KillerWolf Posted December 10, 2006 Share Posted December 10, 2006 hey guys ive been workin on this for awhile now and i figured that iam stuck now :( so i figured who would know but my freinds at phpfreaks :)so here is the connecting script called "db_connect.php":[code]<?phpDEFINE ('DB_USER', 'root');DEFINE ('DB_PASSWORD', '');DEFINE ('DB_HOST', 'localhost');DEFINE ('DB_NAME', 'mbdoor');$db_connect = @mysql_connect (DB_HOST, DB_USER, DB_PASSWORD);@mysql_select_db (DB_NAME) OR die ('could not select the database: ' . mysql_error());function escape_data ($data) {if (ini_get('magic_quotes_gpc')) { $data = stripslashes($data);}if (function_exists('mysql_real_escape_string')) { global $db_connect; $data = mysql_real_escape_string(trim($data), $db_connect);}else{ $data= mysql_escape_string(trim($data));}//return escaped valuereturn $data;}?>[/code]then i have my main page were the username is validated with the one entered into the forum.[code]<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-Strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>Modders Back Door</title><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><style type="text/css"><!--@import url("style2.css");--></style></head><body> <div id="banner"><img src="photos/banner.jpg" alt="banner"></img> </div> <div id="Contentindex"><p class="headermain"></p></p> <!--header text --><?php $page_title = 'index';if (isset($_POST['submit'])) { require_once('../db_connect.php');//validate user inputif(!empty($_POST['name'])){ $e = escape_data($_POST['name']);}else{ echo '<p><font color="red">You forgot to enter your name</font></p>'; $e= FALSE;}if(!empty($_POST['password'])) { $p = escape_data($_POST['password']);}else{ $p = FALSE; echo '<p><font color="red">You forgot to enter your password</font></p>';}if($e && $p) { $query = "SELECT Name, password From users WHERE (email='$e' AND pass=SHA($p)) AND active IS NULL"; $result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error()); if(@mysql_num_rows($result) == 1) { //match was made //register the values and redirect $row = mysql_fetch_array($result, MYSQL_NUM); mysql_free_result($result); mysql_close(); //cose database connection $_SESSION['Name']=$row[1]; $_SESSION['ID'] = $row[0]; //defin the url $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); //check for slashes if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\')) { $url = substr ($url, 0, -1); } $url .='/home.php'; ob_end_clean(); header("Location: $url"); exit(); } else{ //nomatch echo '<p><font color="red" size="+1"> Either your name or password was entered incorrect</font></p>'; } } else { echo '<p><font color="red" size="+1">Please try again</font></p>'; } mysql_close(); //closed the database connection}//end of script?><!-- beggining of the forum --><form action="index.php" method="post"><h3>To Enter, please enter your username and password to enter.</h3><fieldset> <p class="headermain"<?php print $nosuccess[0];?>> <b>Name:</b> <input type="text" name="name" value="<?php if (!empty($_POST['name'])) Echo $_POST['name'];?>" size="20" maxlength="40" /></p><p class="headermain" <?php print $nosuccess[2];?>> <b>Password:</b> <input type="text" name="password" value="<?php if (!empty($_POST['password'])) Echo $_POST['password'];?>"size="20" maxlength="40" /></p><p class="headermain">If you havent registered to so <a href="register.php" \>here,</a> its free. </p><div><input type="submit" name="submit" value="Login" /><p class="Veiw">You Are Veiwing this page from: <?php echo $_SERVER['PHP_SELF'];?> </p></div> </fieldset> </form></body></html><?php // send buffer ob_end_flush(); ?>[/code]the error i recive is this:Notice: Query: SELECT Name, password From users WHERE (email='dustin' AND pass=SHA(google)) AND active IS NULL MySQL Error: Unknown column 'pass' in 'where clause' in C:\web\index.php on line 59Either your name or password was entered incorrectok now i know the username is correct and the pw cause it shows it in phpmyadmin. please help me.thx Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/ Share on other sites More sharing options...
trq Posted December 10, 2006 Share Posted December 10, 2006 The error is saying there is no field called pass. Are you sure there is a filed called pass? Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/#findComment-138637 Share on other sites More sharing options...
