duckyboos Posted April 11, 2010 Share Posted April 11, 2010 I am fairly new to PHP, and I am going through a book on it. One aspect is about creating a login system. I have copes it exactly from the book but it is not working when I implement it onto my own server. Was wondering if you guys could help shed some light onto it. When someone logs in, the 2 variables are carried from the form to this page: <?php // include function files for this application require_once('bookmark_fns.php'); session_start(); //create short variable names $username = $_POST['username']; $passwd = $_POST['passwd']; if ($username && $passwd) { // they have just tried logging in try { login($username, $passwd); // if they are in the database register the user id $_SESSION['valid_user'] = $username; } catch(Exception $e) { // unsuccessful login do_html_header('Problem:'); echo 'You could not be logged in. You must be logged in to view this page.'; do_html_url('login.php', 'Login'); do_html_footer(); exit; } } do_html_header('Home'); check_valid_user(); // get the bookmarks this user has saved if ($url_array = get_user_urls($_SESSION['valid_user'])) { display_user_urls($url_array); } // give menu of options display_user_menu(); do_html_footer(); ?> The main part id the first half. When I try it I keep getting the exception message listed here of "'You could not be logged in. You must be logged in to view this page". The login function it is referencing is: function login($username, $password) { // check username and password with db // if yes, return true // else throw exception // connect to db $conn = db_connect(); // check if username is unique $result = $conn->query("select * from user where username='".$username."' and passwd = sha1('".$password."')"); if (!$result) { throw new Exception('Could not log you in.'); } if ($result->num_rows>0) { return true; } else { throw new Exception('Could not log you in.'); } } Does anyone know why it would still not be letting me log in? The names are definitely in the database. It is definitely connecting to the database, (as when I use the db_connect function to register users, its works fine). I have coped the source code over from the actual CD just to make sure it is perfect, and it is still doing this. Is there any sort of php update that has happened recently that would make this code not work anymore? I am thinking maybe the "try" function has changed, as I cant find much of it on phpmanual. Cheers. Link to comment https://forums.phpfreaks.com/topic/198219-problem-with-login/ Share on other sites More sharing options...
TeddyKiller Posted April 11, 2010 Share Posted April 11, 2010 This link uses some try's, and it mentions it a few times too. Haven't actually been able to find any try catches on php.net though. The code itself looks as if it should work, are the passwd's in the database sha1 encrypted? Link to comment https://forums.phpfreaks.com/topic/198219-problem-with-login/#findComment-1040063 Share on other sites More sharing options...
Jax2 Posted April 11, 2010 Share Posted April 11, 2010 Wow, that's complicated ... my login script is as simple as something like this: process login page, not form: <?php session_start(); include("includes/db.php") // my database information $username=sanitize($_POST['username']; $password=sanitize($_POST['password']; $sql="SELECT * FROM users WHERE username='$username' and password='md5($password)'"; $result=mysql_query($sql, $db); $login=mysql_num_rows($result); if ($login=='1') { $_SESSION['userLoggedIn']='YES'; } ELSE { echo "You could not be logged in"; } ?> followed by other code to change them back to the main page but in loggedin status. Then it's as simple as if (!$_SESSION['userLoggedIn']) { You must be logged in to view this page echo "<a href='login.php'>Log In</a>"; die(); } Of course, this is just simplified, but you don't need such a heavy code for something as simple as checking if someone is logged in, just be sure you sanitize (clean) your post codes, otherwise you're opening yourself up to sql injection and other nasty things ... Link to comment https://forums.phpfreaks.com/topic/198219-problem-with-login/#findComment-1040072 Share on other sites More sharing options...
TeddyKiller Posted April 11, 2010 Share Posted April 11, 2010 Wow, that's complicated ... my login script is as simple as something like this He did state he's getting it directly from the book. It will help him learn I'm sure one day he might go to something simpler. Link to comment https://forums.phpfreaks.com/topic/198219-problem-with-login/#findComment-1040077 Share on other sites More sharing options...
Jax2 Posted April 11, 2010 Share Posted April 11, 2010 Wow, that's complicated ... my login script is as simple as something like this He did state he's getting it directly from the book. It will help him learn I'm sure one day he might go to something simpler. Yep, you do have a good point, I just love adhering to KISS, when I remember to, of course :/ Btw, love your tag line Link to comment https://forums.phpfreaks.com/topic/198219-problem-with-login/#findComment-1040099 Share on other sites More sharing options...
TeddyKiller Posted April 11, 2010 Share Posted April 11, 2010 Btw, love your tag line Reminds me, I need to fix the grammar. Link to comment https://forums.phpfreaks.com/topic/198219-problem-with-login/#findComment-1040108 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.