LogIn Not seeming to work.

[AliceAmphetamine]

I have confirmed that the login is successful but something is obviously wrong with the cookies or so i think. it sends me right back to the login page.

ive been at this for two hours now with no improvement second set of eyes perhaps might help

 

 

login.php

<?php
include "affiliates/connect.php";
          // Log the user in.

	// Much like the registration, make the fields safe.
	$username = mysql_escape_string( $_POST["username"] );
	$password = mysql_escape_string( $_POST["password"] );

	// Check if the user has filled in all the fields.
	if( empty( $username ) || empty( $password ) )
	die("Please fill in all the fields to login.");

	// Let's find an account with these login details.
	// We only select the id here so we can store it in a cookie!
	// Remember to use md5() on the password, otherwise it won't match (since we encrypted it).
	$check = mysql_query( "SELECT `id` FROM `affiliates` WHERE `email`=\"$username\" AND `password`=\"". md5( $password ) ."\";" ) or die( mysql_error() );

	// No results found, so an invalid login!
	if( mysql_num_rows( $check ) == 0 )
	die( "We couldn't find an account with these login details.");

	// Get the resulting row.
	$member = mysql_fetch_array( $check );

	// Set the cookies for the website! (60* 60* 24* 7 = 1 Week, times by 52 for a year)
	setcookie( "login_id", $member["id"], time() + (60* 60* 24* 7), "/" );
	setcookie( "login_pass", $member["password"], time() + (60* 60* 24* 7), "/" );

	// Display a happy message.

        header("Location: http://www.aliceamphetamine.com/affhome.php?id=edit");
        setcookie( "login_id", $member["id"], time() + (60* 60* 24* 7), "/" );
	setcookie( "login_pass", $member["password"], time() + (60* 60* 24* 7), "/" );


?>

 

affhome.php

<?php
$page = $_GET["id"];
$state = $_GET["state"];
if ( $page == "" ) {
header("Location: affhome.php?id=home");
}

include('header.php');
include "affiliates/connect.php";

$member = array( "id" => 0, "username" => "Guest" );
$active = mysql_query("SELECT * FROM `affiliates` WHERE `active` = '0'");
$actval = "0";
// loop to show affiliates
if(isset( $_COOKIE["login_id"] ) && isset( $_COOKIE["login_pass"] )){

// Now we have to make sure these cookies are safe.
// If you don't do this, people can set their own cookies with SQL commands in them, damaging your database.
$login_id = mysql_escape_string( $_COOKIE["login_id"] );
$login_pass = mysql_escape_string( $_COOKIE["login_pass"] );

// Now we check for the member details.
$login_check = mysql_query( "SELECT * FROM `affiliates` WHERE `id`='$login_id' AND `password`='$login_pass';" ) or die( mysql_error() );

// If we have a row, we set $member to the row, if not we don't do anything.
if( mysql_num_rows( $login_check ) == 1 )
{
	$member = mysql_fetch_array( $login_check );
}

// Additional check, if $member["id"] is still 0 (the default, which means no login), we should delete the cookies.
if( $member["id"] == 0 )
{
	setcookie( "login_id", $_COOKIE["login_id"], time() - (60* 60* 24* 7), "/");
	setcookie( "login_pass", $_COOKIE["login_pass"], time() - (60* 60* 24* 7), "/");
}
}

while ($r = mysql_fetch_assoc($active))
    {
    $actval = $actval +1;
    }
if ( $actval > "0" ) {
echo "<table cellpadding='0px' cellspacing='0px' width='100%' align='center' border='0px' style='margin-bottom: 2px;'>
       <tr>
           <td valign='top' style='background-color: #fe9dcb; border: 1px solid #000000; padding: 2px;' width='100%' align='center'>
           <b>Affiliate Alert:</b> There are currently $actval pending affiliate applications.
           </td>
       </tr>
</table>";
}
echo "<table cellpadding='0px' cellspacing='0px' width='100%' align='center' border='0px' style='margin-bottom: 2px;'>
       <tr>
           <td valign='top' style='background-color: #fe9dcb; border: 1px solid #000000; padding: 2px;' width='20%' align='center'>
           <a href='affhome.php?id=home'>Panel Home</a>
           </td>
           <td valign='top' style='background-color: #fe9dcb; border-right: 1px solid #000000; border-bottom: 1px solid #000000; border-top: 1px solid #000000; padding: 2px;' width='20%' align='center'>
           <a href='affhome.php?id=edit&state=0'>Edit Your Info</a>
           </td>
           <td valign='top' style='background-color: #fe9dcb; border-right: 1px solid #000000; border-bottom: 1px solid #000000; border-top: 1px solid #000000; padding: 2px;' width='20%' align='center'>
           <a href='affhome.php?id=stats'>Statistics</a>
           </td>
           <td valign='top' style='background-color: #fe9dcb; border-right: 1px solid #000000; border-bottom: 1px solid #000000; border-top: 1px solid #000000; padding: 2px;' width='20%' align='center'>
           <a href='affhome.php?id=benefits'>Benefits</a>
           </td>
           <td valign='top' style='background-color: #fe9dcb; border-right: 1px solid #000000; border-bottom: 1px solid #000000; border-top: 1px solid #000000; padding: 2px;' width='20%' align='center'>
           <a href='affiliates.php'>Application</a>
           </td>
       </tr>
       </table>";
if ( $page == "stats" ) {
$show = mysql_query("SELECT * FROM `affiliates` WHERE `active` = '1' ORDER BY `id` DESC");
echo "<table cellpadding='0px' cellspacing='0px' width='100%' align='center' border='0px' style='margin-bottom: 2px;'>
       <tr>
           <td valign='top' align='left' colspan='5' style='background-color: #e2609d; border: 1px solid #000000; padding: 2px;'>
           Affiliate Statistics
           </td>
       </tr>
       <tr><td style='background-color: #fe9dcb; border-left: 1px solid #000000; border-bottom: 1px solid #000000; border-right: 1px solid #000000; padding: 2px;' width='30%' align='center'>
       Website Name
        </td>
        <td style='background-color: #fe9dcb; border-bottom: 1px solid #000000; border-right: 1px solid #000000; padding: 2px;' align='center'>
        Visitors In
        </td>
        <td style='background-color: #fe9dcb; border-bottom: 1px solid #000000; border-right: 1px solid #000000; padding: 2px;' align='center'>
        Visitors Out
        </td>
        <td style='background-color: #fe9dcb; border-bottom: 1px solid #000000; border-right: 1px solid #000000; padding: 2px;' width='20%' align='center'>
        Affiliates Button
        </td>
        <td style='background-color: #fe9dcb; border-bottom: 1px solid #000000; border-right: 1px solid #000000; padding: 2px;' align='center'>
        Date Joined
        </td>
        </tr>

