lewisstevens1 Posted December 15, 2009 Share Posted December 15, 2009 Hi i am having a problem, when i try logging in it is always saying "Invalid Login" im not sure what is going wrong, a week ago i had it working. I cant remember the change i did but i know its in one of theese files (dont worry about the styling, i know theres one div i havent closed lol : Login.php <?php include 'dbc.php'; $user_email = mysql_real_escape_string($_POST['email']); $full_name = mysql_real_escape_string($_POST['full_name']); $money = mysql_real_escape_string($_POST['money']); $id = mysql_real_escape_string($_POST['id']); $level = mysql_real_escape_string($_POST['level']); $crystals = mysql_real_escape_string($_POST['crystals']); $userdp = mysql_real_escape_string($_POST['userdp']); $health = mysql_real_escape_string($_POST['health']); $exp = mysql_real_escape_string($_POST['exp']); $rep = mysql_real_escape_string($_POST['rep']); $class = mysql_real_escape_string($_POST['class']); $bonus = mysql_real_escape_string($_POST['bonus']); $tutorial = mysql_real_escape_string($_POST['tutorial']); $mana = mysql_real_escape_string($_POST['mana']); if ($_POST['Submit']=='Login') { $md5pass = md5($_POST['pwd']); $sql = "SELECT id,user_email,full_name,money,level,crystals,userdp,health,exp,rep,class,bonus,tutorial,mana FROM users WHERE user_email = '$user_email' AND user_pwd = '$md5pass' AND user_activated='1'"; $result = mysql_query($sql) or die (mysql_error()); $num = mysql_num_rows($result); if ( $num != 0 ) { session_start(); list($id,$full_name,$user_email,$money,$level,$crystals,$userdp,$health,$exp,$rep,$class,$bonus,$tutorial,$mana) = mysql_fetch_row($result); // session variables $_SESSION['user']= $user_email; $_SESSION['full_name']= $full_name; $_SESSION['money']= $money; $_SESSION['id']= $id; $_SESSION['level']= $level; $_SESSION['crystals']= $crystals; $_SESSION['userdp']= $userdp; $_SESSION['health']= $health; $_SESSION['exp']= $exp; $_SESSION['rep']= $rep; $_SESSION['class']= $class; $_SESSION['bonus']= $bonus; $_SESSION['tutorial']= $tutorial; $_SESSION['mana']= $mana;*/ if (isset($_GET['ret']) && !empty($_GET['ret'])) { header("Location: $_GET[ret]"); } else { header("Location: index.php"); } exit(); } header("Location: login.php?msg=Invalid Login"); exit(); } ?> <link href="styles.css" rel="stylesheet" type="text/css"> <?php if (isset($_GET['msg'])) { echo "<div class=\"msg\"> $_GET[msg] </div>"; } ?> <p> </p><table width="40%" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td bgcolor="#000066" class="mnuheader" > <div align="center"><font size="5"><strong>Login Members</strong></font></div></td> </tr> <tr> <td bgcolor="#000099" class="mnubody"><form name="form1" method="post" action=""> <p> </p> <p align="center">Your Email <input name="email" type="text" id="email"> </p> <p align="center"> Password: <input name="pwd" type="password" id="pwd"> </p> <p align="center"> <input type="submit" name="Submit" value="Login"> </p> <p align="center"><a href="register.php">Register</a> | <a href="forgot.php">Forgot</a></p> </form></td> </tr> </table> Register.php <?php session_start(); include ('dbc.php'); if ($_POST['Submit'] == 'Register') { if (strlen($_POST['email']) < 5) { die ("Incorrect email. Please enter valid email address.."); } if (strcmp($_POST['pass1'],$_POST['pass2']) || empty($_POST['pass1']) ) { //die ("Password does not match"); die("ERROR: Password does not match or empty.."); } if (strcmp(md5($_POST['user_code']),$_SESSION['ckey'])) { die("Invalid code entered. Please enter the correct code as shown in the Image"); } $rs_duplicates = mysql_query("select id from users where user_email='$_POST[email]'"); $duplicates = mysql_num_rows($rs_duplicates); if ($duplicates > 0) { //die ("ERROR: User account already exists."); header("Location: register.php?msg=ERROR: User account already exists.."); exit(); } $md5pass = md5($_POST['pass2']); $activ_code = rand(1000,9999); $server = $_SERVER['HTTP_HOST']; $host = ereg_replace('www.','',$server); mysql_query("INSERT INTO users (`user_email`,`user_pwd`,`sex`,`joined`,`activation_code`,`char_name`,`log_name`) VALUES ('$_POST[email]','$md5pass','$_POST[sex]',now(),'$activ_code','$_POST[char_name]','$_POST[log_name]')") or die(mysql_error()); $message = "Thank you for registering an account with $server. Here are the login details...