KillerWolf Posted December 10, 2006 Author Share Posted December 10, 2006 its in the query statment $query = "SELECT Name, password From users WHERE (email='$e' AND pass=SHA($p)) AND active IS NULLis that what your thinkin of?but pass is a funtion in php. Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/#findComment-138641 Share on other sites More sharing options...
alpine Posted December 10, 2006 Share Posted December 10, 2006 As Thorpe was assuming, The error is saying that there is no column named 'pass' in your mysql table 'users' - check what it's real name is and adjust your query to suit.You will also most lightly need quotes around the sha part -> AND pass_whatever_name_it_has = 'sha($p)' Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/#findComment-138644 Share on other sites More sharing options...
KillerWolf Posted December 10, 2006 Author Share Posted December 10, 2006 cool that fixes the error but it still will not allow me to log in with the username and password that is in the database why is that?i changed the line 59 to:[code]$query = "SELECT Name, password From users WHERE (email='$e' AND password='SHA($p)')";[/code] Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/#findComment-138652 Share on other sites More sharing options...
KillerWolf Posted December 10, 2006 Author Share Posted December 10, 2006 i just thought maby their is somthing wrong with my register page so here is what it looks like[code]<?php // start bufferob_start(); ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-Strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>Modders Back Door</title><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><style type="text/css"><!--@import url("style2.css");--></style></head><body><!--Menu space below --><!--<ul> <li><a href="index.php">Home</a></li> <li><a href="linuxmods.php">Linux modds</a></li> <li><a href="windows.php">Window modds</a></li> <li><a href="contact.php">Contact Us</a></li> </ul> --><!--ULR of the day --> <div id="banner"><img src="photos/banner.jpg" alt="banner"></img> </div> <div id="Contentindex"><p class="headermain"></p><p class="Veiw">You Are Veiwing this page from: <?php echo $_SERVER['PHP_SELF'];?> </p> </p> <!--header text --><?php //start cookie ob_start(); // Get info. $name = trim($_POST["name"]); $email = trim($_POST["email"]); $password1 = trim($_POST["password1"]); $password2 = trim($_POST["password2"]); $months = array (1 => 'January', 'Febuary', 'March', 'April', 'May', 'June', 'July', 'August', 'September', 'October', 'November', 'December'); //message that is displayed on the screen when mail is sent. $success_message="<b>Your message has been sent. Thank you for input.</b>"; if ($_POST['submit']) { // Check for spaces in the username. if (!stristr($name, " ") === FALSE) { header("Location: index.php?spaces"); } // Check that the username is at least 3 characters. else if (strlen($name) < 3) { header("Location: register.php?noname"); } // Check that the email address is valid. Must have a '@', and '.' and be at least [email protected] long. else if (stristr($email, "@") === FALSE || stristr($email, ".") === FALSE || strlen($email) < 8) { header("Location: index.php?noemail"); } else if ($password1 == NULL) { header("Location: index.php?nocpass"); } else if ($password2 == NULL) { header("Location: index.php?nocpass"); } else if ($password1 <> $password2) { header("Location: index.php?nomatch"); } // Add info to database. else { include "../db_connect.php"; // charla changed this path... // Remove unwanted HTML from hosers submissions. $date = date("Y/m/d (H:i l dS of M)"); $name = strip_tags($name, ''); $email = strip_tags($email, ''); $password1 = strip_tags($password1, ''); $u_priv = "User"; $password = md5($password1); // Get the user's info. $q = mysql_query (" SELECT * FROM Users WHERE Name = '$name' "); // Count the number of rows returned. $count = mysql_num_rows($q); // The count should be zero. if ($count == 0) { // Insert info into table. $query="INSERT INTO users (Name, password, Email) VALUES ('$name', '$password', '$email')"; // charla took out user privs and added stuff $result=mysql_query($query); // this is error handling to make sure the insertion into the database works if (empty($result)) { // comment out the following line after debugging // comment out the following line after debugging die ("<p>The query failed: $query due to error <strong>".mysql_error(). " </strong></p>\n"); // leave this line in as a general error // leave this line in as a general error die("<p>Sorry, we could not find you in our database, please try later</p>\n"); } else { echo "Your email address has been updated.