Jump to content

simple login script always tells me invalid pass/user

Astrup

By Astrup
in Third Party Scripts

Recommended Posts

Astrup Newbie

Astrup

Posted
Posted

Hello I've downloaded a simple login script and modified it for my own user MySQL Database.

 

my db structure: 

DROP TABLE IF EXISTS `accounts`;
CREATE TABLE `accounts` (
  `acct` int(10) unsigned NOT NULL auto_increment COMMENT 'Unique ID',
  `login` varchar(32) collate utf8_unicode_ci NOT NULL default '' COMMENT 'Login username',
  `password` varchar(32) collate utf8_unicode_ci NOT NULL default '' COMMENT 'Login password',
  `encrypted_password` varchar(42) collate utf8_unicode_ci NOT NULL default '',
  `gm` varchar(32) collate utf8_unicode_ci NOT NULL default '' COMMENT 'Game permissions',
  `banned` int(10) unsigned NOT NULL default '0',
  `lastlogin` timestamp NOT NULL default '0000-00-00 00:00:00' COMMENT 'Last login timestamp',
  `lastip` varchar(16) collate utf8_unicode_ci NOT NULL default '' COMMENT 'Last remote address',
  `email` varchar(64) collate utf8_unicode_ci NOT NULL default '' COMMENT 'Contact e-mail address',
  `flags` tinyint(3) unsigned NOT NULL default '0' COMMENT 'Client flags',
  `forceLanguage` varchar(5) collate utf8_unicode_ci NOT NULL default 'enUS',
  `muted` int(30) NOT NULL default '0',
  `banreason` varchar(255) collate utf8_unicode_ci default NULL,
  `votes` int(10) NOT NULL default '0',
  `enabled` int(10) NOT NULL default '0',
  PRIMARY KEY  (`acct`),
  UNIQUE KEY `a` (`login`)
) ENGINE=MyISAM AUTO_INCREMENT=13 DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci COMMENT='Account Information';

 

example account:

INSERT INTO accounts VALUES ('1', 'test', 'test', '', 'az', '0', '2010-12-04 13:39:23', '127.0.0.1', '', '24', 'enUS', '0', null, '0', '1');

 

And I've modified this script and replaced things such as username to login and block to banned.

But when I try to login it always tells me my username and or password is invalid. I've tried several things but I cant figure out what I'm doing wrong.

I would realy appreciate it if someone could tell me this.

 

<?php
session_start();

include 'conn.php';

if($_SERVER['REQUEST_METHOD'] == 'POST')
{ 

        $login_user = $Mysqli->real_escape_string($_POST['username']); 
        $login_pass = $Mysqli->real_escape_string(sha1($_POST['password']));
	$user_ip = $_SERVER['REMOTE_ADDR'];
	srand ((double) microtime( )*1000000);
	$session_id = rand(1000,1000000);

	$q1 = "
	SELECT 
		acct,
		login,
		banned
	FROM 
		accounts
	WHERE
		login = '".$login_user."'  
	AND
		password = '".$login_pass."'
	";

		if(!$r1 = $Mysqli->query($q1))
	{

		echo 'Er is een fout opgetreden!. '. $Mysqli->error;

	}


			elseif($Mysqli->affected_rows == 1)
			{


							while ($row = $r1->fetch_assoc ())
							{ 

									$_SESSION["login"] = $row['login']; 
									$_SESSION['user_id'] = $row['id'];   
									$_SESSION['user_ip'] = $user_ip;
									$_SESSION['session_id'] = $session_id;
										   
								if ($row['banned'] == 1)
								{
									echo 'Youre banned you cannot login!';
								} 
									else 
									{ 
										//Inloggen gelukt!!
										header("location: " . 'index.php?msg=succes');
									}




				$q2 = "
				INSERT INTO
					sessions
				(
					user_id,
					session_id,
					user_ip
				)
				VALUES
				(
					'".$row['id']."',
					'".$session_id."',
					'".$user_ip."'
				)
				";
							}

								if (!$Mysqli->query ($q2) )
								{

									echo 'Something went wrong!'. $Mysqli->error;

								}




			}
				else 
				{   
					echo 'Username or Password is invalid! Please try again.'; 
				}  
          
} 
	else 
	{
		?>
			<html>
			<head>
			<title>Login</title>
			</head>
			<body>
			<h2>Login</h2>

			<?php 
				if(isset($_GET['error']))
				{
					if($_GET['error'] == 'sess')
					{
						echo 'This session is invalid! Please try again.<p>';
					}
				} 
			?>
				<form method='post'>  
							<table>  
								<tr>  
									<td>Username:</td>  
									<td><input type='text' name='username'></td>  
								</tr>  
								<tr>  
									<td>Password:</td>  
									<td><input type='password' name='password'></td>  
								</tr>  
								<tr>  
									<td><input type='submit' name='submit' value='Login'></td>  
								</tr>  
							</table>  
				</form>
				   
			</body>
			</html>           
	<?php
        }  
	?>

 

 

Thanks!

 

*edit

btw I'm sure I filled in the database files correctly in conn.php ;)

I'm not getting any mySQL errors aswell.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.