\n\n User Email: $_POST[email] \n Password: $_POST[pass2] \n Activation Code: $activ_code \n ____________________________________________ *** ACTIVATION LINK ***** \n Activation Link: http://$server/myown/activate.php?usr=$_POST[email]&code=$activ_code \n\n _____________________________________________ Thank you. This is an automated response. PLEASE DO NOT REPLY. "; mail($_POST['email'] , "Login Activation", $message, "From: \"Auto-Response\" <notifications@$host>\r\n" . "X-Mailer: PHP/" . phpversion()); unset($_SESSION['ckey']); echo("Registration Successful! An activation code has been sent to your email address with an activation link..."); exit; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html lang="en-US" xml:lang="en-US" xmlns="http://www.w3.org/1999/xhtml"> <link rel="stylesheet" type="text/css" href="main.css"> <link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" /> <style type="text/css"></style> <title>The Website</title> <center> <html> <center> <head> <div style="border: 1px white solid;"> <div id="photolayer" style="z-index: 1; left: 5px; top: 1000px; width: 100%; height: 138px; background-color:#000; visibility: visible" div align = "center"> <img src="header.jpg" alt="Title" border="5px" style="padding-top: 4px"> </div> </div> </head> </center> <body> <p></p> </body> <body> <p></p> </body> <center> <div id="box"> <?php if (isset($_GET['msg'])) { echo "<div class=\"msg\"> $_GET[msg] </div>"; } ?> <div id="center1"> <h1>Registration</h1><img src="images/page1.png"> <form name="form1" method="post" action="tutorial.php"> <table border="0" width="500px";> <tr> <br><th><p>Please choose your <font color="red">characters</font> name:</th><td><br><input name="char_name" type="text" id="char_name"></p></td> </tr> <tr> <th><p>Please choose your <font color="red">login</font> name:</th><td><br><input name="log_name" type="text" id="log_name"></p></td> </tr> <tr> <th><p>Please choose your <font color="red">password</font>:</th><td><br><input name="pass1" type="password" id="pass1"></p></td> </tr> <tr> <th><p>Please <font color="red">re-enter</font> your <font color="red">password</font>:</th><td><br><input name="pass2" type="password" id="pass2"></p></td> </tr> <tr> <th><p>Please enter your <font color="red">email address</font>:</th><td><br><input name="email" type="text" id="email"></p></td> </tr> <tr> <th><br><img src="pngimg.php" align="middle"></th><td><br><input name="user_code" type="text" size="10"></td> </tr> </table> <br><br><input type="submit" name="Submit" value="Register"> </form> </div> </div> </center> <body> <p></p> </body> <div id="box"> <div id="footer"> </div> </div> </div> </div> </style> </center> </html> I dont think its this one as the connection is ok, but here it is anyway <?php $dbname = 'stonersg_myown'; $link = mysql_connect('localhost','stonersg_myown','davemira1') or die("Couldn't make connection."); $db = mysql_select_db($dbname, $link) or die("Couldn't select database"); ?> I thank you in advance for your help. Lewis Stevens Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/ Share on other sites More sharing options...
PFMaBiSmAd Posted December 15, 2009 Share Posted December 15, 2009 Your query is not matching any row(s) in your table ($num is equal to zero, but your query did execuite without any errors.) You are going to need to find out why it did not match any row(s.) Echo the $sql variable so that you know exactly what it contains. Look directly in your table using your favorite database management tool and check if there is a row that should match the values that are in the WHERE clause in the query. Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-977800 Share on other sites More sharing options...
dpacmittal Posted December 15, 2009 Share Posted December 15, 2009 Change: $rs_duplicates = mysql_query("select id from users where user_email='$_POST[email]'"); to: $rs_duplicates = mysql_query("select id from users where user_email='".$_POST['email']."'"); Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-977870 Share on other sites More sharing options...
