AbydosGater Posted November 21, 2006 Share Posted November 21, 2006 Hi, Ive been trying to update my login script to work on my friends website, only better....The code is as following..[code]<?phpif (!$_SESSION['username'] && !$_POST['login']){ // No session + No Form Login... Display the form...echo <<<LOGINFORM<form action="test.php" method="post" name="loginform">Username:<br><input type="text" name="username" value="" size="20" class="field1"><br>Password:<br><input type="password" name="password" value="" size="20" class="field1"><br><br><input type="submit" value="login" class="button1"><br><br><a href="register.php">Click Here To Register</a></form>LOGINFORM;} elseif ($_POST['username']){ //if the form has been submitted... The ifs + elses between this and next comment arnt that important just checking if the login details are correct...$username = $_POST['username'];$password = $_POST['password'];//--- $result = mysql_query("SELECT * FROM sf_users WHERE username='$username'") or die(mysql_error()); $user = mysql_fetch_array( $result );if ($user['member_id'] == ""){echo "<font color=\"#FF0000\"><b>Unknown username, please try again</b></font>";} else if ($user['member_id'] !== ""){$dbusername = $user['username'];$dbpassword = $user['password'];if ($username == $dbusername && $password == $dbpassword){ session_register("user"); $_SESSION['username'] = $username; $_SESSION['password'] = $password; //-- Rest Of Info On The User $_SESSION['member_id'] = $user['member_id']; $_SESSION['email'] = $user['email']; $_SESSION['CL'] = $user['CL']; $_SESSION['banned'] = $user['banned']; //-- Session Variables End echo "<font color=\"#FF0000\"><b>Thank you for login in,<br /> You will be redirected to the protected pages in 2 seconds <META HTTP-EQUIV=\"refresh\" CONTENT=\"2; URL=index.php\"></b></font>";} else if ($username == $dbusername && $password !== $dbpassword){echo "<font color=\"#FF0000\"><b>Your Password is incorrect</b></font>";} else {echo "<font color=\"#FF0000\"><b>Unknown System Error!<br> Please ensure your Cases are correct!</b></font>";}};} elseif ($_SESSION['username']){ //If we have the session... echo the username has logged in :P//Display member options...$username = $_SESSION['username'];echo "<font color='#FFFFFF'><b>$username.. You are logged in.</b></font>";} else { //WOOPS somethings gone wrong if i see this...echo "<font color='#FFFFFF'><b>Unknown System Error.</b></font>";}?>[/code]Its not working, when the form is submitted, it just displays the login for again?Where did i go wrong, its late and i cant see it.. Anyone see where?Thanks AbydosPS: You can see it running at.. www.shadowfleet.info/newversion/test.php Quote Link to comment Share on other sites More sharing options...
marcus Posted November 21, 2006 Share Posted November 21, 2006 Would you mind re-editing your post to show the php in the colour?Make the tags lowercases (e.g. (<?php ?>)) Quote Link to comment Share on other sites More sharing options...
AbydosGater Posted November 21, 2006 Author Share Posted November 21, 2006 All done! Sorry was wondering why that was happening, never knew it had to be lowercase!Thanks Quote Link to comment Share on other sites More sharing options...
marcus Posted November 21, 2006 Share Posted November 21, 2006 [code]<?phpif (!$_SESSION['username'] && !$_POST['login']){ // No session + No Form Login... Display the form...echo "<form action=test.php method=post name=loginform>Username:<br><input type=text name=username size=20 class=field1><br>Password:<br><input type=password name=password size=20 class=field1><br><br><input type=submit value=login class=button1><br><br><a href=register.php>Click Here To Register</a></form>";} else if ($_POST['username']){//if the form has been submitted... The ifs + elses between this and next comment arnt that important just checking if the login details are correct...$username = $_POST['username'];$password = $_POST['password'];//--- $result = mysql_query("SELECT * FROM sf_users WHERE username='$username'") or die(mysql_error()); $user = mysql_fetch_array( $result ); $num = mysql_num_rows($result);if ($num > 0){echo "<font color=\"#FF0000\"><b>Unknown username, please try again</b></font>";} else {$dbusername = $user['username'];$dbpassword = $user['password'];if ($username == $dbusername && $password == $dbpassword){ session_register("user"); $_SESSION['username'] = $username; $_SESSION['password'] = $password; //-- Rest Of Info On The User $_SESSION['member_id'] = $user['member_id']; $_SESSION['email'] = $user['email']; $_SESSION['CL'] = $user['CL']; $_SESSION['banned'] = $user['banned']; //-- Session Variables End echo "<font color=\"#FF0000\"><b>Thank you for login in,<br /> You will be redirected to the protected pages in 2 seconds <META HTTP-EQUIV=\"refresh\" CONTENT=\"2; URL=index.php\"></b></font>";} else if ($username == $dbusername && $password != $dbpassword){echo "<font color=\"#FF0000\"><b>Your Password is incorrect</b></font>";} else {echo "<font color=\"#FF0000\"><b>Unknown System Error!<br> Please ensure your Cases are correct!</b></font>";}};} elseif ($_SESSION['username']){//If we have the session... echo the username has logged in//Display member options...$uname = $_SESSION['username'];echo "<font color='#FFFFFF'><b>$uname... You are already logged in.</b></font>";} else {//WOOPS somethings gone wrong if i see this...echo "<font color='#FFFFFF'><b>Unknown System Error.</b></font>";}?>[/code] Quote Link to comment Share on other sites More sharing options...
