" href="backstage_print.css" type="text/css" media="print"> <script src="prototype.js" type="text/javascript"></script> <script src="scriptaculous.js" type="text/javascript"></script> <script type="text/javascript" src="ajax.js"></script> <link rel=stylesheet href=backstage.css type=css media=screen> <link rel=stylesheet href=backstage_print.css type=css media=print> </head> <body> <div id=login> <form method="POST" action="/mybackstage/backstage.php"> <h1>KOW Backstage</h1> <p><label>Username:<br><input type="text" name="username" id="log" tabindex="1"></label></p> <p><label>Password:<br><input type="password" name="password" id="pwd" tabindex="2"></label></p> <p style="text-align: center;"><input type="submit" class="button" name="submit" id="submit" value="Login »" tabindex="4"></p> </form> </div> </body> </html> <?php } ?> Quote Link to comment https://forums.phpfreaks.com/topic/179284-solved-password-field-problems/ Share on other sites More sharing options...
Alex Posted October 28, 2009 Share Posted October 28, 2009 Since you're using md5 encrpytion when checking your password the script expects that you're storing a m5d hash of the user's password. Since you manually entered 'password', the check will never work. You should put the md5 hash of 'password', which is 5f4dcc3b5aa765d61d8327deb882cf99 Quote Link to comment https://forums.phpfreaks.com/topic/179284-solved-password-field-problems/#findComment-945919 Share on other sites More sharing options...
Xtremer360 Posted October 28, 2009 Author Share Posted October 28, 2009 Thank you. Quote Link to comment https://forums.phpfreaks.com/topic/179284-solved-password-field-problems/#findComment-945922 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.