Jump to content

problem with log on detials

CageyJ0nnY

By CageyJ0nnY
in PHP Coding Help

 Share

Recommended Posts

CageyJ0nnY Member

CageyJ0nnY

Posted
Posted

i have created a form that allows a user to enter a username and password. I also have these fields set up in a database which the page links to. I keep getting a timeout error about cookies? I can figure out where i am going wrong?

 

can anyone see the problem?

 

<?php

if ((!$_POST[username]) || (!$_POST[password])) {

header("location: http://jjennings3.bimserver2.com/userlogin.php");

exit;

}

 

$conn = mysql_connect('jjennings3db.bimserver2.com', 'jjennings3db', 'bullet68474321');

mysql_select_db('jjennings3db', $conn);

 

$sql = "select f_name from login where username = ('$_post[jonathan]') AND password = password('$_POST[jonathan]')";

$result = mysql_query($sql,$conn);

 

if (mysql_num_rows($result) ==1) {

 

$f_name = mysql_result($result, 0, 'f_name');

 

setcookie("auth", "1", 0, "/", "jjennings3.bimserver2.com/siteadmin.php", 0);

 

$display_block = "<p>$f_name is authorised!</p>

<p>authorised users' menu:

<ul>

<li><a href=<\"jjennings3.bimserver2.com/siteadmin.php\">site admin</a>

</ul>";

 

}else{

 

header ("location:http://jjennings3.bimserver2.com/userlogin.html");

exit;

}

?>

 

<html>

<head>

<title>User Login</title>

</head>

<body>

</ echo "$msg"; ?>

</body>

</html>

 

thanks

 

Jonny

Link to comment
Share on other sites
foxsoup Newbie

foxsoup

Posted
Posted

It looks like your SQL statement is formed incorrectly.  From the looks of your login page you've got a username field called 'username' (which would be referenced with $_POST['username']) and a password field called 'password (referenced with $_POST['password']).  But in the SQL statement you're using to check for the user in the table you call them both $_post[jonathan].  I'm assuming that your login database table contains the fields 'f_name', 'username' and 'password'; and that the password field contains an encrypted copy of your login password.  If this is the case try replacing the line:

 

$sql = "select f_name from login where username = ('$_post[jonathan]') AND password = password('$_POST[jonathan]')";

 

with:

 

$username = $_POST['username'];
$password = $_POST['password'];
$sql = "SELECT f_name FROM login WHERE username = '$username' AND password = PASSWORD('$password') LIMIT 1";

 

I think you're being sent back to the login page because you're trying to compare unset variables with what's in the database, so even when you're typing the right credentials the SQL statement isn't comparing them properly, but without more details about the database table layout and password encryption details this is just my best guess.  :)

Link to comment
Share on other sites
CageyJ0nnY Member

CageyJ0nnY

Posted
  • Author
Posted

sorry i should have posted the new code up here because of the changes i have made

 

here it is:

 

<?php

if ((!$_POST[username]) || (!$_POST[password])) {

header("location: http://jjennings3.bimserver2.com/userlogin.html");

exit;

}

 

$conn = mysql_connect('jjennings3db.bimserver2.com', 'jjennings3db', 'bullet557');

mysql_select_db('jjennings3db', $conn);

 

$sql = "SELECT * username FROM login WHERE username =

('', '$_post[username]' AND password = '$_POST[password]')";

$result = mysql_query($sql,$conn);

 

if (mysql_num_rows($result) ==1) {

 

$username = mysql_result($result, 0, 'username');

 

 

setcookie("auth", "1", 0, "/", "jjennings3.bimserver2.com/siteadmin.php", 0);

 

$display_block = "<p>$username is authorised!</p>

<p>authorised users' menu:

<ul>

<li><a href=<\"jjennings3.bimserver2.com/siteadmin.php\">site admin</a>

</ul>";

 

}

else{

 

header ("location:http://jjennings3.bimserver2.com/userlogin.html");

exit;

}

?>

 

<html>

<head>

<title>User Login</title>

</head>

<body>

</ echo "$msg"; ?>

</body>

</html>

 

i dont know weahter your suggestion would still apply (im very new to all this)

 

thanks for the help

Link to comment
Share on other sites
foxsoup Newbie

foxsoup

Posted
Posted

No probs.  Try replacing your userlogin.php file with this for now:

 

<?php

if (empty($_POST['username']) || empty($_POST['username'])) {
header("location: http://jjennings3.bimserver2.com/userlogin.html");
exit();
}

$conn = mysql_connect('localhost', 'jjennings3db', 'bullet557');
mysql_select_db('jjennings3db', $conn);

$username = $_POST['username'];
$password = $_POST['password'];
$sql = "SELECT * FROM login WHERE username = '$username' AND password = '$password' LIMIT 1";
$result = mysql_query($sql, $conn);
if (mysql_num_rows($result) == 1) {
echo 'Login was successful!';
} else {
echo 'Username / password do not match any records found in database!';
}

?>

 

All that should do for now is take the username and password you entered in the text boxes on the userlogin.html page and tell you either 'Login was successful!' or 'Username / password do not match any records found in database!'.  If you keep getting user/pass not found messages even when you're definately entering the right details then the password field in the table is probably encrypted.  When you first created the login table in the database how did you add the first user?

 

BTW:  If you're just starting out in PHP/MySQL then I could recommend this book for an easy introduction to concepts like writing login systems:

 

http://www.amazon.co.uk/PHP-MySQL-Dynamic-Web-Sites/dp/032152599X/ref=sr_1_fkmr0_1?ie=UTF8&qid=1274368009&sr=8-1-fkmr0

 

Can't personally vouch for the latest version of it but back in the day when I was learning I found an older version of it very helpful and easy to get into.  :)

Link to comment
Share on other sites
foxsoup Newbie

foxsoup

Posted
Posted

Hmm... if the error message you're getting is 'Parse error: syntax error, unexpected T_STRING in /home/jjennings3/jjennings3.bimserver2.com/siteadmin.php  on line 7' when you have been redirected it's because of a typo in the siteadmin.php page.  Almost certainly a missing semi-colon at the end of line 6 or 7 ('unexpected T_STRING' nearly always means a missing semi-colon at the end of a line).

 

NB:  I'm off for the night now.  Will check in again tomorrow if things are still broked.  :)

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.