AbydosGater Posted November 21, 2006 Author Share Posted November 21, 2006 Thanks,Ermm.. What did you change? Just the echo for the form? or anything else?Thanks AbydosEDIT:: I tryed that, and no still the same thing.. Only displaying the form over and over after login Quote Link to comment Share on other sites More sharing options...
marcus Posted November 21, 2006 Share Posted November 21, 2006 Look where it checks if the user actually exists. Quote Link to comment Share on other sites More sharing options...
haaglin Posted November 21, 2006 Share Posted November 21, 2006 Add session_start(); at the top of your script. Quote Link to comment Share on other sites More sharing options...
marcus Posted November 21, 2006 Share Posted November 21, 2006 How bout this, connect to your database. Quote Link to comment Share on other sites More sharing options...
AbydosGater Posted November 21, 2006 Author Share Posted November 21, 2006 Ohh That would have been very smart of me to add it in, completly forgot, Thanks..But now that ive put that in... And still when i submit the form.. Its displaying the form again :(EDIT:: Im connected to my database.. Im requiring a file into the top of the page with the code of..<?phprequire_once("config.php");session_start();conn_db();?>The config file has my database info and the function.. Quote Link to comment Share on other sites More sharing options...
marcus Posted November 21, 2006 Share Posted November 21, 2006 It echo's test now. Quote Link to comment Share on other sites More sharing options...
AbydosGater Posted November 21, 2006 Author Share Posted November 21, 2006 I know i added echo test to the header file just to make sure its running.. Gone now Quote Link to comment Share on other sites More sharing options...
marcus Posted November 21, 2006 Share Posted November 21, 2006 Hmm... this is interesting. Have you thought of using cookies? Quote Link to comment Share on other sites More sharing options...
AbydosGater Posted November 21, 2006 Author Share Posted November 21, 2006 yes i was thinking about it but ive never used them before, so i would be much happier using the sessions for the moment, i was going to add cookie options for a remember me, but not untill i had everything else working.. Quote Link to comment Share on other sites More sharing options...
haaglin Posted November 21, 2006 Share Posted November 21, 2006 Add name=login to your login button. Quote Link to comment Share on other sites More sharing options...
AbydosGater Posted November 21, 2006 Author Share Posted November 21, 2006 YAYYAYYAYYAY HAAGLIN!! Your A Genious! :DThank You Both.. Expessially mgallforever you put alot of time into this topic.. Thank you.But :P Whatever you did to my checking if the user exists :( now when i login, it keeps saying the user doesnt exist :P Quote Link to comment Share on other sites More sharing options...
marcus Posted November 21, 2006 Share Posted November 21, 2006 Oh, you can just remove it then. I was just using my login script to yours. Quote Link to comment Share on other sites More sharing options...
AbydosGater Posted November 21, 2006 Author Share Posted November 21, 2006 Okay!! Thanks! Woot, im happy now! Quote Link to comment Share on other sites More sharing options...
haaglin Posted November 21, 2006 Share Posted November 21, 2006 A tip for you is to look into the md5 function to encrypt your passwords. this is one-way, so you can only compare the encrypted against each others like this:if(md5($dbpassword) == $password) { \\password ok. This is of course if you saved the password with md5 to the database. 'Passwords encrypted with md5 cannot be decrypted! Quote Link to comment Share on other sites More sharing options...
AbydosGater Posted November 22, 2006 Author Share Posted November 22, 2006 Ok great.. How exactly would i do this?So in the registeration script (Not started:P), when inserting the user into the database use...$userpasswd = md5($formenteredpassword);INSERT into blah VALUES ($userpasswd...)and then in the login script...if(md5($dbpassword) == $password) { \\password ok. Is this correct? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.