Gayner Posted December 14, 2009 Share Posted December 14, 2009 <input name="doLogin" type="image" src="images/loginsubmit.jpg" id="doLogin3" value="Login"> ON FIREFOX it works fine but on Opera/IE it just refreshes and goes to login.php? Here is my full thing: if (isset($_POST['doLogin'])=='Login') { include 'dbc.php'; $user_email = mysql_real_escape_string($_POST['usr_email']); $md5pass = md5(mysql_real_escape_string($_POST['pwd'])); if (strpos($user_email,'@') === false) { $user_cond = "user_name='$user_email'"; } else { $user_cond = "user_email='$user_email'"; } $sql = "SELECT `id`,`user_name`,`approved` FROM users WHERE $user_cond AND `pwd` = '$md5pass' AND `banned` = '0' "; $result = mysql_query($sql) or die (mysql_error()); $num = mysql_num_rows($result); // Match row found with more than 1 results - the user is authenticated. if ( $num > 0 ) { list($id,$full_name,$approved) = mysql_fetch_row($result); if(!$approved) { $msg = "Account not activated. Please check your email for activation code"; header("Location: ./?God=Login&msg=$msg"); exit(); } // this sets session and logs user in session_start(); // this sets variables in the session $_SESSION['user_id']= $id; $_SESSION['user_name'] = $full_name; //set a cookie witout expiry until 60 days if(isset($_POST['remember'])){ setcookie("user_id", $_SESSION['user_id'], time()+60*60*24*60, "/"); setcookie("user_name", $_SESSION['user_name'], time()+60*60*24*60, "/"); } Redirect( "Thanks you have Successfully Logged in!", './?' ); exit; } else { $msg = urlencode("Invalid Login. Please try again with correct user email and password. "); header("Location: ./?God=Login&msg=$msg"); } } if (strpos($_SERVER['HTTP_USER_AGENT'], 'MSIE')) { echo "hey"; } ?> <form action="login.php" method="post" name="logForm" id="logForm" > <?php /******************** ERROR MESSAGES************************************************* This code is to show error messages **************************************************************************/ if (isset($_GET['msg'])) { $msg = mysql_real_escape_string($_GET['msg']); echo "<div class=\"msg\">$msg</div>"; } /******************************* END ********************************/ ?> <center> <div id="main_content"> <div id="login"> - <input name="usr_email" type="text" class="required" id="txtbox" size="25" style="background-color: transparent; filter: alpha(opacity=50): moz-opacity: .50; opacity: .50;z-index:1; "> </div> <div id="password"> - <input name="pwd" type="password" class="required password" id="txtbox" size="25" style="background-color: transparent; filter: alpha(opacity=50): moz-opacity: .50; opacity: .50;z-index:1; "> <b><i>Remember Me?</i></b> <input name="remember" type="checkbox" id="remember" value="1"> </div> <div id="submit"> - <input name="doLogin" type="image" src="images/loginsubmit.jpg" id="doLogin3" value="Login"> </div> Quote Link to comment Share on other sites More sharing options...
Buddski Posted December 14, 2009 Share Posted December 14, 2009 First thing I noticed is if (isset($_POST['doLogin'])=='Login') which when evaluated is either, true == 'Login' or false == 'Login' Change that line to: if (isset($_POST['doLogin'])) Can you show us the complete form. I dont understand how it works in Firefox but nothing else.. Quote Link to comment Share on other sites More sharing options...