\n"; } // end else // Send a notification email to admin users. $q2 = mysql_query // changed this to name since user priv doesn't exist (" SELECT Name, Email FROM Users WHERE Name = '$name' "); $num_rows=mysql_num_rows($q2); while ($row = mysql_fetch_object($q2)) { $to_name = $row->name; $to_email = $row->email; $subject = "User pending approval"; $message = "Hi " . $to_name . ",\r\n"; $message .= "The following user has created an account on the system. "; $message .= "As an Admin user it would be great if you could check to "; $message .= "see if they still require approval, or indeed removal.\r\n \r\n"; $message .= "Username: " . $name . "\r\n"; $message .= "email: " . $email . "\r\n"; $message .= "Date: " . $date . "\r\n \r\n"; $message .= "Thank you.\r\n"; $message .= "---------------------------------------\r\n"; $message .= ""; $header = "From: <[email protected]>"; mail($to_email, $subject, $message, $header); } // Forward the user elsewhere. echo "oh this didn't work either"; //header("Location: index.php?pending");} else { // Forward the user elsewhere. echo "sorry, name taken, didn't work"; // header("Location: index.php?nametaken"); } }}?><form action="<?php $_SERVER['PHP_SELF']?>" method="post"><h2>To Enter, please enter your information</h2><fieldset> <p class="headermain"<?php print $nosuccess[0];?>> <b>Name:</b> <input type="text" name="name" value="<?php if (!empty($_POST['name'])) Echo $_POST['name'];?>" size="20" maxlength="40" /></p><p class="headermain" <?php print $nosuccess[1];?>> <b>Email:</b><input type="text" name="email" value="<?php if (!empty($_POST['email'])) Echo $_POST['email'];?>"size="20" maxlength="40" /></p><p class="headermain" <?php print $nosuccess[2];?>> <b>Password:</b> <input type="text" name="password1" value="<?php if (!empty($_POST['password'])) Echo $_POST['password1'];?>"size="20" maxlength="40" /></p><p class="headermain" <?php print $nosuccess[3];?>> <b>Re-Enter Password:</b> <input type="text" name="password2" value="<?php if (!empty($_POST['password'])) Echo $_POST['password2'];?>"size="20" maxlength="40" /></p><p class="headermain"> <b>Choose your birthday:</b> <?php echo '<select name="month">';foreach ($months as $key => $value) { echo "<option value=\"$key\">$value</option>\n"; } print '</select>';echo '<select name="day">';for ($day = 1; $day <= 31; $day++){ echo"<option value=\"$day\">$day</option>\n"; }echo '</select>';echo '<select name="year">';for ($year=2006; $year >= 1900; $year--){ echo"<option value=\"$year\">$year</option>\n";}echo '</select>'; ob_end_flush(); ?></p> <div><input type="submit" name="submit" value="submit" /></div> </fieldset> </form></body></html>[/code] Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/#findComment-138655 Share on other sites More sharing options...
alpine Posted December 10, 2006 Share Posted December 10, 2006 You use md5 as hash to store the password, then use md5 when matching:[code]<?php$query = "SELECT Name, password From users WHERE (email='$e' AND password='md5($p)')";?>[/code] Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/#findComment-138659 Share on other sites More sharing options...
KillerWolf Posted December 10, 2006 Author Share Posted December 10, 2006 cool but it still gives me the incorrect pw and name any ideas? Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/#findComment-138663 Share on other sites More sharing options...
alpine Posted December 10, 2006 Share Posted December 10, 2006 on a closer look, shouldn't you match for 'Name' instead of 'email' against $e in your query ? Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/#findComment-138664 Share on other sites More sharing options...