       ";

while ($r = mysql_fetch_assoc($show))
    {
        // get affiliate info
        $name = $r['name'];
        $in = $r['in'];
        $out = $r['out'];
        $img = $r['banner'];
        $date = $r['date'];
        echo "<tr><td style='background-color: #fe9dcb; border-left: 1px solid #000000; border-bottom: 1px solid #000000; border-right: 1px solid #000000; padding: 2px;' width='30%' align='center'>

        <a href='affiliates/click.php?mode=out&id=$r[id]'target='_blank'>$name</a>
        </td>

        <td style='background-color: #fe9dcb; border-bottom: 1px solid #000000; border-right: 1px solid #000000; padding: 2px;' align='center'>
        $in
        </td>
        <td style='background-color: #fe9dcb; border-bottom: 1px solid #000000; border-right: 1px solid #000000; padding: 2px;' align='center'>
        $out
        </td>
        <td style='background-color: #fe9dcb; border-bottom: 1px solid #000000; border-right: 1px solid #000000; padding: 2px;' width='20%' align='center'>
        <a href='$img' target='_blank'>View Image</a>
        </td>
        <td style='background-color: #fe9dcb; border-bottom: 1px solid #000000; border-right: 1px solid #000000; padding: 2px;' align='center'>
        $date
        </td>
        </tr>";
    }
    echo "</table>";
    }
if ( $page == "home" ) {
echo "<table cellpadding='0px' cellspacing='0px' width='100%' align='center' border='0px' style='margin-bottom: 2px;'>
       <tr>
           <td valign='top' align='left' colspan='5' style='background-color: #e2609d; border: 1px solid #000000; padding: 2px;'>
           Affiliate Panel
           </td>
       </tr>
       <tr><td style='background-color: #fe9dcb; border-left: 1px solid #000000; border-bottom: 1px solid #000000; border-right: 1px solid #000000; padding: 2px;' width='100%' align='left'>
               As of right now, The Affiliate Panel will be experiencing several different changes. So do not
       be alarmed if something is there one minute and gone the next. This affiliate system I am writing is really intense so it will take some time
       to have all the features of it up and running, So please be patient.
        </td>
       </tr>
       </table>";
       }
if ( $page == "edit" ) {
  if( $member["id"] <= 0 )
{
echo"        <form action='login.php' method='post'>

     <table cellpadding='0px' cellspacing='0px' width='100%' align='center' border='0px'>
       <tr>
           <td valign='top' colspan='2' align='left' style='background-color: #e2609d; margin-top: 2px; border: 1px solid #000000; padding: 2px;'>
           Affiliate Log-In
           </td>
       </tr>
       <tr>
           <td valign='top' align='center' width='50%' style='background-color: #fe9dcb; padding: 2px; border-left: 1px solid #000000;'>
           <b>Your E-Mail:</b>
           </td>
           <td valign='top' align='center' width='50%' style='background-color: #fe9dcb; padding: 2px; border-right: 1px solid #000000;'>
           <input type='text' style='width:300px;' name='username' />
           </td>
       </tr>
       <tr>
           <td valign='top' align='center' width='50%' style='background-color: #fe9dcb; padding: 2px; border-left: 1px solid #000000;'>
           <b>Password:</b>
           </td>
           <td valign='top' align='center' width='50%' style='background-color: #fe9dcb; padding: 2px; border-right: 1px solid #000000;'>
           <input type='password' style='width:300px;' name='password' />
           </td>
       </tr>
       <tr>
           <td valign='top' colspan='2' align='center' style='background-color: #fe9dcb; border: 1px solid #000000; padding: 2px; border-bottom: 1px solid #000000; border-right: 1px solid #000000; border-left: 1px solid #000000;'>
           <input type='submit' name='add' value='Log-In' />
           </td>
       </tr>
     </table>
     </form>";
}
else
{
echo "You're logged in as ". $member["username"] ."!";
}

}
include('footer.php');
?>

[x_filed2k]

Can't you use a session? What if the cookie of the browser is disabled, it won't work..

[AliceAmphetamine]

Thank you for that, changed it over to sessions and its perfect

[x_filed2k]

Oh, one more thing session alone is not enough. You need to use session and cookie. The scenario is vice-versa, what if the users browser cookie is on.. and the user when he closes the browser without loging-out and re-open it again, ofcourse he wanna keep to be log-in coz the last time he used it he didn't log-out.