Jump to content


Photo

Simple login script does not work


  • Please log in to reply
7 replies to this topic

#1 Gruzin

Gruzin
  • Members
  • PipPipPip
  • Advanced Member
  • 448 posts
  • LocationGeorgia

Posted 25 September 2006 - 12:45 AM

Hi everybody,
Here is my little script, which checks the user and pass from db, I don't know what's wrong it does nto work, if you will be so kind to look at it, I'll really appreciate that, thanks.

<?php
session_start();
$user_form = $_POST["user"]; 
$pass_form = $_POST["pass"]; 

require ("config.php");

$result = mysql_query("SELECT * FROM test WHERE user='$user_form'");
while($row = mysql_fetch_array($result)){
$row_user = $row['user']; 
$row_pass = $row['pass1'];
$row_id = $row['id'];
}
if($user_form == $row_user && $pass_form == $row_pass){
  $_SESSION['user'] = $row_user;
  $_SESSION['id'] = $row_id;
  header ('location: profile.php');
}
else{ 
  header ('Location: index.php');
}
?>

I don't need your script, I'll try to write it myself

#2 onlyican

onlyican
  • Members
  • PipPipPip
  • Advanced Member
  • 921 posts
  • LocationHants - UK

Posted 25 September 2006 - 12:52 AM

this looks like an old fashioned manual debug job

I have added some echos in places, to show the vars, make sure they are being parsed

and I added a row to check if there are results in the DB

I also commented a header
To check the Row Values

<?php
session_start();
$user_form = $_POST["user"]; 
$pass_form = $_POST["pass"]; 
echo "POst values User is ".$user_form." AND Pass is ".$pass_form."<br />\n";
require ("config.php");

$result = mysql_query("SELECT * FROM test WHERE user='$user_form'");
if(mysql_num_rows($result) != 0){
while($row = mysql_fetch_array($result)){
	
$row_user = $row['user']; 
$row_pass = $row['pass1'];
$row_id = $row['id'];
}
}else{
	echo "No Results found in the table<br />\n";
}

if($user_form == $row_user && $pass_form == $row_pass){
  $_SESSION['user'] = $row_user;
  $_SESSION['id'] = $row_id;
  header ('location: profile.php');
}
else{ 
  //header ('Location: index.php');
  echo "Row User is ".$row_user." AND Row Pass is ".$row_pass."<br />\n";
}
?>

Try this, and see what outputs


Tell me the problem, I will try tell you the solution

#3 Gruzin

Gruzin
  • Members
  • PipPipPip
  • Advanced Member
  • 448 posts
  • LocationGeorgia

Posted 25 September 2006 - 12:57 AM

Well, thanks for your answer and I know you'll be surprised: It Does the same, I mean it redirects to the index.php without "anything"....
I don't need your script, I'll try to write it myself

#4 onlyican

onlyican
  • Members
  • PipPipPip
  • Advanced Member
  • 921 posts
  • LocationHants - UK

Posted 25 September 2006 - 01:09 AM

If it redirects to the index you have done something different to me
as my version, I have commented the line that redirects to index

OR
the problem is not in the snippit you supplied
Tell me the problem, I will try tell you the solution

#5 Gruzin

Gruzin
  • Members
  • PipPipPip
  • Advanced Member
  • 448 posts
  • LocationGeorgia

Posted 25 September 2006 - 01:12 AM

Here is the code you've modified, I've checked the directory where login.php file should be and it's correct, so I don't really know what's wrong  :(

<?php
session_start();
$user_form = $_POST["user"]; 
$pass_form = $_POST["pass"]; 
echo "POst values User is ".$user_form." AND Pass is ".$pass_form."<br />\n";
require ("config.php");

$result = mysql_query("SELECT * FROM test WHERE user='$user_form'");
if(mysql_num_rows($result) != 0){
while($row = mysql_fetch_array($result)){
	
$row_user = $row['user']; 
$row_pass = $row['pass1'];
$row_id = $row['id'];
}
}else{
	echo "No Results found in the table<br />\n";
}

if($user_form == $row_user && $pass_form == $row_pass){
  $_SESSION['user'] = $row_user;
  $_SESSION['id'] = $row_id;
  header ('location: profile.php');
}
else{ 
  //header ('Location: index.php');
  echo "Row User is ".$row_user." AND Row Pass is ".$row_pass."<br />\n";
}
?>

I don't need your script, I'll try to write it myself

#6 onlyican

onlyican
  • Members
  • PipPipPip
  • Advanced Member
  • 921 posts
  • LocationHants - UK