PFMaBiSmAd Posted December 15, 2009 Share Posted December 15, 2009 The two different syntaxes are equivalent and they are both valid. Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-977874 Share on other sites More sharing options...
dpacmittal Posted December 15, 2009 Share Posted December 15, 2009 The two different syntaxes are equivalent and they are both valid. I didn't know you could use associative array without giving quotes. Thanks for that. Oops, it seems that I checked out the second snippet instead of the first one. Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-977886 Share on other sites More sharing options...
PFMaBiSmAd Posted December 15, 2009 Share Posted December 15, 2009 3rd method - $rs_duplicates = mysql_query("select id from users where user_email='{$_POST['email']}'"); Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-977891 Share on other sites More sharing options...
lewisstevens1 Posted December 15, 2009 Author Share Posted December 15, 2009 Your query is not matching any row(s) in your table ($num is equal to zero, but your query did execuite without any errors.) You are going to need to find out why it did not match any row(s.) Echo the $sql variable so that you know exactly what it contains. Look directly in your table using your favorite database management tool and check if there is a row that should match the values that are in the WHERE clause in the query. Ok i read through this, i understand what you are trying to say, but i dont get why it wont. Here are my Database fields: id - full_name - user_name - user_pwd - user_email - activation_code - joined - sex - user_activated - money - level - crystals - userdp - health - rep - exp - class - bonus - tutorial - mana - char_name - log_name regarding the: $rs_duplicates change, i tried both ways, still didnt work i found an error in login.php, where i put */ i deleted it but not much is happening, when im clicking register its not adding the new user to the database :S Sorry about this and thankyou for all your help. Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-978065 Share on other sites More sharing options...
lewisstevens1 Posted December 17, 2009 Author Share Posted December 17, 2009 Can anyone help me? Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-978852 Share on other sites More sharing options...
lewisstevens1 Posted December 17, 2009 Author Share Posted December 17, 2009 Help Please... Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-979110 Share on other sites More sharing options...
Deoctor Posted December 17, 2009 Share Posted December 17, 2009 i think the md5 of ur password is not matching out correctly.. have u tried to echo these values and see. and instead of this one SELECT id,user_email,full_name,money,level,crystals,userdp,health,exp,rep,class,bonus,tutorial,mana FROM users WHERE user_email = '$user_email' AND user_pwd = '$md5pass' AND user_activated='1'"; use as SELECT * FROM users WHERE user_email = '$user_email' AND user_pwd = '$md5pass' AND user_activated='1'"; Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-979131 Share on other sites More sharing options...
lewisstevens1 Posted December 17, 2009 Author Share Posted December 17, 2009 Oooh thanks... ill try that Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-979133 Share on other sites More sharing options...
lewisstevens1 Posted December 17, 2009 Author Share Posted December 17, 2009 Ok didnt work... theres something wrong here... Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-979149 Share on other sites More sharing options...
PFMaBiSmAd Posted December 17, 2009 Share Posted December 17, 2009 when im clicking register its not adding the new user to the database :S That would be the first thing you need to troubleshoot and fix. What IS your browser displaying when you try to register? Do you get the email and does activate.php do what it is supposed to? You cannot worry about login.php working until all the steps leading up to having a valid account are working. Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-979156 Share on other sites More sharing options...
lewisstevens1 Posted December 17, 2009 Author Share Posted December 17, 2009 Mmmm nope... thats strange... So theres somethihng wrong with: $md5pass = md5($_POST['pass2']); $activ_code = rand(1000,9999); $server = $_SERVER['HTTP_HOST']; $host = ereg_replace('www.','',$server); mysql_query("INSERT INTO users (`user_email`,`user_pwd`,`sex`,`joined`,`activation_code`,`full_name`) VALUES ('$_POST[email]','$md5pass','$_POST[sex]',now(),'$activ_code','$_POST[full_name]')") or die(mysql_error()); $message = "Thank you for registering an account with $server. Here are the login details...\n\n User Email: $_POST[email] \n Password: $_POST[pass2] \n Activation Code: $activ_code \n ____________________________________________ *** ACTIVATION LINK ***** \n Activation Link: http://$server/myown/activate.php?usr=$_POST[email]&code=$activ_code \n\n _____________________________________________ Thank you. This is an automated response. PLEASE DO NOT REPLY. "; mail($_POST['email'] , "Login Activation", $message, "From: \"Auto-Response\" <notifications@$host>\r\n" . "X-Mailer: PHP/" . phpversion()); unset($_SESSION['ckey']); echo("Registration Successful! An activation code has been sent to your email address with an activation link..."); exit; } Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-979164 Share on other sites More sharing options...
