maff20 Posted April 14, 2010 Share Posted April 14, 2010 Hi folks, i am part of project team at college and we are trying to create a game rental website. Due to the structuring of the course and a few set backs early on, our time is somewhat restricted with regard to learning PHP from the ground up. I am attempting to fast track myself through the learning process simply by copying and pasting code and learning what each part does as i go along. (This obviously is not ideal, but its the best i can do with the time constraints involved) I have managed to learn how to get my php code to communicate with the mysql database for the purpose of user log-in, and have the php code embedded within my html script. For the most part the code seems to be working, however, the script is working fine for the username part but the password bit is not. Even though i have manually entered the usernames and passwords into the sql database, i am being told that the password is wrong. i was wondering if one of you could possibly lend a wee hand and look over the php section of the code for me? I would be extremely grateful... (Username & Password for SQL server removed) <?php // Connects to your Database mysql_connect("sql.hncomputing.net", "", "") or die(mysql_error()); mysql_select_db("brownm") or die(mysql_error()); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $email = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM users WHERE email = '$email'") or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['password']) { } else { header("Location: members.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['email'] | !$_POST['pass']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM users WHERE email = '".$_POST['email']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=page4.html>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $_POST['pass'] = stripslashes($_POST['pass']); $info['password'] = stripslashes($info['password']); $_POST['pass'] = md5($_POST['pass']); //gives error if the password is wrong if ($_POST['pass'] != $info['password']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['email'] = stripslashes($_POST['email']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['email'], $hour); setcookie(Key_my_site, $_POST['pass'], $hour); //then redirect them to the members area header("Location: members.php"); } } } else { // if they are not logged in ?> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <center><div style="position:relative;width:1024px;"> <div id="txt_48" style="position:absolute; left:21px; top:295px; width:122px; height:22px;-moz-box-sizing:border-box;box-sizing:border-box; overflow:hidden;"> <label for="edit_19"><P class="Normal-P"><span class="Normal-C">email</span></P> </label> </div> <div style="position:absolute; left:150px; top:294px; width:121px; height:22px; text-align:left;"> <input type="text" name="email" size="16" maxlength="30" value=""> </div> <div id="txt_49" style="position:absolute; left:21px; top:326px; width:83px; height:22px;-moz-box-sizing:border-box;box-sizing:border-box; overflow:hidden;"> <label for="edit_20"><P class="Normal-P"><span class="Normal-C">Password</span></P> </label> </div> <div style="position:absolute; left:150px; top:324px; width:121px; height:22px; text-align:left;"> <input type="password" name="pass" size="16" maxlength="20" value=""> </div> <div style="position:absolute; left:195px; top:360px; width:76px; height:22px; text-align:left;"> <input type="submit" name="submit" value="Login"> </div> </form> <div id="txt_47" style="position:absolute; left:83px; top:237px; width:198px; height:48px;-moz-box-sizing:border-box;box-sizing:border-box; overflow:hidden;"> <P class="Normal-P"><span class="Normal-C0"> </span></P> <P class="Normal-P"><span class="Normal-C0"> Member Log In</span></P> </div> <?php } ?> Link to comment https://forums.phpfreaks.com/topic/198545-php-log-in-woes/ Share on other sites More sharing options...
Ken2k7 Posted April 14, 2010 Share Posted April 14, 2010 Try removing those stripslashes. Link to comment https://forums.phpfreaks.com/topic/198545-php-log-in-woes/#findComment-1041930 Share on other sites More sharing options...
maff20 Posted April 14, 2010 Author Share Posted April 14, 2010 Hi, I removed the stripslashes but to no avail. Arent the stripslashes to do with the get_magic_quotes_gpc? is there some alternative to get_magic_quotes_gpc that might work better? Link to comment https://forums.phpfreaks.com/topic/198545-php-log-in-woes/#findComment-1041949 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.