AbydosGater Posted November 21, 2006 Share Posted November 21, 2006 Hi, Ive been trying to update my login script to work on my friends website, only better....The code is as following..[code]<?phpif (!$_SESSION['username'] && !$_POST['login']){ // No session + No Form Login... Display the form...echo <<<LOGINFORM<form action="test.php" method="post" name="loginform">Username:<br><input type="text" name="username" value="" size="20" class="field1"><br>Password:<br><input type="password" name="password" value="" size="20" class="field1"><br><br><input type="submit" value="login" class="button1"><br><br><a href="register.php">Click Here To Register</a></form>LOGINFORM;} elseif ($_POST['username']){ //if the form has been submitted... The ifs + elses between this and next comment arnt that important just checking if the login details are correct...$username = $_POST['username'];$password = $_POST['password'];//--- $result = mysql_query("SELECT * FROM sf_users WHERE username='$username'") or die(mysql_error()); $user = mysql_fetch_array( $result );if ($user['member_id'] == ""){echo "<font color=\"#FF0000\"><b>Unknown username, please try again</b></font>";} else if ($user['member_id'] !== ""){$dbusername = $user['username'];$dbpassword = $user['password'];if ($username == $dbusername && $password == $dbpassword){ session_register("user"); $_SESSION['username'] = $username; $_SESSION['password'] = $password; //-- Rest Of Info On The User $_SESSION['member_id'] = $user['member_id']; $_SESSION['email'] = $user['email']; $_SESSION['CL'] = $user['CL']; $_SESSION['banned'] = $user['banned']; //-- Session Variables End echo "<font color=\"#FF0000\"><b>Thank you for login in,<br /> You will be redirected to the protected pages in 2 seconds <META HTTP-EQUIV=\"refresh\" CONTENT=\"2; URL=index.php\"></b></font>";} else if ($username == $dbusername && $password !== $dbpassword){echo "<font color=\"#FF0000\"><b>Your Password is incorrect</b></font>";} else {echo "<font color=\"#FF0000\"><b>Unknown System Error!<br> Please ensure your Cases are correct!</b></font>";}};} elseif ($_SESSION['username']){ //If we have the session... echo the username has logged in :P//Display member options...$username = $_SESSION['username'];echo "<font color='#FFFFFF'><b>$username.. You are logged in.</b></font>";} else { //WOOPS somethings gone wrong if i see this...echo "<font color='#FFFFFF'><b>Unknown System Error.</b></font>";}?>[/code]Its not working, when the form is submitted, it just displays the login for again?Where did i go wrong, its late and i cant see it.. Anyone see where?Thanks AbydosPS: You can see it running at.. www.shadowfleet.info/newversion/test.php Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/ Share on other sites More sharing options...
marcus Posted November 21, 2006 Share Posted November 21, 2006 Would you mind re-editing your post to show the php in the colour?Make the tags lowercases (e.g. (<?php ?>)) Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128130 Share on other sites More sharing options...
AbydosGater Posted November 21, 2006 Author Share Posted November 21, 2006 All done! Sorry was wondering why that was happening, never knew it had to be lowercase!Thanks Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128131 Share on other sites More sharing options...
marcus Posted November 21, 2006 Share Posted November 21, 2006 [code]<?phpif (!$_SESSION['username'] && !$_POST['login']){ // No session + No Form Login... Display the form...echo "<form action=test.php method=post name=loginform>Username:<br><input type=text name=username size=20 class=field1><br>Password:<br><input type=password name=password size=20 class=field1><br><br><input type=submit value=login class=button1><br><br><a href=register.php>Click Here To Register</a></form>";} else if ($_POST['username']){//if the form has been submitted... The ifs + elses between this and next comment arnt that important just checking if the login details are correct...$username = $_POST['username'];$password = $_POST['password'];//--- $result = mysql_query("SELECT * FROM sf_users WHERE username='$username'") or die(mysql_error()); $user = mysql_fetch_array( $result ); $num = mysql_num_rows($result);if ($num > 0){echo "<font color=\"#FF0000\"><b>Unknown username, please try again</b></font>";} else {$dbusername = $user['username'];$dbpassword = $user['password'];if ($username == $dbusername && $password == $dbpassword){ session_register("user"); $_SESSION['username'] = $username; $_SESSION['password'] = $password; //-- Rest Of Info On The User $_SESSION['member_id'] = $user['member_id']; $_SESSION['email'] = $user['email']; $_SESSION['CL'] = $user['CL']; $_SESSION['banned'] = $user['banned']; //-- Session Variables End echo "<font color=\"#FF0000\"><b>Thank you for login in,<br /> You will be redirected to the protected pages in 2 seconds <META HTTP-EQUIV=\"refresh\" CONTENT=\"2; URL=index.php\"></b></font>";} else if ($username == $dbusername && $password != $dbpassword){echo "<font color=\"#FF0000\"><b>Your Password is incorrect</b></font>";} else {echo "<font color=\"#FF0000\"><b>Unknown System Error!<br> Please ensure your Cases are correct!</b></font>";}};} elseif ($_SESSION['username']){//If we have the session... echo the username has logged in//Display member options...$uname = $_SESSION['username'];echo "<font color='#FFFFFF'><b>$uname... You are already logged in.</b></font>";} else {//WOOPS somethings gone wrong if i see this...echo "<font color='#FFFFFF'><b>Unknown System Error.</b></font>";}?>[/code] Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128136 Share on other sites More sharing options...
