Jump to content

simple login script always tells me invalid pass/user

Astrup

By Astrup
in Third Party Scripts

 Share

Recommended Posts

Astrup Newbie

Astrup

Posted
Posted

Hello I've downloaded a simple login script and modified it for my own user MySQL Database.

 

my db structure: 

DROP TABLE IF EXISTS `accounts`;
CREATE TABLE `accounts` (
  `acct` int(10) unsigned NOT NULL auto_increment COMMENT 'Unique ID',
  `login` varchar(32) collate utf8_unicode_ci NOT NULL default '' COMMENT 'Login username',
  `password` varchar(32) collate utf8_unicode_ci NOT NULL default '' COMMENT 'Login password',
  `encrypted_password` varchar(42) collate utf8_unicode_ci NOT NULL default '',
  `gm` varchar(32) collate utf8_unicode_ci NOT NULL default '' COMMENT 'Game permissions',
  `banned` int(10) unsigned NOT NULL default '0',
  `lastlogin` timestamp NOT NULL default '0000-00-00 00:00:00' COMMENT 'Last login timestamp',
  `lastip` varchar(16) collate utf8_unicode_ci NOT NULL default '' COMMENT 'Last remote address',
  `email` varchar(64) collate utf8_unicode_ci NOT NULL default '' COMMENT 'Contact e-mail address',
  `flags` tinyint(3) unsigned NOT NULL default '0' COMMENT 'Client flags',
  `forceLanguage` varchar(5) collate utf8_unicode_ci NOT NULL default 'enUS',
  `muted` int(30) NOT NULL default '0',
  `banreason` varchar(255) collate utf8_unicode_ci default NULL,
  `votes` int(10) NOT NULL default '0',
  `enabled` int(10) NOT NULL default '0',
  PRIMARY KEY  (`acct`),
  UNIQUE KEY `a` (`login`)
) ENGINE=MyISAM AUTO_INCREMENT=13 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci COMMENT='Account Information';

 

example account:

INSERT INTO accounts VALUES ('1', 'test', 'test', '', 'az', '0', '2010-12-04 13:39:23', '127.0.0.1', '', '24', 'enUS', '0', null, '0', '1');

 

And I've modified this script and replaced things such as username to login and block to banned.

But when I try to login it always tells me my username and or password is invalid. I've tried several things but I cant figure out what I'm doing wrong.

I would realy appreciate it if someone could tell me this.

 

<?php
session_start();

include 'conn.php';

if($_SERVER['REQUEST_METHOD'] == 'POST')
{ 

        $login_user = $Mysqli->real_escape_string($_POST['username']); 
        $login_pass = $Mysqli->real_escape_string(sha1($_POST['password']));
	$user_ip = $_SERVER['REMOTE_ADDR'];
	srand ((double) microtime( )*1000000);
	$session_id = rand(1000,1000000);

	$q1 = "
	SELECT 
		acct,
		login,
		banned
	FROM 
		accounts
	WHERE
		login = '".$login_user."'  
	AND
		password = '".$login_pass."'
	";

		if(!$r1 = $Mysqli->query($q1))
	{

		echo 'Er is een fout opgetreden!. '. $Mysqli->error;

	}


			elseif($Mysqli->affected_rows == 1)
			{


							while ($row = $r1->fetch_assoc ())
							{ 

									$_SESSION["login"] = $row['login']; 
									$_SESSION['user_id'] = $row['id'];   
									$_SESSION['user_ip'] = $user_ip;
									$_SESSION['session_id'] = $session_id;
										   
								if ($row['banned'] == 1)
								{
									echo 'Youre banned you cannot login!';
								} 
									else 
									{ 
										//Inloggen gelukt!!
										header("location: " . 'index.php?msg=succes');
									}




				$q2 = "
				INSERT INTO
					sessions
				(
					user_id,
					session_id,
					user_ip
				)
				VALUES
				(
					'".$row['id']."',
					'".$session_id."',
					'".$user_ip."'
				)
				";
							}

								if (!$Mysqli->query ($q2) )
								{

									echo 'Something went wrong!'. $Mysqli->error;

								}




			}
				else 
				{   
					echo 'Username or Password is invalid! Please try again.'; 
				}  
          
} 
	else 
	{
		?>
			<html>
			<head>
			<title>Login</title>
			</head>
			<body>
			<h2>Login</h2>

			<?php 
				if(isset($_GET['error']))
				{
					if($_GET['error'] == 'sess')
					{
						echo 'This session is invalid! Please try again.<p>';
					}
				} 
			?>
				<form method='post'>  
							<table>  
								<tr>  
									<td>Username:</td>  
									<td><input type='text' name='username'></td>  
								</tr>  
								<tr>  
									<td>Password:</td>  
									<td><input type='password' name='password'></td>  
								</tr>  
								<tr>  
									<td><input type='submit' name='submit' value='Login'></td>  
								</tr>  
							</table>  
				</form>
				   
			</body>
			</html>           
	<?php
        }  
	?>

 

 

Thanks!

 

*edit

btw I'm sure I filled in the database files correctly in conn.php ;)

I'm not getting any mySQL errors aswell.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.