Jump to content

Recommended Posts

http://pastebin.com/NB3eA3gn

 

sorry about that

 

  1. if (empty($_POST) === false) {
  2.         $username = $_POST['username']
  3.         $password = $_POST['password']
  4.  
  5. if (empty($username) === true | | empty($password) === true) {
  6.         $errors[] = 'You need to enter a username and password';
  7.         } else if (user_exists($username) === false) {
  8.                 $errors[] 'Your username is incorrect.';
  9.         } else if (user_active($username) === false) {
  10.                 $errors[]  = 'You have not activated your account!';
  11.         } else {
  12.        
  13.                 if (strlen)($password)) > 20) {
  14.                         $error[] 'Username is too long';
  15.                 }
  16.                
  17.                 $login = login($username, $password);
  18.                 if login ==== false) {
  19.                         $errors[] = "That username or password is incorrect. Please try again.";
  20.                 } else if {
  21.                         $_Session['user_id'] = $login;
  22.                         header('Location: index.php');
  23.                         edit();
  24.                 }
  25.         }
  26. ?>

Alright. So what is your question about error handling? What's not working?

 

And can I assume you're aware of the syntax errors in your code? And a few other errors...

Edited by requinix

This part of the code is not going to work.

   if (strlen)($password)) > 20) {    // if (strlen($password) > 20)
                        $error[] 'Username is too long';
                }
               
                $login = login($username, $password);
                if login ==== false) {   // if (login === false)
                        $errors[] = "That username or password is incorrect. Please try again.";
                } else if {
                        $_Session['user_id'] = $login;
                        header('Location: index.php');
                        edit();
                }

Youtube is not the place to be learning, go to php.net

I suggest you read everything there and also go through the functions and what they do, when to use them, otherwise you will never learn this.

 

This is a register script just wrote another member, edit it for a login or at least look it over.

http://forums.phpfreaks.com/topic/298136-anyone-willing-to-do-a-quick-security-review-or-a-registration-page/?p=1520717

 

When dealing with passwords should be using password_hash() and password_verify()

 

An attempt to fix this code but should post the rest what you have as well or find a better tutorial with mysqli/pdo and uses password_hash.

<?php
if (isset($_POST['submit'])) {
    $errors = array();
    
    if (isset($_POST['username']) && trim($_POST['username']) != '') {
        $username = trim($_POST['username']);
    } else {
        $username = '';
        $errors[] = 'username';
    }
    if (isset($_POST['password']) && trim($_POST['password']) != '') {
        $password = trim($_POST['password']);
    } else {
        $password = '';
        $errors[] = 'password';
    }
    
    if (empty($errors)) {
        $login = login($username, $password);
        if ($login === false) {
            $errors[] = "That username or password is incorrect. Please try again.";
        } else {
            $_SESSION['user_id'] = $login; //does login function return a name or id?
            header('Location: index.php');
            exit();
        }
    }
    
    if (!empty($errors)) {
        echo "Errors: " . implode($errors,", ");
    }
}
?> 

I knew I was missing stuff. The code is very difficult to follow.

   if (strlen)($password)) > 20) {    // if (strlen($password) > 20)
                        $error[] 'Username is too long';
                }
               
                $login = login($username, $password);
                if login ==== false) {   // if (login === false)
                        $errors[] = "That username or password is incorrect. Please try again.";

                } else if {  // No conditional statement.  should be only else and not else if
                        $_Session['user_id'] = $login;  //as mentioned $_SESSION['user_id'] = $login;
                        header('Location: index.php');
                        edit();
                }
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.