Jump to content

Recommended Posts

  • Replies 65
  • Created
  • Last Reply

Top Posters In This Topic

Im thinking maybe I should just pack these scripts in and start fresh or is that a lil premature?

If you think it might be worth my time to scrap it and start over with a different script/ template of a register/ login system could you please tell me where I can get one that you know works for sure?

-SB

 

What do you mean by , and how would a password become truncated in the database?

And if youre talking about what i think you are as far as the column is concerned, VARCHAR (32)...

Let me know if this is or isnt what you were talking about. Thanx xyph.

-SB

 

No need to bump so soon.

 

What kind of column holds the password in your database? The password could have been truncated.

 

Try selecting and echo'ing all the user data, then echo that password you expect it to be. They may not be the same.

We've already been through all of this, and you've already told us the password doesn't match what's in the database. Several suggestions have been made to troubleshoot this. What have you done to debug it on your own?

VARCHAR(32) should be enough for an md5

 

On your login page, as a debugger, rather than select

WHERE `user` = $user AND `pass` = $pass

 

Just use

WHERE `user` = $user

 

Then echo the password from teh database beside the password you just hashed from the login form.

Nothn because im new to all this and I dont know how to debug it on my own or I wouldnt be asking for help. I dont mean to seem snarky but believe me if I was able to resolve this on my own I would. I did however inquire as to wether or not putting the brackets around the md5 as well as the "password" when declaring the variables at the beggining of the script but i dont think anyone commented on that yet. I honestly just dont wanna tamper with the script too much because then ill have to repost it each time and im sure a very small change could totally change the dynamics of the script and thus advice given for the script i posted may no longer be pertinent if i butcher it all to hell first. I do appreciate everyones help dont get me wrong and I apologize if Im painfully green to php and scripting in general. I  hope people continue to offer ideas and advice as it is very very much appreciated.

-SB

Perhaps if you posted what the actual password is, what the md5 value in the database table is, and what the md5 value is when you echo it in the log in code, someone could pin down what is going on. That would allow someone to determine which md5 value is actually correct and what is causing the wrong one (such as an empty $_POST variable.)

 

I suspect the reason that the echoed md5 value from the log in code is different from the value in the database table is actually due to your log in code being requested without any $_POST data (it's not checking if a form was submitted at all or validating the data in any way before using it.) What got me thinking of this is something that Andy11548 posted -

 

Check your 'memberspage.php' for any redirection to 'login.html'/'login.php'.

 

What if the log in code IS 'working' and is including the  memberspage.php code, but something in that code is causing the page to be requested again without any post data. That would cause the log in form to be redisplayed and the md5 value that is being echoed would be what corresponds to an empty password.

OK good thinking because the login html is "included" in this file but to the best of my limited understanding its only is no username is entered? 

 

<?

session_start();

if ( empty( $username ) ) {

    print "Please login below!";

    include 'login.html';

} else {

?>

<html>
<head>
<title>MEMBERS ONLY</title>
</head>
<body>
Your Members Page....<img src="apicture.jpg" />
</body>
</html>

<?
}
?>

So, the code you just posted above is what is in the memberspage.php file?

 

What about the password and two md5 values? Most of what I suggested as a possible cause of the symptom is based on which md5 value is the correct one that corresponds to the password and if the incorrect md5 value corresponds to an empty password value. Without this specific information that you saw in front of you when you were troubleshooting the problem, this thread will just go on and on and on...

IT WORKS! Im not sure what exactly I did but it works now. THANK YOU SO MUCH TO EVERYONE WHO CONTRIBUTED TO THIS THREAD AND ULTIMATELY THE RESOLVING OF MY ISSUE. I apologize for at times being so persistent but sad to say that was a few weeks in the making and so as Im sure as many of you can relate when youre stuck on something for that long you just want nothing more than to get past it. Thanks again!

Im sure it wont be long before you guys hear from me. (Im sure everyone is thrilled.) lol.

-SB

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.