Gayner Posted December 14, 2009 Author Share Posted December 14, 2009 First thing I noticed is if (isset($_POST['doLogin'])=='Login') which when evaluated is either, true == 'Login' or false == 'Login' Change that line to: if (isset($_POST['doLogin'])) Can you show us the complete form. I dont understand how it works in Firefox but nothing else.. MY WHOLE LOGIN.php <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <?php /*************** PHP LOGIN SCRIPT V2.0********************* (c) Balakrishnan 2009. All Rights Reserved Usage: This script can be used FREE of charge for any commercial or personal projects. Enjoy! Limitations: - This script cannot be sold. - This script should have copyright notice intact. Dont remove it please... - This script may not be provided for download except from its original site. For further usage, please contact me. ***********************************************************/ if (isset($_POST['doLogin'])=='Login') { include 'dbc.php'; $user_email = mysql_real_escape_string($_POST['usr_email']); $md5pass = md5(mysql_real_escape_string($_POST['pwd'])); if (strpos($user_email,'@') === false) { $user_cond = "user_name='$user_email'"; } else { $user_cond = "user_email='$user_email'"; } $sql = "SELECT `id`,`user_name`,`approved` FROM users WHERE $user_cond AND `pwd` = '$md5pass' AND `banned` = '0' "; $result = mysql_query($sql) or die (mysql_error()); $num = mysql_num_rows($result); // Match row found with more than 1 results - the user is authenticated. if ( $num > 0 ) { list($id,$full_name,$approved) = mysql_fetch_row($result); if(!$approved) { $msg = "Account not activated. Please check your email for activation code"; header("Location: ./?God=Login&msg=$msg"); exit(); } // this sets session and logs user in session_start(); // this sets variables in the session $_SESSION['user_id']= $id; $_SESSION['user_name'] = $full_name; //set a cookie witout expiry until 60 days if(isset($_POST['remember'])){ setcookie("user_id", $_SESSION['user_id'], time()+60*60*24*60, "/"); setcookie("user_name", $_SESSION['user_name'], time()+60*60*24*60, "/"); } Redirect( "Thanks you have Successfully Logged in!", './?' ); exit; } else { $msg = urlencode("Invalid Login. Please try again with correct user email and password. "); header("Location: ./?God=Login&msg=$msg"); } } ?> <html> <head> <style type="text/css"> body{background-color:black;} #main_content { background:url(login.jpg) no-repeat;width:600px;height:450px;margin:auto; text-align: left; } #main_content #login {margin-top:293px;margin-left:260px;position:absolute} #main_content #password {margin-top:353px;margin-left:260px;position:absolute} #main_content #submit {margin-top:383px;margin-left:365px;position:absolute} .div2 { } </style> </head> <body> <form action="login.php" method="Post" name="logForm" id="logForm" > <?php /******************** ERROR MESSAGES************************************************* This code is to show error messages **************************************************************************/ if (isset($_GET['msg'])) { $msg = mysql_real_escape_string($_GET['msg']); echo "<div class=\"msg\">$msg</div>"; } /******************************* END ********************************/ ?> <center> <div id="main_content"> <div id="login"> - <input name="usr_email" type="text" class="required" id="txtbox" size="25" style="background-color: transparent; filter: alpha(opacity=50): moz-opacity: .50; opacity: .50;z-index:1; "> </div> <div id="password"> - <input name="pwd" type="password" class="required password" id="txtbox" size="25" style="background-color: transparent; filter: alpha(opacity=50): moz-opacity: .50; opacity: .50;z-index:1; "> <b><i>Remember Me?</i></b> <input name="remember" type="checkbox" id="remember" value="1"> </div> <div id="submit"> - <input name="doLogin" type="image" src="images/loginsubmit.jpg" id="doLogin3" value="Login"> </div> </div> </center> </form> </body> </html> ON FIREFOX IT GOes here if i just click it: header("Location: ./?God=Login&msg=$msg"); but on opera/ie it goes to login.php.. Quote Link to comment Share on other sites More sharing options...
Gayner Posted December 14, 2009 Author Share Posted December 14, 2009 if i change type="submit" to type="image" it doesn't work on IE/opera.. but on firefox, but if i change it to type="submit" it works for everything but no image.. ?? Quote Link to comment Share on other sites More sharing options...
Buddski Posted December 14, 2009 Share Posted December 14, 2009 Your <input type="image" will work on all of those browsers.. Im not entirely sure I know what is not working.. Are all the browsers posting to login.php? For testing purposes I suggest removing all of the redirecting code and having an echo in there instead. Quote Link to comment Share on other sites More sharing options...
Gayner Posted December 14, 2009 Author Share Posted December 14, 2009 Your <input type="image" will work on all of those browsers.. Im not entirely sure I know what is not working.. Are all the browsers posting to login.php? For testing purposes I suggest removing all of the redirecting code and having an echo in there instead. input type image only works on firefox.. cause if i check it on opera/ie it goes to login.php but if i make it input type=submit then it works on all of them what is the problem here? im raged and about to kick my cat Quote Link to comment Share on other sites More sharing options...
oni-kun Posted December 14, 2009 Share Posted December 14, 2009 input type image only works on firefox.. cause if i check it on opera/ie it goes to login.php but if i make it input type=submit then it works on all of them what is the problem here? im raged and about to kick my cat Quoted. Quote Link to comment Share on other sites More sharing options...
