Jump to content

Archived

This topic is now archived and is closed to further replies.

Gruzin

Simple login script does not work

Recommended Posts

Hi everybody,
Here is my little script, which checks the user and pass from db, I don't know what's wrong it does nto work, if you will be so kind to look at it, I'll really appreciate that, thanks.

[code]<?php
session_start();
$user_form = $_POST["user"];
$pass_form = $_POST["pass"];

require ("config.php");

$result = mysql_query("SELECT * FROM test WHERE user='$user_form'");
while($row = mysql_fetch_array($result)){
$row_user = $row['user'];
$row_pass = $row['pass1'];
$row_id = $row['id'];
}
if($user_form == $row_user && $pass_form == $row_pass){
  $_SESSION['user'] = $row_user;
  $_SESSION['id'] = $row_id;
  header ('location: profile.php');
}
else{
  header ('Location: index.php');
}
?>[/code]

Share this post


Link to post
Share on other sites
this looks like an old fashioned manual debug job

I have added some echos in places, to show the vars, make sure they are being parsed

and I added a row to check if there are results in the DB

I also commented a header
To check the Row Values

[code]
<?php
session_start();
$user_form = $_POST["user"];
$pass_form = $_POST["pass"];
echo "POst values User is ".$user_form." AND Pass is ".$pass_form."<br />\n";
require ("config.php");

$result = mysql_query("SELECT * FROM test WHERE user='$user_form'");
if(mysql_num_rows($result) != 0){
while($row = mysql_fetch_array($result)){

$row_user = $row['user'];
$row_pass = $row['pass1'];
$row_id = $row['id'];
}
}else{
echo "No Results found in the table<br />\n";
}

if($user_form == $row_user && $pass_form == $row_pass){
  $_SESSION['user'] = $row_user;
  $_SESSION['id'] = $row_id;
  header ('location: profile.php');
}
else{
  //header ('Location: index.php');
  echo "Row User is ".$row_user." AND Row Pass is ".$row_pass."<br />\n";
}
?>
[/code]

Try this, and see what outputs

Share this post


Link to post
Share on other sites
Well, thanks for your answer and I know you'll be surprised: It Does the same, I mean it redirects to the index.php without "anything"....

Share this post


Link to post
Share on other sites
If it redirects to the index you have done something different to me
as my version, I have commented the line that redirects to index

OR
the problem is not in the snippit you supplied

Share this post


Link to post
Share on other sites
Here is the code you've modified, I've checked the directory where login.php file should be and it's correct, so I don't really know what's wrong  :(

[code]<?php
session_start();
$user_form = $_POST["user"];
$pass_form = $_POST["pass"];
echo "POst values User is ".$user_form." AND Pass is ".$pass_form."<br />\n";
require ("config.php");

$result = mysql_query("SELECT * FROM test WHERE user='$user_form'");
if(mysql_num_rows($result) != 0){
while($row = mysql_fetch_array($result)){

$row_user = $row['user'];
$row_pass = $row['pass1'];
$row_id = $row['id'];
}
}else{
echo "No Results found in the table<br />\n";
}

if($user_form == $row_user && $pass_form == $row_pass){
  $_SESSION['user'] = $row_user;
  $_SESSION['id'] = $row_id;
  header ('location: profile.php');
}
else{
  //header ('Location: index.php');
  echo "Row User is ".$row_user." AND Row Pass is ".$row_pass."<br />\n";
}
?>[/code]

Share this post


Link to post
Share on other sites
ok

comment
header ('location: profile.php');
Add under that line
echo "Everything matches, lets direct to profile.php

Cos you might have something on profile.php, which is diverting it to index.php

All these echos is a visual for you to see what is happening
By removing all header redirects, you can see what sections your script is going through

Share this post


Link to post
Share on other sites
Here is the profile.php:

[code]<?php
session_start();
if(isset($_SESSION['user'])){
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Picture Manager</title>
<link href="css/style.css" rel="stylesheet" type="text/css">
</head>

<body>
<table width="600" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td align="center" bgcolor="#FF6600" class="style1"><strong>Welocome <?php echo $_SESSION['user'];?></strong></td>
  </tr>
</table>
<table width="600" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td bgcolor="#EAEAEA">&nbsp;</td>
  </tr>
  <tr>
    <td align="center" bgcolor="#FFD1B3"><table width="400" border="0" cellpadding="0" cellspacing="0" id="reg">
      <tr>
        <td width="100" align="center"><a href="profile.php">Home</a></td>
        <td width="100" align="center"><a href="edit_profile.php">Edit Profile</a> </td>
        <td width="100" align="center"><a href="#">Change Password </a></td>
        <td width="100" align="center"><a href="logout.php">Log Out</a></td>
      </tr>
    </table></td>
  </tr>
</table>
<table width="600" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td bgcolor="#EAEAEA">&nbsp;</td>
  </tr>
  <tr>
    <td align="center" bgcolor="#EAEAEA"><table width="400" border="0" cellpadding="0" cellspacing="2" bgcolor="#FFD1B3">
      <tr>
        <td width="150" align="center" valign="top" bgcolor="#EAEAEA"><?php
require ("config.php");
        $query = "SELECT * FROM test WHERE id=$user_id ORDER BY id";
        $result = mysql_query($query) or die("Error: " . mysql_error());
        while($row = mysql_fetch_array($result))
$imageArr = "uploads/".$row['pic'];
        echo '<img alt="" src="'.$imageArr.'">';
        ?></td>
        <td width="250" align="left" valign="top"><table width="250" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td width="10" align="left" bgcolor="#EAEAEA" class="style2">&nbsp;</td>
            <td width="70" align="left" bgcolor="#EAEAEA" class="style2"><strong>Username:</strong></td>
            <td width="170" align="left" valign="top" bgcolor="#EAEAEA" class="style2"><?php
$query = "SELECT * FROM test WHERE id=$user_id ORDER BY id";
            $result = mysql_query($query) or die("Error: " . mysql_error());
            while($row = mysql_fetch_array($result))
echo $row['user']; ?></td>
          </tr>
          <tr>
            <td align="left" bgcolor="#EAEAEA" class="style2">&nbsp;</td>
            <td align="left" bgcolor="#EAEAEA" class="style2"><strong>E-mail:</strong></td>
            <td align="left" valign="top" bgcolor="#EAEAEA" class="style2"><?php
$query = "SELECT * FROM test WHERE id=$user_id ORDER BY id";
            $result = mysql_query($query) or die("Error: " . mysql_error());
            while($row = mysql_fetch_array($result))
echo $row['mail']; ?></td>
          </tr>
          <tr>
            <td bgcolor="#EAEAEA" class="style2">&nbsp;</td>
            <td align="left" valign="top" bgcolor="#EAEAEA" class="style2"><strong>Info:</strong></td>
            <td align="left" valign="top" bgcolor="#EAEAEA" class="style2"><?php
$query = "SELECT * FROM test WHERE id=$user_id ORDER BY id";
            $result = mysql_query($query) or die("Error: " . mysql_error());
            while($row = mysql_fetch_array($result))
echo $row['info']; ?></td>
          </tr>
        </table></td>
      </tr>
    </table></td>
  </tr>
  <tr>
    <td align="center" bgcolor="#EAEAEA">&nbsp;</td>
  </tr>
</table>
</body>
</html>
<?php
}
else{
header ('Location: index.php');
}
?>[/code]

Share this post


Link to post
Share on other sites
ok
but now you have commented all headers on the first page
What is the output?

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.