Username password and id script help

[adamriley]

Hi could some one try and tell me why this script is not working

 

You try to login with the correct username,password and ID it dissplays the invalid username or password or id

 

Code for common.php

 

<?php
session_start();
function loginUser($user,$pass,$ID){
$errorText = '';
$validUser = false;
// Check user existance		
$pfile = fopen("userpwd.txt","r");
rewind($pfile);
while (!feof($pfile)) {
$line = fgets($pfile);        
$tmp = explode(':', $line);        
if ($tmp[0] == $user) {
if ($tmp[1] == $ID) {
// User exists, check password 
if (trim($tmp[2]) == trim(md5($pass))){
            	$validUser= true;

            	$_SESSION['userName'] = $user;
            }

            break;
        }   
}    
fclose($pfile);
    if ($validUser != true) $errorText = "Invalid username or password or ID!";
        if ($validUser == true) $_SESSION['validUser'] = true;
    else $_SESSION['validUser'] = false;
	return $errorText;
}
function logoutUser(){
unset($_SESSION['validUser']);
unset($_SESSION['userName']);
}
function checkUser(){
if ((!isset($_SESSION['validUser']))
|| ($_SESSION['validUser'] != true)){

	header('Location: login.php');
}
  }
}
?>

 

The code for login.php

 

<?php
require_once('common.php');
$error = '0';
if (isset($_POST['submitBtn'])){
// Get user input

$username = isset($_POST['username']) ? $_POST['username'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
        $ID = isset($_POST['ID']) ? $_POST['ID'] : '';
// Try to login the user	
$error = loginUser($username,$password,ID);
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "DTD/xhtml1-transitional.dtd">

<html>
<head>
<title>Interact|Login</title>
   <link href="style/style.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="main">

<?php if ($error != '') {?>

      <div class="caption">Login</div>
      <div id="icon"> </div>

      <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="loginform">
        <table width="100%">          
<tr><td>Username:</td><td>
<input class="text" name="username" type="text"  /></td></tr>
<tr><td>Password:</td><td> <input class="text" name="password" type="password" /></td></tr>
<tr><td>Id:</td><td> <input class="text" name="ID" type="text" /></td></tr>
          <tr><td colspan="2" align="center">
<input class="text" type="submit" name="submitBtn" value="Login" /></td></tr>
        </table>
        </form>
             
<?php

}   
    
if (isset($_POST['submitBtn'])){
?>
<div class="caption">Login result:</div>
      <div id="icon2"> </div>
      <div id="result">
        <table width="100%"><tr><td><br/>
<?php

if ($error == '') {
echo "Welcome $username! <br/>You are logged in!<br/><br/>";
echo '<a href="index1.php">Now you can visit the index page!</a>';
}

else echo $error;
?>
<br/><br/><br/></td></tr></table>
</div>
<?php 
}
?>
</div>
</body>   

[mrMarcus]

you are missing a $ for ID:

 

$error = loginUser($username,$password,ID);

[adamriley]

Thanks mrMarcus that was very stupid of me but i have tryed with it now changed and theres still the same problem

[PFMaBiSmAd]

I recommend using some indentation in your source code so that you can see what code is at the same level and where matching {} are at, because the where(){} loop in the loginUser() function is not loop through what you think it is and the logoutUser() and checkUser() functions are currently being defined inside of the loginUser() function.

 

You should also be developing and debugging php code on a system with error_reporting set to E_ALL and display_errors set to ON in your php.ini so that php will help you. Use a phpinfo(); statement to check that these two settings actually get changed after your stop and start your web server in case the php.ini that you are changing is not the one that php is using.