Posted 25 September 2006 - 01:23 AM

ok

comment
header ('location: profile.php');
Add under that line
echo "Everything matches, lets direct to profile.php

Cos you might have something on profile.php, which is diverting it to index.php

All these echos is a visual for you to see what is happening
By removing all header redirects, you can see what sections your script is going through
Tell me the problem, I will try tell you the solution

#7 Gruzin

Gruzin
  • Members
  • PipPipPip
  • Advanced Member
  • 448 posts
  • LocationGeorgia

Posted 25 September 2006 - 01:33 AM

Here is the profile.php:

<?php
session_start();
if(isset($_SESSION['user'])){
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Picture Manager</title>
<link href="css/style.css" rel="stylesheet" type="text/css">
</head>

<body>
<table width="600" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td align="center" bgcolor="#FF6600" class="style1"><strong>Welocome <?php echo $_SESSION['user'];?></strong></td>
  </tr>
</table>
<table width="600" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td bgcolor="#EAEAEA">&nbsp;</td>
  </tr>
  <tr>
    <td align="center" bgcolor="#FFD1B3"><table width="400" border="0" cellpadding="0" cellspacing="0" id="reg">
      <tr>
        <td width="100" align="center"><a href="profile.php">Home</a></td>
        <td width="100" align="center"><a href="edit_profile.php">Edit Profile</a> </td>
        <td width="100" align="center"><a href="#">Change Password </a></td>
        <td width="100" align="center"><a href="logout.php">Log Out</a></td>
      </tr>
    </table></td>
  </tr>
</table>
<table width="600" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td bgcolor="#EAEAEA">&nbsp;</td>
  </tr>
  <tr>
    <td align="center" bgcolor="#EAEAEA"><table width="400" border="0" cellpadding="0" cellspacing="2" bgcolor="#FFD1B3">
      <tr>
        <td width="150" align="center" valign="top" bgcolor="#EAEAEA"><?php
		require ("config.php");
        $query = "SELECT * FROM test WHERE id=$user_id ORDER BY id";
        $result = mysql_query($query) or die("Error: " . mysql_error());
        while($row = mysql_fetch_array($result))
		$imageArr = "uploads/".$row['pic'];
        echo '<img alt="" src="'.$imageArr.'">';
        ?></td>
        <td width="250" align="left" valign="top"><table width="250" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td width="10" align="left" bgcolor="#EAEAEA" class="style2">&nbsp;</td>
            <td width="70" align="left" bgcolor="#EAEAEA" class="style2"><strong>Username:</strong></td>
            <td width="170" align="left" valign="top" bgcolor="#EAEAEA" class="style2"><?php 
			$query = "SELECT * FROM test WHERE id=$user_id ORDER BY id";
            $result = mysql_query($query) or die("Error: " . mysql_error());
            while($row = mysql_fetch_array($result))
			echo $row['user']; ?></td>
          </tr>
          <tr>
            <td align="left" bgcolor="#EAEAEA" class="style2">&nbsp;</td>
            <td align="left" bgcolor="#EAEAEA" class="style2"><strong>E-mail:</strong></td>
            <td align="left" valign="top" bgcolor="#EAEAEA" class="style2"><?php 
			$query = "SELECT * FROM test WHERE id=$user_id ORDER BY id";
            $result = mysql_query($query) or die("Error: " . mysql_error());
            while($row = mysql_fetch_array($result))
			echo $row['mail']; ?></td>
          </tr>
          <tr>
            <td bgcolor="#EAEAEA" class="style2">&nbsp;</td>
            <td align="left" valign="top" bgcolor="#EAEAEA" class="style2"><strong>Info:</strong></td>
            <td align="left" valign="top" bgcolor="#EAEAEA" class="style2"><?php 
			$query = "SELECT * FROM test WHERE id=$user_id ORDER BY id";
            $result = mysql_query($query) or die("Error: " . mysql_error());
            while($row = mysql_fetch_array($result))
			echo $row['info']; ?></td>
          </tr>
        </table></td>
      </tr>
    </table></td>
  </tr>
  <tr>
    <td align="center" bgcolor="#EAEAEA">&nbsp;</td>
  </tr>
</table>
</body>
</html>
<?php
}
else{
header ('Location: index.php');
}
?>

I don't need your script, I'll try to write it myself

#8 onlyican

onlyican
  • Members
  • PipPipPip
  • Advanced Member
  • 921 posts
  • LocationHants - UK

Posted 25 September 2006 - 01:50 AM

ok
but now you have commented all headers on the first page
What is the output?
Tell me the problem, I will try tell you the solution




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users