KillerWolf Posted December 10, 2006 Author Share Posted December 10, 2006 thx for the help so far guys this is now what i have for code[code]<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-Strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>Modders Back Door</title><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><style type="text/css"><!--@import url("style2.css");--></style></head><body> <div id="banner"><img src="photos/banner.jpg" alt="banner"></img> </div> <div id="Contentindex"><p class="headermain"></p></p> <!--header text --><?php $page_title = 'index';if (isset($_POST['submit'])) { require_once('../db_connect.php');//validate user inputif(!empty($_POST['name'])){ $e = escape_data($_POST['Name']);}else{ echo '<p><font color="red">You forgot to enter your name</font></p>'; $e= FALSE;}if(!empty($_POST['password'])) { $p = escape_data($_POST['password']);}else{ $p = FALSE; echo '<p><font color="red">You forgot to enter your password</font></p>';}if($e && $p) { $query = "SELECT Name, password From users WHERE (Name='$e' AND password='md5($p)')"; $result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error()); if(@mysql_num_rows($result) == 1) { //match was made //register the values and redirect $row = mysql_fetch_array($result, MYSQL_NUM); mysql_free_result($result); mysql_close(); //cose database connection $_SESSION['Name']=$row[1]; $_SESSION['ID'] = $row[0]; //defin the url $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); //check for slashes if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\')) { $url = substr ($url, 0, -1); } $url .='home.php'; ob_end_clean(); header("Location: $url"); exit(); } else{ //nomatch echo '<p><font color="red" size="+1"> Either your name or password was entered incorrect</font></p>'; } } else { echo '<p><font color="red" size="+1">Please try again</font></p>'; } mysql_close(); //closed the database connection}//end of script?><!-- beggining of the forum --><form action="index.php" method="post"><h3>To Enter, please enter your username and password to enter.</h3><fieldset> <p class="headermain"<?php print $nosuccess[0];?>> <b>Name:</b> <input type="text" name="name" value="<?php if (!empty($_POST['name'])) Echo $_POST['name'];?>" size="20" maxlength="40" /></p><p class="headermain" <?php print $nosuccess[2];?>> <b>Password:</b> <input type="text" name="password" value="<?php if (!empty($_POST['password'])) Echo $_POST['password'];?>"size="20" maxlength="40" /></p><p class="headermain">If you havent registered to so <a href="register.php" \>here,</a> its free. </p><div><input type="submit" name="submit" value="Login" /><p class="Veiw">You Are Veiwing this page from: <?php echo $_SERVER['PHP_SELF'];?> </p></div> </fieldset> </form></body></html><?php // send buffer ob_end_flush(); ?>[/code]now it jumps to the please try again, instead of forwarding me to home.php Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/#findComment-138679 Share on other sites More sharing options...
trq Posted December 10, 2006 Share Posted December 10, 2006 md5 is a php function not mysql. Also note that [i]password[/i] is a reserved word in mysql. Try...[code=php:0]$query = "SELECT Name, `password` From users WHERE Name = '$e' AND `password` = '" . md5($p) . "'";[/code] Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/#findComment-138686 Share on other sites More sharing options...
KillerWolf Posted December 11, 2006 Author Share Posted December 11, 2006 good idea probly save me some time but that still didnt fix the problem Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/#findComment-138696 Share on other sites More sharing options...
trq Posted December 11, 2006 Share Posted December 11, 2006 Well, that could meen one of two things. Either there are no users meating the criteria, or there are more than one. Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/#findComment-138699 Share on other sites More sharing options...
KillerWolf Posted December 11, 2006 Author Share Posted December 11, 2006 hmmm well i know thats all right but here is a dump file of the table iam still stumped.[code]-- phpMyAdmin SQL Dump-- version 2.9.0.3-- http://www.phpmyadmin.net-- -- Host: localhost-- Generation Time: Dec 10, 2006 at 04:40 PM-- Server version: 5.0.27-- PHP Version: 5.2.0-- -- Database: `mbdoor`-- -- ---------------------------------------------------------- -- Table structure for table `users`-- CREATE TABLE `users` ( `ID` int(4) NOT NULL auto_increment, `Name` varchar(40) NOT NULL, `password` varchar(40) NOT NULL, `Email` varchar(50) NOT NULL, PRIMARY KEY (`ID`)) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=3 ;-- -- Dumping data for table `users`-- INSERT INTO `users` (`ID`, `Name`, `password`, `Email`) VALUES (2, 'dustin', 'c822c1b63853ed273b89687ac505f9fa', '[email protected]');[/code] Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/#findComment-138706 Share on other sites More sharing options...
KillerWolf Posted December 11, 2006 Author Share Posted December 11, 2006 anyone? iam still stuck ??? Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/#findComment-138824 Share on other sites More sharing options...
trq Posted December 11, 2006 Share Posted December 11, 2006 Post your current code. Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/#findComment-138885 Share on other sites More sharing options...
