DaveGordon Posted February 12, 2013 Share Posted February 12, 2013 It has been a long while since I have programmed anything and I have recently decided to take it back up again. I have a login script that previously worked fine but as I said it has been a long time and there have been updates to PHP. It seems that these updates have caused my script not too work. Could someone please help me out with what needs updating and for what reasons. The first section is just a snippet from the home page <form method=post action=login.php> <tr><td width="67" with=10>User:</td><td width="145"><input type=text name=user></td> <td width="486" align=right with=100%>Current Game Time: <? $date = date("h:i:s A T"); print "$date"?> </td> </tr> <tr><td with=10>Password:</td><td><input type=password name=pass></td> THis second bit being the login page <?php if (!$user || !$pass) { include("head.php"); print "Please fill out all fields."; include("foot.php"); exit; } include("head.php"); $pass = md5("$pass"); $logres = mysql_num_rows(mysql_query("select * from players where user='$user' and pass='$pass'")); if ($logres <= 0) { print "Login failed. If you have not already, please signup. Otherwise, check your spelling and login again."; include("foot.php"); exit; } else { session_register("user"); session_register("pass"); print " <br>Welcome back. Please click <a href=updates.php>here</a> to continue.."; } include("foot.php"); ?> NO matter what I do it just says please fill out all fields. Like I said I know this previously ran fine. Quote Link to comment https://forums.phpfreaks.com/topic/274401-my-login-script/ Share on other sites More sharing options...
Jessica Posted February 12, 2013 Share Posted February 12, 2013 Your script depends on register_globals, which is a security risk. You need to use the $_POST superglobal. Quote Link to comment https://forums.phpfreaks.com/topic/274401-my-login-script/#findComment-1411993 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.