Teach Me Posted April 1, 2005 Share Posted April 1, 2005 HELP PLEASE... Heres the problem, I have set up a website that requires a login script. I have used Dreamweaver to build the site from scratch, so there for it seemed only natural to use the PHP Login script that comes with Dreamweaver. I have followed the instructions and all works well......Apart from a very strange problem! Users can register their details through a register page, that in turn copies the info to MySQL..this works fine, all the info seems to be recorded correctly. You should now be able to login with this info, (heres where it gets weird). Some users can login OK yet others cannot get in at all. I have checked the data in MySQL and all seems fine..VERY STRANGE. Here is the PHP Code as it is at the moment. <?php require_once('Connections/login.php'); ?> <?php mysql_select_db($database_login, $login); $query_log = "SELECT * FROM fantasyf1_users"; $log = mysql_query($query_log, $login) or die(mysql_error()); $row_log = mysql_fetch_assoc($log); $totalRows_log = mysql_num_rows($log); ?> <?php // *** Validate request to login to this site. session_start(); $loginFormAction = $_SERVER['PHP_SELF']; if (isset($accesscheck)) { $_SESSION['PrevUrl'] = $accesscheck; } if (isset($_POST['user_name'])) { $loginUsername=$_POST['user_name']; $password=$_POST['password']; $MM_fldUserAuthorization = ""; $MM_redirectLoginSuccess = "fantasyf1pages/loginsuccess.php"; $MM_redirectLoginFailed = "fantasyf1pages/logindenied.php"; $MM_redirecttoReferrer = false; mysql_select_db($database_login, $login); $LoginRS__query=sprintf("SELECT name, password FROM fantasyf1_users WHERE name='%s' AND password='%s'", get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password)); $LoginRS = mysql_query($LoginRS__query, $login) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = ""; //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; if (isset($_SESSION['PrevUrl']) && false) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); } } ?> I hope I can find a solution soon.... Quote Link to comment https://forums.phpfreaks.com/topic/2236-php-login-script/ Share on other sites More sharing options...
kevdotbadger Posted April 28, 2005 Share Posted April 28, 2005 $LoginRS__query=sprintf("SELECT name, password FROM fantasyf1_users WHERE name='%s' AND password='%s'", Change to; $LoginRS__query=sprintf("SELECT name, password FROM fantasyf1_users WHERE name='$user_name' AND password='$password'", also you might want to encrypt the data too so use this $LoginRS__query=sprintf("SELECT name, password FROM fantasyf1_users WHERE name='%user_name' AND password=PASSWORD('%password')", Dont use the second script intill you are sure everyone can log on and stuff. You have NO idea how many problems im having with the logging in and stuff. Quote Link to comment https://forums.phpfreaks.com/topic/2236-php-login-script/#findComment-7505 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.