Need help with login

[marcus]

Ok, well I have made a login script which goes threw to see if the user is confirmed and checks if it exists, but each time I enter in all the date it will keep echoing they are incorrect.

Here is the code:

[code]
<? include('header.php'); ?>
<?php
//GRAB DATA FROM THE FORM AND DEFINE VALUES
$uname = $_POST[username];
$upass = $_POST[password];
$action= $_POST[action];
$timestamp = date("G:i:s");

//ECHO FORM IF NOTHING IS VALID
if(empty($uname) && empty($upass) && empty($action)){
echo "<table border=0 cellspacing=0 cellpadding=0>";
echo "<form name=".'check'." action=".'login.php'." method=".'post'.">";
echo "<tr><td colspan=2 align=left><h3>Login</h3></a>";
echo "<tr><td>Username:<td><input type=text name=username>";
echo "<tr><td colspan=2>
<input type=hidden name=action value=check>
<input type=submit value=".'Login'.">";
echo "</form>";
echo "</table";
};

if(isset($uname) && empty($upass) && $action == check){
$check = "SELECT * FROM `users` WHERE username ='$uname'";
$resch = mysql_query($check) or die(mysql_error());
$resc1 = mysql_fetch_assoc($resch);
$confi = $resc1[confirm];
$userid = $resc1[id];

//CHECK IF USER ACCOUNT IS CONFIRMED
if($confi == 0){
echo "Your account is not confirmed, please check your email, to resend please <a href=".'resend.php?id=$userid'.">";
}else {
//PRODUCE SECOND FORM FOR PASSWORD
echo "<table border=0 cellspacing=0 cellpadding=0>";
echo "<form name=login action=".'login.php'." method=".'post'.">";
echo "<tr><td colspan=2 align=left><h3>Login</h3>";
echo "<tr><td>Username:<td><input type=text name=username value=".$uname." readonly>";
echo "<tr><td>Password:<td><input type=password name=password>";
echo "<tr><td colspan=2 valign=left>
<input type=hidden name=action value=login>
<input type=submit value=".'Login'.">";
echo "</form>";
echo "</table>";
};
}else


//CHECK IF USERNAME AND PASSWORD ARE VALID THREW FORM
if(empty($uname) || empty($upass)){
echo "You have not supplied a username and/or a password";
die();
};

//ONLY IF USERNAME AND PASSWORD ARE VALID THE FOLLOWING WITH PROCESS
if($uname && $upass && $action == login){

//CHECK IF USERNAME EXISTS
//DO SQL QUERIES ON UNAME AND UPASS
$q1 = "SELECT * FROM `users` WHERE username ='$uname' AND pass ='$upass' LIMIT 1";
$go = mysql_query($q1) or die(mysql_error());
$q2 = mysql_num_rows($go);
$q3 = mysql_fetch_assoc($go);
//IF EXISTS WILL LOG IN
if($q3 > 0){
echo "You have now been logged in. If you experience any difficulties navigating the website you may have not enabled or allowed cookies for this website!";
//SETTING COOKIES FOR A THREE HOUR PERIOD
setcookie(auth,yes,time()+7200);
setcookie(id,$id['id'],time()+7200);
setcookie(username,$id['username'],time()+7200);

//NEXT WE WILL UPDATE LAST LOGIN
$q4 = "UPDATE `users` SET lastlogin =$timestamp WHERE username ='$uname'";
$go2= mysql_query($q4) or die(mysql_error());
}else {
echo "Your login details were incorrect, please try again!";
};
};
?>
<? include('footer.php'); ?>
[/code]

EDIT: Code fixed to log in, but now cookies are not setting.

[code]

Warning: Cannot modify header information - headers already sent by (output started at
/home/neoblob/public_html/cms/header.php:19) in /home/neoblob/public_html/cms/login.php on line 67

Warning: Cannot modify header information - headers already sent by (output started at
/home/neoblob/public_html/cms/header.php:19) in /home/neoblob/public_html/cms/login.php on line 68

Warning: Cannot modify header information - headers already sent by (output started at
/home/neoblob/public_html/cms/header.php:19) in /home/neoblob/public_html/cms/login.php on line 69


[/code]

[trq]

there is a big fatty sticky at the top of this forum tht refers to the common HEADER errors. [url=http://www.phpfreaks.com/forums/index.php/topic,37442.0.html]READ IT[/url]!.

[marcus]

Mine is just like that...