Jump to content

Archived

This topic is now archived and is closed to further replies.

rempires

includes/$_POST error i think.....

Recommended Posts

okay so i'm making a log in script for my website, i already created the script to make a new user and everything.  the log in script works, at times.... i'll explain

my site has 2 input fields below the menu, username password and then a submit button, on submit it goes to login.phpaction=login

okay that works fine kinda, see if i put in the username and password from ym main index, were good, but if i try to put the suername apssword in from signup page or login page it jsut keeps saying username doesn't exist, so i decided to research into it, i'll give some code know for a demo


[code]foreach ($_POST as $field => $value)
{
${$field} = strip_tags($value);
}


//do what action the $_get variable implies
switch (@$_GET['action'])
{
case "login":  //statements to log in with


$connection = mysql_connect($DBhost, $DBuser,$DBpassword)
or die ("Couldn’t connect to server.");
$dbase = mysql_select_db($database, $connection)
or die ("Couldn’t select database.");


$sql = "SELECT memberName FROM Members WHERE memberName = '$username'";

$result = mysql_query($sql)
or die("Couldn't run sql query to retrieve username");
$passwrd = md5($passwrd);
$usernamecheck = mysql_num_rows($result);
if ($usernamecheck == 1) // username is correct
{
$sql = "SELECT memberName FROM Members WHERE memberName = '$username' AND password='$passwrd'";

$result2 = mysql_query($sql)
or die("couldn't run query to retrieve password");
$passcheck = mysql_num_rows($result2);
if ($passcheck > 0) //the password is correct
{
$_SESSION['auth']="yes";
$_SESSION['username'] = $username;
$todaystime = date("Y-m-d h:m:s");
$sql = "UPDATE Members SET lastLogIn= '$todaystime' WHERE memberName='$username'";
mysql_query($sql)
or die("Can’t execute login query.");

}
else // password is not correct
{
echo "Your username exist, but it doesn not match the password, please try again:<p>";
echo "<table border='0' cellpadding='0' cellspacing='0' width='100%'><tr><td width='40%'>";
include("Login/loginform.inc"); //load in log in form
echo "</td><td width='60%'><img src='images/stopmembersonly_w.gif'></td></tr></table>";
echo "<p>Not a member yet? <a href='Signup.php'>click here to become one</a>";
break; //display the reast of the form
}
}
else
{
echo "That username doesn't exist, please try again:<p>";
echo "<table border='0' cellpadding='0' cellspacing='0' width='100%'><tr><td width='40%'>";
include("Login/loginform.inc"); //load in log in form
echo "</td><td width='60%'><img src='images/stopmembersonly_w.gif'></td></tr></table>";
echo "<p>Not a member yet? <a href='Signup.php'>click here to become one</a>";
break; //display the reast of the form
}[/code]


to explain the above code, the location of the form/log in script is "Login/loginform.inc, here is the great aprt, when i run that form though that script it works fine, but if i run it one the left hand side menu, it fails, despite both being on the same page.

visual of script on same page http://www.revolutionaryempires.uni.cc/members/Login.php?action=login
the left hand menu doesn't work the one directly ont eh page does

** note on how called for menu, the menu is called by that page and then the menu calls Login/loginform.inc, (the script is located in a declared include_path)

okay so noticing this i decided to do mroe research
i took the following code from the begining

[code]foreach ($_POST as $field => $value)
{
${$field} = strip_tags($value);
}[/code]

and changed it to this

[code]
foreach ($_POST as $field => $value)
{
${$field} = strip_tags($value);
echo "$field <br> $value<br>";
}[/code]

and wala, when it ran from the side menu the values are empty, like they don't exist didn't get transfered, but running that same form exact form, sjut not from the side menu and it works....

please help, if you have ANY questions i'll get right on answereing them, i'm very confused right know, i'm fairly new to php, i vb .net and i'm taking asp and c++ in high school this year, but i've spent a very long time trying to correct this and i jsut can't figure it out, there are more erros, but those i know how to fix, and i figure one error at a time....

sry about teh messy code, it's 1am here and i jsut wanted to put this up and go to beed, it's not normally so messy, but i've been screwing around with it for a while and i screwed up all my indentions and 1/2 my other scripts... once i get cought, it really bothers me....

Share this post


Link to post
Share on other sites
Just asking why you got two forms to login ?

wouldnt it be better to delete the center form and leave the rest, that way users that have got a account can use the side form to login.

Share this post


Link to post
Share on other sites
I like the way that you are trying to handle the post variables but I think that you are setting the $field variable to the strip_tags($value) .

Also, for future reference you should use the [nobbc][php] your php code without the <?php ?> [/php][/nobbc]

To show php code like this.

[code=php:0]
foreach ($_POST as $field => $value) {
  $f = mysql_real_escape_string(trim($field));  
  $val = mysql_real_escape_string(trim($value));
  echo $f . '<br />' . $val . '<br />';
}
[/code]

The ^ above code is untested but it should work fine.

now to display code that has the <?php ?> tags use the following [nobbc][code][/code][/nobbc]

This is how I personaly like to use the switch statment.

[code]
<?php
session_start();
include("db.php"); //your database connection file.
$validActions = array('login', 'something_else');
$action = strip_tags($_GET['action']);
if (!in_array($action, $validActions)) {
  die("Invalid Action");
}
function getaction($action) {
  switch($action) {
      case "login":
       //your code for the login action
      break;
      case "something_else":
       //your code for something else
      break;
  }
}
getaction($action);
?>[/code]

I hope that helps a bit..

Good Luck,
Tom

Share this post


Link to post
Share on other sites
hmm, somthing tells me i'm doing somthing really stupid, i know this error but i can't think of what it is i missed

i know why the error is being caused know, the form works fine UNLESS the url already reads Login.php?action=login, if it reads that it errors out (unless i log in with the script from the center, which has the exact same include as the other one, which i don't understand). otehrwise, if it jsut read Login.php it works fine, it's only after i already have had 1 failed log in and sentt eh get data.  i'm pretty sure i know this error and i'm pretty sure it's an easy fix... but i jsut can't think

tomfmason - really like that switch statement, really good idea, i might end up using it yet, even if it does mean reduing multiple pages, will work better in the long run. but as for the foreach statment i think you misread it, i never change the data in the $field variable.

the $field variable stays the same
because it's ${$field} it makes a new variable with the data that was in the field var, so if $field contained bob and value contained 3

it would make $bob = 3

i lvoe those little {} around vars, so powerful.

i really wish i could think right know....

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.