KillerWolf Posted December 11, 2006 Author Share Posted December 11, 2006 ok heres my current code the index page as follows:[code]<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-Strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>Modders Back Door</title><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><style type="text/css"><!--@import url("style2.css");--></style></head><body> <div id="banner"><img src="photos/banner.jpg" alt="banner"></img> </div> <div id="Contentindex"><p class="headermain"></p></p> <!--header text --><?php $page_title = 'index';if (isset($_POST['submit'])) { require_once('../db_connect.php');//validate user inputif(!empty($_POST['name'])){ $e = escape_data($_POST['Name']);}else{ echo '<p><font color="red">You forgot to enter your name</font></p>'; $e= FALSE;}if(!empty($_POST['password'])) { $p = escape_data($_POST['password']);}else{ $p = FALSE; echo '<p><font color="red">You forgot to enter your password</font></p>';}if($e && $p) { //$query = "SELECT Name, 'password' From users WHERE (Name='$e' AND 'password'='md5($p)')"; $query = "SELECT Name, `password` From users WHERE Name = '$e' AND `password` = '" . md5($p) . "'"; $result = mysql_query ($query) or trigger_error("Query: $query\n<br />MySQL Error: " . mysql_error()); if(@mysql_num_rows($result) == 1) { //match was made //register the values and redirect $row = mysql_fetch_array($result, MYSQL_NUM); mysql_free_result($result); mysql_close(); //cose database connection $_SESSION['Name']=$row[1]; $_SESSION['ID'] = $row[0]; //defin the url $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); //check for slashes if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\')) { $url = substr ($url, 0, -1); } $url .='home.php'; ob_end_clean(); header("Location: $url"); exit(); } else{ //nomatch echo '<p><font color="red" size="+1"> Either your name or password was entered incorrect</font></p>'; } } else { echo '<p><font color="red" size="+1">Please try again</font></p>'; } mysql_close(); //closed the database connection}//end of script?><!-- beggining of the forum --><form action="index.php" method="post"><h3>To Enter, please enter your username and password to enter.</h3><fieldset> <p class="headermain"<?php print $nosuccess[0];?>> <b>Name:</b> <input type="text" name="name" value="<?php if (!empty($_POST['name'])) Echo $_POST['name'];?>" size="20" maxlength="40" /></p><p class="headermain" <?php print $nosuccess[2];?>> <b>Password:</b> <input type="text" name="password" value="<?php if (!empty($_POST['password'])) Echo $_POST['password'];?>"size="20" maxlength="40" /></p><p class="headermain">If you havent registered to so <a href="register.php" \>here,</a> its free. </p><div><input type="submit" name="submit" value="Login" /><p class="Veiw">You Are Veiwing this page from: <?php echo $_SERVER['PHP_SELF'];?> </p></div> </fieldset> </form></body></html><?php // send buffer ob_end_flush(); ?>[/code]the register page:[code]<?php // start bufferob_start(); ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-Strict.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>Modders Back Door</title><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><style type="text/css"><!--@import url("style2.css");--></style></head><body><!--Menu space below --><!--<ul> <li><a href="index.php">Home</a></li> <li><a href="linuxmods.php">Linux modds</a></li> <li><a href="windows.php">Window modds</a></li> <li><a href="contact.php">Contact Us</a></li> </ul> --><!--ULR of the day --> <div id="banner"><img src="photos/banner.jpg" alt="banner"></img> </div> <div id="Contentindex"><p class="headermain"></p><p class="Veiw">You Are Veiwing this page from: <?php echo $_SERVER['PHP_SELF'];?> </p> </p> <!--header text --><?php //start cookie ob_start(); // Get info. $name = trim($_POST["name"]); $email = trim($_POST["email"]); $password1 = trim($_POST["password1"]); $password2 = trim($_POST["password2"]); $months = array (1 => 'January', 'Febuary', 'March', 'April', 'May', 'June', 'July', 'August', 'September', 'October', 'November', 'December'); //message that is displayed on the screen when mail is sent. $success_message="<b>Your message has been sent. Thank you for input.