Buddski Posted December 14, 2009 Share Posted December 14, 2009 What do you mean it goes to login.php? By my reckoning its working how its supposed to.. Your form's action is set to go to login.php which means when the form is submitted it will POST to login.php When IE\Opera goto login.php what is displayed on the screen? Quote Link to comment Share on other sites More sharing options...
mrMarcus Posted December 14, 2009 Share Posted December 14, 2009 this line don't make any sense: if (isset($_POST['doLogin'])=='Login') you're either checking if the var is set, or you're checking to see if it's equal to 'Login' .. not both. images need an extra parameter when checking them. IE checks the coordinates of submit images, so something like this is necessary to read the form: if (isset ($_POST['doLogin_x']) || isset ($_POST['doLogin_y'])) NOTE: the _x && _y (i can't remember which coord is checked [if one in particular], so i put a test against both, x and y). that should work. EDIT: and do not do this: $md5pass = md5(mysql_real_escape_string($_POST['pwd'])); get rid of the mysql_real_escape_string() from within the hash .. what happens here is that if a user creates a password like so: <?php $user_pass = 'blah"_blah"%^hd#fds'; //this would come from $_POST['pwd']; NOTE the " in the pass; //then do what you did; $md5pass = md5 (mysql_real_escape_string ($user_pass)); //the mysql_real_escape_string() escapes the " in the pass, and user pass becomes this: $md5pass = 'blah\"_blah\"%^hd#fds'; //user password is now hashed with a couple extra \'s in there with md5() .. this is not the password they entered, so when they come back to login, their password will be different in the database than what they initially entered. i guess if you were to apply the same technique [u]every[/u] single time, this would work, but let's not even take that chance. //lose the mysql_real_escape_string() since hashing the password makes it SQL safe. $md5pass = md5 ($_POST['pwd']); ?> Quote Link to comment Share on other sites More sharing options...
Buddski Posted December 14, 2009 Share Posted December 14, 2009 Heh, you learn something new everyday... Quote Link to comment Share on other sites More sharing options...
Gayner Posted December 14, 2009 Author Share Posted December 14, 2009 this line don't make any sense: if (isset($_POST['doLogin'])=='Login') you're either checking if the var is set, or you're checking to see if it's equal to 'Login' .. not both. images need an extra parameter when checking them. IE checks the coordinates of submit images, so something like this is necessary to read the form: if (isset ($_POST['doLogin_x']) || isset ($_POST['doLogin_y'])) NOTE: the _x && _y (i can't remember which coord is checked [if one in particular], so i put a test against both, x and y). that should work. EDIT: and do not do this: $md5pass = md5(mysql_real_escape_string($_POST['pwd'])); get rid of the mysql_real_escape_string() from within the hash .. what happens here is that if a user creates a password like so: <?php $user_pass = 'blah"_blah"%^hd#fds'; //this would come from $_POST['pwd']; NOTE the " in the pass; //then do what you did; $md5pass = md5 (mysql_real_escape_string ($user_pass)); //the mysql_real_escape_string() escapes the " in the pass, and user pass becomes this: $md5pass = 'blah\"_blah\"%^hd#fds'; //user password is now hashed with a couple extra \'s in there with md5() .. this is not the password they entered, so when they come back to login, their password will be different in the database than what they initially entered. i guess if you were to apply the same technique [u]every[/u] single time, this would work, but let's not even take that chance. //lose the mysql_real_escape_string() since hashing the password makes it SQL safe. $md5pass = md5 ($_POST['pwd']); ?> DOOD U ARE THE WINNER!! I WENT TO SLEEP CRYING onh ow to fix this then i woke up and refresh screen and I FOUND A WINEER GOT PAYPAL EMAIL LET ME SEND U SOME $ DOG. the if (isset ($_POST['doLogin_x']) || isset ($_POST['doLogin_y'])) works for opera and ie thx Quote Link to comment Share on other sites More sharing options...
mrMarcus Posted December 14, 2009 Share Posted December 14, 2009 i don't do it for the money, i do it for the glory Quote Link to comment Share on other sites More sharing options...
Gayner Posted December 14, 2009 Author Share Posted December 14, 2009 i don't do it for the money, i do it for the glory Lol bro i was just bein starcastic i only got like 2$ in there anyway, and if i sent it my rates are so high paypal would take out like 85cent'st hen u get like 1.25.. then when it get's sent to u ur rates prob take out 50cent's so u would get like 40 cent's lol Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.