Jump to content


Photo

PHP Login Script


  • Please log in to reply
1 reply to this topic

#1 Teach Me

Teach Me
  • New Members
  • Pip
  • Newbie
  • 2 posts

Posted 01 April 2005 - 10:10 PM

HELP PLEASE...

Heres the problem, I have set up a website that requires a login script. I have used Dreamweaver to build the site from scratch, so there for it seemed only natural to use the PHP Login script that comes with Dreamweaver.

I have followed the instructions and all works well......Apart from a very strange problem!

Users can register their details through a register page, that in turn copies the info to MySQL..this works fine, all the info seems to be recorded correctly.

You should now be able to login with this info, (heres where it gets weird). Some users can login OK yet others cannot get in at all. I have checked the data in MySQL and all seems fine..VERY STRANGE.

Here is the PHP Code as it is at the moment.

<?php require_once('Connections/login.php'); ?>
<?php
mysql_select_db($database_login, $login);
$query_log = "SELECT * FROM fantasyf1_users";
$log = mysql_query($query_log, $login) or die(mysql_error());
$row_log = mysql_fetch_assoc($log);
$totalRows_log = mysql_num_rows($log);
?>
<?php
// *** Validate request to login to this site.
session_start();

$loginFormAction = $_SERVER['PHP_SELF'];
if (isset($accesscheck)) {
$_SESSION['PrevUrl'] = $accesscheck;
}

if (isset($_POST['user_name'])) {
$loginUsername=$_POST['user_name'];
$password=$_POST['password'];
$MM_fldUserAuthorization = "";
$MM_redirectLoginSuccess = "fantasyf1pages/loginsuccess.php";
$MM_redirectLoginFailed = "fantasyf1pages/logindenied.php";
$MM_redirecttoReferrer = false;
mysql_select_db($database_login, $login);

$LoginRS__query=sprintf("SELECT name, password FROM fantasyf1_users WHERE name='%s' AND password='%s'",
get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));

$LoginRS = mysql_query($LoginRS__query, $login) or die(mysql_error());
$loginFoundUser = mysql_num_rows($LoginRS);
if ($loginFoundUser) {
$loginStrGroup = "";

//declare two session variables and assign them
$_SESSION['MM_Username'] = $loginUsername;
$_SESSION['MM_UserGroup'] = $loginStrGroup;

if (isset($_SESSION['PrevUrl']) && false) {
$MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
}
header("Location: " . $MM_redirectLoginSuccess );
}
else {
header("Location: ". $MM_redirectLoginFailed );
}
}
?>

I hope I can find a solution soon....

#2 kevdotbadger

kevdotbadger
  • Members
  • PipPip
  • Member
  • 18 posts

Posted 28 April 2005 - 05:57 PM

$LoginRS__query=sprintf("SELECT name, password FROM fantasyf1_users WHERE name='%s' AND password='%s'",
Change to;

$LoginRS__query=sprintf("SELECT name, password FROM fantasyf1_users WHERE name='$user_name' AND password='$password'",

also you might want to encrypt the data too

so use this

$LoginRS__query=sprintf("SELECT name, password FROM fantasyf1_users WHERE name='%user_name' AND password=PASSWORD('%password')",

Dont use the second script intill you are sure everyone can log on and stuff.


You have NO idea how many problems im having with the logging in and stuff.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users