Jump to content

[SOLVED] Wierd Login Behavior

tqla

By tqla
in PHP Coding Help

 Share

Recommended Posts

tqla Advanced Member

tqla

Posted
Posted

Hi. I have a registration script that allows someon to register to my site. After the register they are taken to a login script which consists of a username and password field.

 

Simple enough.

 

Here's the weird thing. They can login just fine. But only once!?! The next time they try and login in it fails to execute the query.

 

Does this sound familiar to anyone?

Link to comment
Share on other sites
tqla Advanced Member

tqla

Posted
  • Author
Posted

hi MadTechie. Here's the code.

 


<?php
ob_start(); 
  session_start();  
  ?>
<link href="styles.css" rel="stylesheet" type="text/css">
<html>
<body>
<div id="containerDiv">
<div id="header">
<h1>Become a member!</h1><p>Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Praesent quis quam nec metus accumsan imperdiet. Nulla nisl velit, feugiat sed, pellentesque nec, laoreet vitae, massa. Suspendisse potenti. Donec sit amet libero et nisl facilisis varius. Aliquam faucibus rhoncus velit. Nullam ligula urna, auctor vitae, bibendum tincidunt, egestas sit amet, neque. Nulla nunc lectus, luctus ut, adipiscing vitae, egestas in, quam. Fusce non diam. Quisque diam. Fusce urna magna, aliquam cursus, suscipit sit amet, porta in, arcu. Cras eleifend, turpis id dictum fringilla, sapien enim placerat nisl, mollis congue nisl pede nec purus. Nam ante. Integer ipsum. Quisque vitae lorem. In non turpis. In tincidunt. Morbi at mauris. Praesent dignissim rutrum ligula.</p>
<div id="form">
<?php
                                 
  include("db.inc.php");                                    
  switch (@$_GET['do'])                                   
  {
    case "login":                                         
    

      $sql = "SELECT loginName FROM Member 
              WHERE loginName='$_POST[fusername]'";       
      $result = mysql_query($sql)
                  or die("Couldn't execute query.");      
      $num = mysql_num_rows($result);                     
      if ($num == 1)  // login name was found             
      {
         $sql = "SELECT loginName FROM Member 
                 WHERE loginName='$_POST[fusername]'
                 AND password='$_POST[fpassword]'";
         $result2 = mysql_query($sql)
                   or die("Couldn't execute query 2.");   
         $num2 = mysql_num_rows($result2);
         if ($num2 > 0)  // password is correct           
         {
           $_SESSION['auth']="yes";                       
           $logname=$_POST['fusername']; 
           $_SESSION['logname'] = $logname;               
           $today = date("Y-m-d h:i:s");                  
           $sql = "INSERT INTO Login (loginName,loginTime)
                   VALUES ('$logname','$today')";
           mysql_query($sql) or die("Can't execute query.");
           header("Location: Member_page.php");           
         }
         else    // password is not correct               
         {
           unset($_GET['do']);                            
           $message="<p><font color=#ff0000>The Login Name, '$_POST[fusername]' 
                     exists, but you have not entered the 
                     correct password! Please try again.</font></p>";
           include("form.inc");                     
         } 
      }                                                   
      elseif ($num == 0)  // login name not found         
      {   
         unset($_GET['do']);                              
         $message = "<p><font color=#ff0000>The Login Name you entered does not 
                     exist! Please try again.</font></p>";
         include("form.inc");
      }
    break;                                                

    case "new":                                           
      foreach($_POST as $field => $value)                 
      {
        if ($field != "fax")                              
        {
          if ($value == "")                               
          {
            unset($_GET['do']);
            $message_new = "<p><font color=#ff0000>Required information is missing. Please try again.</font></p>";
            include("form.inc");
            exit();
          }
        }
        if (ereg("(Name)",$field))                        
        {
         /*if (!ereg("^[A-Za-z' -]{1,50}$",$value)) 
         {
           unset($_GET['do']);
           $message_new = "$field is not a valid name. 
                            Please try again.";
           include("form.inc");
           exit();
         }*/
        }
        $$field = strip_tags(trim($value));               
      } // end foreach
      if (!ereg("^[0-9]{5,5}(\-[0-9]{4,4})?$",$zip))      
      {
        unset($_GET['do']);
        $message_new = "<p><font color=#ff0000>$zip is not a valid zip code. 
                        Please try again.</font></p>";
        include("form.inc");
        exit();
      }
      if (!ereg("^[0-9)(xX -]{7,20}$",$phone))            
      {
        unset($_GET['do']);
        $message_new = "<p><font color=#ff0000>$phone is not a valid phone number. 
                        Please try again.</font></p>";
        include("form.inc");
        exit();
      }
      if ($fax != "")                                    
      {
        if (!ereg("^[0-9)(xX -]{7,20}$",$fax)) 
        {
          unset($_GET['do']);
          $message_new = "<p><font color=#ff0000>$fax is not a valid phone number. 
                           Please try again.</font></p>";
          include("form.inc");
          exit();
        }
      }
      if (!ereg("^.+@.+\\..+$",$email))                  
      {
        unset($_GET['do']);
        $message_new = "<p><font color=#ff0000>$email is not a valid email address. 
                         Please try again.</font></p>";
        include("form.inc");
        exit();
      }                                                  
      /* check to see if login name already exists */