</b>"; if ($_POST['submit']) { // Check for spaces in the username. if (!stristr($name, " ") === FALSE) { header("Location: index.php?spaces"); } // Check that the username is at least 3 characters. else if (strlen($name) < 3) { header("Location: register.php?noname"); } // Check that the email address is valid. Must have a '@', and '.' and be at least [email protected] long. else if (stristr($email, "@") === FALSE || stristr($email, ".") === FALSE || strlen($email) < 8) { header("Location: index.php?noemail"); } else if ($password1 == NULL) { header("Location: index.php?nocpass"); } else if ($password2 == NULL) { header("Location: index.php?nocpass"); } else if ($password1 <> $password2) { header("Location: index.php?nomatch"); } // Add info to database. else { include "../db_connect.php"; // charla changed this path... // Remove unwanted HTML from hosers submissions. $date = date("Y/m/d (H:i l dS of M)"); $name = strip_tags($name, ''); $email = strip_tags($email, ''); $password1 = strip_tags($password1, ''); $u_priv = "User"; $password = md5($password1); // Get the user's info. $q = mysql_query (" SELECT * FROM Users WHERE Name = '$name' "); // Count the number of rows returned. $count = mysql_num_rows($q); // The count should be zero. if ($count == 0) { // Insert info into table. $query="INSERT INTO users (Name, password, Email) VALUES ('$name', '$password', '$email')"; // charla took out user privs and added stuff $result=mysql_query($query); // this is error handling to make sure the insertion into the database works if (empty($result)) { // comment out the following line after debugging // comment out the following line after debugging die ("<p>The query failed: $query due to error <strong>".mysql_error(). " </strong></p>\n"); // leave this line in as a general error // leave this line in as a general error die("<p>Sorry, we could not find you in our database, please try later</p>\n"); } else { echo "Your email address has been updated.\n"; } // end else // Send a notification email to admin users. $q2 = mysql_query // changed this to name since user priv doesn't exist (" SELECT Name, Email FROM Users WHERE Name = '$name' "); $num_rows=mysql_num_rows($q2); while ($row = mysql_fetch_object($q2)) { $to_name = $row->name; $to_email = $row->email; $subject = "User pending approval"; $message = "Hi " . $to_name . ",\r\n"; $message .= "The following user has created an account on the system. "; $message .= "As an Admin user it would be great if you could check to "; $message .= "see if they still require approval, or indeed removal.\r\n \r\n"; $message .= "Username: " . $name . "\r\n"; $message .= "email: " . $email . "\r\n"; $message .= "Date: " . $date . "\r\n \r\n"; $message .= "Thank you.\r\n"; $message .= "---------------------------------------\r\n"; $message .= ""; $header = "From: <[email protected]>"; mail($to_email, $subject, $message, $header); } // Forward the user elsewhere. echo "oh this didn't work either"; //header("Location: index.php?pending");} else { // Forward the user elsewhere. echo "sorry, name taken, didn't work"; // header("Location: index.php?nametaken"); } }}?><form action="<?php $_SERVER['PHP_SELF']?>" method="post"><h2>To Enter, please enter your information</h2><fieldset> <p class="headermain"<?php print $nosuccess[0];?>> <b>Name:</b> <input type="text" name="name" value="<?php if (!empty($_POST['name'])) Echo $_POST['name'];?>" size="20" maxlength="40" /></p><p class="headermain" <?php print $nosuccess[1];?>> <b>Email:</b><input type="text" name="email" value="<?php if (!empty($_POST['email'])) Echo $_POST['email'];?>"size="20" maxlength="40" /></p><p class="headermain" <?php print $nosuccess[2];?>> <b>Password:</b> <input type="text" name="password1" value="<?php if (!empty($_POST['password'])) Echo $_POST['password1'];?>"size="20" maxlength="40" /></p><p class="headermain" <?php print $nosuccess[3];?>> <b>Re-Enter Password:</b> <input type="text" name="password2" value="<?php if (!empty($_POST['password'])) Echo $_POST['password2'];?>"size="20" maxlength="40" /></p><p class="headermain"> <b>Choose your birthday:</b> <?php echo '<select name="month">';foreach ($months as $key => $value) { echo "<option value=\"$key\">$value</option>\n"; } print '</select>';echo '<select name="day">';for ($day = 1; $day <= 31; $day++){ echo"<option value=\"$day\">$day</option>\n"; }echo '</select>';echo '<select name="year">';for ($year=2006; $year >= 1900; $year--){ echo"<option value=\"$year\">$year</option>\n";}echo '</select>'; ob_end_flush(); ?></p> <div><input type="submit" name="submit" value="submit" /></div> </fieldset> </form></body></html>[/code] Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/#findComment-139186 Share on other sites More sharing options...
KillerWolf Posted December 11, 2006 Author Share Posted December 11, 2006 sweet i figured it out thx for all the help Link to comment https://forums.phpfreaks.com/topic/30162-solved-my-logg-in-page-please-help/#findComment-139308 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.