lewisstevens1 Posted December 17, 2009 Author Share Posted December 17, 2009 Aint $host = ereg_replace('www.','',$server); meant to be $host = ereg_replace('www.',$server); thats all i can thinkn of Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-979169 Share on other sites More sharing options...
Deoctor Posted December 17, 2009 Share Posted December 17, 2009 hai this is what that is going wrong in ur code.. u have given as the md5 but when i saw ur database u dont have the md5 of the passwords stored. as well. u have given the given condition and <?php include 'dbc.php'; $user_email = mysql_real_escape_string($_POST['email']); $full_name = mysql_real_escape_string($_POST['full_name']); $money = mysql_real_escape_string($_POST['money']); $id = mysql_real_escape_string($_POST['id']); $level = mysql_real_escape_string($_POST['level']); $crystals = mysql_real_escape_string($_POST['crystals']); $userdp = mysql_real_escape_string($_POST['userdp']); $health = mysql_real_escape_string($_POST['health']); $exp = mysql_real_escape_string($_POST['exp']); $rep = mysql_real_escape_string($_POST['rep']); $class = mysql_real_escape_string($_POST['class']); $bonus = mysql_real_escape_string($_POST['bonus']); $tutorial = mysql_real_escape_string($_POST['tutorial']); $mana = mysql_real_escape_string($_POST['mana']); if ($_POST['Submit']=='Login') { $md5pass = md5($_POST['pwd']); $sql = "SELECT id,user_email,full_name,money,level,crystals,userdp,health,exp,rep,class,bonus,tutorial,mana FROM users WHERE user_email = '$user_email' AND user_pwd = '$md5pass' AND user_activated='1'"; $result = mysql_query($sql) or die (mysql_error()); $num = mysql_num_rows($result); if ( $num != 0 ) { session_start(); list($id,$full_name,$user_email,$money,$level,$crystals,$userdp,$health,$exp,$rep,$class,$bonus,$tutorial,$mana) = mysql_fetch_row($result); // session variables $_SESSION['user']= $user_email; $_SESSION['full_name']= $full_name; $_SESSION['money']= $money; $_SESSION['id']= $id; $_SESSION['level']= $level; $_SESSION['crystals']= $crystals; $_SESSION['userdp']= $userdp; $_SESSION['health']= $health; $_SESSION['exp']= $exp; $_SESSION['rep']= $rep; $_SESSION['class']= $class; $_SESSION['bonus']= $bonus; $_SESSION['tutorial']= $tutorial; $_SESSION['mana']= $mana;*/ if (isset($_GET['ret']) && !empty($_GET['ret'])) { header("Location: $_GET[ret]"); } else { header("Location: index.php"); } exit(); } header("Location: login.php?msg=Invalid Login"); exit(); } ?> after the condition satisfy u have given as header("Location: login.php?msg=Invalid Login") so it will always give u invalid login.. so i have changed it to else condition.. after login do u want to go the index page.?? Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-979191 Share on other sites More sharing options...
lewisstevens1 Posted December 17, 2009 Author Share Posted December 17, 2009 AH I see.... Yes please Mate... lol. Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-979194 Share on other sites More sharing options...
Deoctor Posted December 17, 2009 Share Posted December 17, 2009 check these two pages which i made in ur server. using these modify the required ones. http://www.stonersgathering.com/myown/register_new.php http://www.stonersgathering.com/myown/login_new.php Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-979207 Share on other sites More sharing options...
Deoctor Posted December 17, 2009 Share Posted December 17, 2009 this is the max any one can help u out.. remaining things u try on ur own.. if not happening post ur queries back here.. Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-979209 Share on other sites More sharing options...
lewisstevens1 Posted December 17, 2009 Author Share Posted December 17, 2009 Kk thanks and thanks for your help... Quote Link to comment https://forums.phpfreaks.com/topic/185217-php-login-form-help-done-most-of-it/#findComment-979226 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.