Jump to content

Archived

This topic is now archived and is closed to further replies.

Teach Me

PHP Login Script

Recommended Posts

HELP PLEASE...

 

Heres the problem, I have set up a website that requires a login script. I have used Dreamweaver to build the site from scratch, so there for it seemed only natural to use the PHP Login script that comes with Dreamweaver.

 

I have followed the instructions and all works well......Apart from a very strange problem!

 

Users can register their details through a register page, that in turn copies the info to MySQL..this works fine, all the info seems to be recorded correctly.

 

You should now be able to login with this info, (heres where it gets weird). Some users can login OK yet others cannot get in at all. I have checked the data in MySQL and all seems fine..VERY STRANGE.

 

Here is the PHP Code as it is at the moment.

 

<?php require_once('Connections/login.php'); ?>

<?php

mysql_select_db($database_login, $login);

$query_log = "SELECT * FROM fantasyf1_users";

$log = mysql_query($query_log, $login) or die(mysql_error());

$row_log = mysql_fetch_assoc($log);

$totalRows_log = mysql_num_rows($log);

?>

<?php

// *** Validate request to login to this site.

session_start();

 

$loginFormAction = $_SERVER['PHP_SELF'];

if (isset($accesscheck)) {

$_SESSION['PrevUrl'] = $accesscheck;

}

 

if (isset($_POST['user_name'])) {

$loginUsername=$_POST['user_name'];

$password=$_POST['password'];

$MM_fldUserAuthorization = "";

$MM_redirectLoginSuccess = "fantasyf1pages/loginsuccess.php";

$MM_redirectLoginFailed = "fantasyf1pages/logindenied.php";

$MM_redirecttoReferrer = false;

mysql_select_db($database_login, $login);

 

$LoginRS__query=sprintf("SELECT name, password FROM fantasyf1_users WHERE name='%s' AND password='%s'",

get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));

 

$LoginRS = mysql_query($LoginRS__query, $login) or die(mysql_error());

$loginFoundUser = mysql_num_rows($LoginRS);

if ($loginFoundUser) {

$loginStrGroup = "";

 

//declare two session variables and assign them

$_SESSION['MM_Username'] = $loginUsername;

$_SESSION['MM_UserGroup'] = $loginStrGroup;

 

if (isset($_SESSION['PrevUrl']) && false) {

$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];

}

header("Location: " . $MM_redirectLoginSuccess );

}

else {

header("Location: ". $MM_redirectLoginFailed );

}

}

?>

 

I hope I can find a solution soon....

Share this post


Link to post
Share on other sites

$LoginRS__query=sprintf("SELECT name, password FROM fantasyf1_users WHERE name='%s' AND password='%s'",

Change to;

 

$LoginRS__query=sprintf("SELECT name, password FROM fantasyf1_users WHERE name='$user_name' AND password='$password'",

 

also you might want to encrypt the data too

 

so use this

 

$LoginRS__query=sprintf("SELECT name, password FROM fantasyf1_users WHERE name='%user_name' AND password=PASSWORD('%password')",

 

Dont use the second script intill you are sure everyone can log on and stuff.

 

 

You have NO idea how many problems im having with the logging in and stuff.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.