AbydosGater Posted November 21, 2006 Author Share Posted November 21, 2006 Thanks,Ermm.. What did you change? Just the echo for the form? or anything else?Thanks AbydosEDIT:: I tryed that, and no still the same thing.. Only displaying the form over and over after login Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128137 Share on other sites More sharing options...
marcus Posted November 21, 2006 Share Posted November 21, 2006 Look where it checks if the user actually exists. Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128140 Share on other sites More sharing options...
haaglin Posted November 21, 2006 Share Posted November 21, 2006 Add session_start(); at the top of your script. Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128141 Share on other sites More sharing options...
marcus Posted November 21, 2006 Share Posted November 21, 2006 How bout this, connect to your database. Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128142 Share on other sites More sharing options...
AbydosGater Posted November 21, 2006 Author Share Posted November 21, 2006 Ohh That would have been very smart of me to add it in, completly forgot, Thanks..But now that ive put that in... And still when i submit the form.. Its displaying the form again :(EDIT:: Im connected to my database.. Im requiring a file into the top of the page with the code of..<?phprequire_once("config.php");session_start();conn_db();?>The config file has my database info and the function.. Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128144 Share on other sites More sharing options...
marcus Posted November 21, 2006 Share Posted November 21, 2006 It echo's test now. Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128145 Share on other sites More sharing options...
AbydosGater Posted November 21, 2006 Author Share Posted November 21, 2006 I know i added echo test to the header file just to make sure its running.. Gone now Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128148 Share on other sites More sharing options...
marcus Posted November 21, 2006 Share Posted November 21, 2006 Hmm... this is interesting. Have you thought of using cookies? Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128149 Share on other sites More sharing options...
AbydosGater Posted November 21, 2006 Author Share Posted November 21, 2006 yes i was thinking about it but ive never used them before, so i would be much happier using the sessions for the moment, i was going to add cookie options for a remember me, but not untill i had everything else working.. Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128151 Share on other sites More sharing options...
haaglin Posted November 21, 2006 Share Posted November 21, 2006 Add name=login to your login button. Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128154 Share on other sites More sharing options...
AbydosGater Posted November 21, 2006 Author Share Posted November 21, 2006 YAYYAYYAYYAY HAAGLIN!! Your A Genious! :DThank You Both.. Expessially mgallforever you put alot of time into this topic.. Thank you.But :P Whatever you did to my checking if the user exists :( now when i login, it keeps saying the user doesnt exist :P Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128157 Share on other sites More sharing options...
marcus Posted November 21, 2006 Share Posted November 21, 2006 Oh, you can just remove it then. I was just using my login script to yours. Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128159 Share on other sites More sharing options...
AbydosGater Posted November 21, 2006 Author Share Posted November 21, 2006 Okay!! Thanks! Woot, im happy now! Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128160 Share on other sites More sharing options...
haaglin Posted November 21, 2006 Share Posted November 21, 2006 A tip for you is to look into the md5 function to encrypt your passwords. this is one-way, so you can only compare the encrypted against each others like this:if(md5($dbpassword) == $password) { \\password ok. This is of course if you saved the password with md5 to the database. 'Passwords encrypted with md5 cannot be decrypted! Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128164 Share on other sites More sharing options...
AbydosGater Posted November 22, 2006 Author Share Posted November 22, 2006 Ok great.. How exactly would i do this?So in the registeration script (Not started:P), when inserting the user into the database use...$userpasswd = md5($formenteredpassword);INSERT into blah VALUES ($userpasswd...)and then in the login script...if(md5($dbpassword) == $password) { \\password ok. Is this correct? Link to comment https://forums.phpfreaks.com/topic/28012-whats-wrong-with-my-code-please-help/#findComment-128519 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.