Jump to content

Simple login script does not work

Gruzin

By Gruzin
in PHP Coding Help

Recommended Posts

Gruzin Advanced Member

Gruzin

Posted
Posted
Hi everybody,
Here is my little script, which checks the user and pass from db, I don't know what's wrong it does nto work, if you will be so kind to look at it, I'll really appreciate that, thanks.

[code]<?php
session_start();
$user_form = $_POST["user"];
$pass_form = $_POST["pass"];

require ("config.php");

$result = mysql_query("SELECT * FROM test WHERE user='$user_form'");
while($row = mysql_fetch_array($result)){
$row_user = $row['user'];
$row_pass = $row['pass1'];
$row_id = $row['id'];
}
if($user_form == $row_user && $pass_form == $row_pass){
  $_SESSION['user'] = $row_user;
  $_SESSION['id'] = $row_id;
  header ('location: profile.php');
}
else{
  header ('Location: index.php');
}
?>[/code]
Link to comment
https://forums.phpfreaks.com/topic/21907-simple-login-script-does-not-work/
Share on other sites
onlyican Advanced Member

onlyican

Posted
Posted
this looks like an old fashioned manual debug job

I have added some echos in places, to show the vars, make sure they are being parsed

and I added a row to check if there are results in the DB

I also commented a header
To check the Row Values

[code]
<?php
session_start();
$user_form = $_POST["user"];
$pass_form = $_POST["pass"];
echo "POst values User is ".$user_form." AND Pass is ".$pass_form."<br />\n";
require ("config.php");

$result = mysql_query("SELECT * FROM test WHERE user='$user_form'");
if(mysql_num_rows($result) != 0){
while($row = mysql_fetch_array($result)){

$row_user = $row['user'];
$row_pass = $row['pass1'];
$row_id = $row['id'];
}
}else{
echo "No Results found in the table<br />\n";
}

if($user_form == $row_user && $pass_form == $row_pass){
  $_SESSION['user'] = $row_user;
  $_SESSION['id'] = $row_id;
  header ('location: profile.php');
}
else{
  //header ('Location: index.php');
  echo "Row User is ".$row_user." AND Row Pass is ".$row_pass."<br />\n";
}
?>
[/code]

Try this, and see what outputs

Gruzin Advanced Member

Gruzin

Posted
  • Author
Posted
Here is the code you've modified, I've checked the directory where login.php file should be and it's correct, so I don't really know what's wrong  :(

[code]<?php
session_start();
$user_form = $_POST["user"];
$pass_form = $_POST["pass"];
echo "POst values User is ".$user_form." AND Pass is ".$pass_form."<br />\n";
require ("config.php");

$result = mysql_query("SELECT * FROM test WHERE user='$user_form'");
if(mysql_num_rows($result) != 0){
while($row = mysql_fetch_array($result)){

$row_user = $row['user'];
$row_pass = $row['pass1'];
$row_id = $row['id'];
}
}else{
echo "No Results found in the table<br />\n";
}

if($user_form == $row_user && $pass_form == $row_pass){
  $_SESSION['user'] = $row_user;
  $_SESSION['id'] = $row_id;
  header ('location: profile.php');
}
else{
  //header ('Location: index.php');
  echo "Row User is ".$row_user." AND Row Pass is ".$row_pass."<br />\n";
}
?>[/code]
onlyican Advanced Member

onlyican

Posted
Posted
ok

comment
header ('location: profile.php');
Add under that line
echo "Everything matches, lets direct to profile.php

Cos you might have something on profile.php, which is diverting it to index.php

All these echos is a visual for you to see what is happening
By removing all header redirects, you can see what sections your script is going through
Gruzin Advanced Member

Gruzin

Posted
  • Author
Posted
Here is the profile.php:

[code]<?php
session_start();
if(isset($_SESSION['user'])){
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Picture Manager</title>
<link href="css/style.css" rel="stylesheet" type="text/css">
</head>

<body>
<table width="600" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td align="center" bgcolor="#FF6600" class="style1"><strong>Welocome <?php echo $_SESSION['user'];?></strong></td>
  </tr>
</table>
<table width="600" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td bgcolor="#EAEAEA">&nbsp;</td>
  </tr>
  <tr>
    <td align="center" bgcolor="#FFD1B3"><table width="400" border="0" cellpadding="0" cellspacing="0" id="reg">
      <tr>
        <td width="100" align="center"><a href="profile.php">Home</a></td>
        <td width="100" align="center"><a href="edit_profile.php">Edit Profile</a> </td>
        <td width="100" align="center"><a href="#">Change Password </a></td>
        <td width="100" align="center"><a href="logout.php">Log Out</a></td>
      </tr>
    </table></td>
  </tr>
</table>
<table width="600" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td bgcolor="#EAEAEA">&nbsp;</td>
  </tr>
  <tr>
    <td align="center" bgcolor="#EAEAEA"><table width="400" border="0" cellpadding="0" cellspacing="2" bgcolor="#FFD1B3">
      <tr>
        <td width="150" align="center" valign="top" bgcolor="#EAEAEA"><?php
require ("config.php");
        $query = "SELECT * FROM test WHERE id=$user_id ORDER BY id";
        $result = mysql_query($query) or die("Error: " . mysql_error());
        while($row = mysql_fetch_array($result))
$imageArr = "uploads/".$row['pic'];
        echo '<img alt="" src="'.$imageArr.'">';
        ?></td>
        <td width="250" align="left" valign="top"><table width="250" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td width="10" align="left" bgcolor="#EAEAEA" class="style2">&nbsp;</td>
            <td width="70" align="left" bgcolor="#EAEAEA" class="style2"><strong>Username:</strong></td>
            <td width="170" align="left" valign="top" bgcolor="#EAEAEA" class="style2"><?php
$query = "SELECT * FROM test WHERE id=$user_id ORDER BY id";
            $result = mysql_query($query) or die("Error: " . mysql_error());
            while($row = mysql_fetch_array($result))
echo $row['user']; ?></td>
          </tr>
          <tr>
            <td align="left" bgcolor="#EAEAEA" class="style2">&nbsp;</td>
            <td align="left" bgcolor="#EAEAEA" class="style2"><strong>E-mail:</strong></td>
            <td align="left" valign="top" bgcolor="#EAEAEA" class="style2"><?php
$query = "SELECT * FROM test WHERE id=$user_id ORDER BY id";
            $result = mysql_query($query) or die("Error: " . mysql_error());
            while($row = mysql_fetch_array($result))
echo $row['mail']; ?></td>
          </tr>
          <tr>
            <td bgcolor="#EAEAEA" class="style2">&nbsp;</td>
            <td align="left" valign="top" bgcolor="#EAEAEA" class="style2"><strong>Info:</strong></td>
            <td align="left" valign="top" bgcolor="#EAEAEA" class="style2"><?php
$query = "SELECT * FROM test WHERE id=$user_id ORDER BY id";
            $result = mysql_query($query) or die("Error: " . mysql_error());
            while($row = mysql_fetch_array($result))
echo $row['info']; ?></td>
          </tr>
        </table></td>
      </tr>
    </table></td>
  </tr>
  <tr>
    <td align="center" bgcolor="#EAEAEA">&nbsp;</td>
  </tr>
</table>
</body>
</html>
<?php
}
else{
header ('Location: index.php');
}
?>[/code]

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.