      $sql = "SELECT loginName FROM Member 
                WHERE loginName='$newname'";
      $result = mysql_query($sql)
                or die("Couldn't execute query.");
      $num = mysql_numrows($result);
      if ($num > 0)                                      
      {
        unset($_GET['do']);
        $message_new = "<p><font color=#ff0000>$newname already used. Select another
                         Member ID.</font></p>";
        include("form.inc");
        exit();
      }
      else                                               
      {   
        $today = date("Y-m-d");                          
        $sql = "INSERT INTO Member (loginName,createDate,
                  password,firstName,lastName,street,city,
                  state,zip,phone,fax,email) VALUES
                ('$newname','$today','$newpass',
                 '$firstName', '$lastName','$street','$city',
                 '$state','$zip','$phone','$fax','$email')";
        mysql_query($sql);                               
        $_SESSION['auth']="yes";                         
        $_SESSION['logname'] = $newname;                 
        /* send email to new member */                   
        $emess = "A new Member Account has been setup. ";
        $emess.= "Your new username and password are: ";
        $emess.= "\n\n\tUsername: $newname\n\t Password: $password\n\n";
        $emess.= "If you have any questions or problems,";
        $emess.= " email xxx@xxx.com";
        $ehead="From: xxx@xxx.com\r\n";     
        $subj = "Your new Member Account";
        $mailsend=mail("$email","$subj","$emess","$ehead");
        header("Location: New_member.php");              
      }
    break;                                               

    default:                                             
        include("form.inc");
  }
  ob_end_flush(); 
?>


</div>
</div>
</div>
</body>
</html>

 

 

 

Here's the Form code if needed

 


<?php
include("states.inc");                             
?>
<style type="text/css">
<!--
.style1 {color: #FF0000}
-->
</style>


<table width="100%" border="0" align="center" cellpadding="0" cellspacing="0">

<tr>
       <td width="35%" valign="top">
         <p><h1>Member Login</h1></p>
         <form action="Login.php?do=login" method="POST">
           <table border="0">
<?php                                                   
            if (isset($message))
             echo "<tr><td colspan='2'>$message </td></tr>";
?>
           <tr><td align=left>             
             <p align="right"><b>Username</b>
             </p>
          </td>
             <td width="162"><input type="text" name="fusername" 
                      size="20" maxsize="20">
             </td></tr>
           <tr><td width="78" align="left">
             <p align="right"><b>Password</b></p>
             </td>
             <td><input type="password" name="fpassword" 
                        size="20" maxsize="20"></td></tr>
           <tr><td align="left"> </td>
             <td align="left"><p><a href="ForgotPassword.php">Forgot Password</a></p>             </td>
           </tr>
           <tr>
             <td align="left" colspan="2"><input type="submit" name="log" 
                           value="Enter"></td>
           </tr>
         </table>
         </form>     </td>
       
       <td width="65%">
         <p><h1>Register</h1> 
             </b>




<!-- form for new member to fill in -->
        <form action="Login.php?do=new" method="POST">
          <table border="0">
<?php
            if (isset($message_new))                    
               echo "<tr><td colspan='2'>$message_new
                         </td></tr>";
?>
        <tr>
          <td align="right"><p><b><span class="style1">*</span>Username</b></p></td>
          <td><input type="text" name="newname" 
                   value="<?php echo @$newname ?>" 
                   size="20" maxlength="20"></td></tr>
           <tr><td align="right"><p><b><span class="style1">*</span>Password</b></p></td>
               <td><input type="password" name="newpass" 
                          value="<?php echo @$newpass ?>" 
                          size="10" maxlength="8"></td></tr>
           <tr><td align="right"><p><b><span class="style1">*</span>First Name</b></p></td>
               <td><input type="text" name="firstName" 
                          value="<?php echo @$firstName ?>"
                          size="40" maxlength="40"></td></tr>
           <tr>
             <td align="right"><p><b><span class="style1">*</span>Last Name</b></p></td>
             <td><input type="text" name="lastName" 
                          value="<?php echo @$lastName ?>"
                          size="40" maxlength="40"></td></tr>
           <tr>
             <td align="right"><p><b><span class="style1">*</span>Street</b></p></td>
             <td><input type="text" name="street" 
                          value="<?php echo @$street ?>"
                          size="55" maxlength="50"></td></tr>
           <tr>
             <td align="right"><p><b><span class="style1">*</span>City</b></p></td>
             <td><input type="text" name="city" 
                          value="<?php echo @$city ?>"
                          size="40" maxlength="40"></td></tr>
           <tr>
             <td align="right"><p><b><span class="style1">*</span>State</b></p></td>
             <td>    <p>
                <select name="state"> 
                  <?php
                   $stateName=getStateName();           
                   $stateCode=getStateCode();           
                   for ($n=1;$n<=50;$n++)  
                   {
                      $state=$stateName[$n];
                      $scode=$stateCode[$n];
                      echo "<option value='$scode'";
                      if ($scode== "AL") 
                          echo " selected";
                      echo ">$state\n";
                   }
?>
                </select>
                   <span class="style1">*</span><b>Zip</b>                
                <input type="text" name="zip" 
                         value="<?php echo @$zip ?>"
                         size="10" maxsize="10">
             </p></td>
           </tr>
           <tr>
             <td align=right><p><b><span class="style1">*</span>Phone</b></p></td>
             <td><input type="test" name="phone" 
                          value="<?php echo @$phone ?>" 
                          size="15" maxlength="20">
<!--                      <b>Fax</b>
                   <input type="text" name="fax" 
                        value="<?php echo @$fax ?>"
                        size="15" maxlength="20"></td></tr>
-->
           <tr>
             <td align=right><p><b><span class="style1">*</span>Email</b></p></td>
             <td><input type="test" name="email" 
                        value="<?php echo @$email ?>"
                        size="55" maxlength="67"></td></tr>

           <tr>
             <td colspan="2"> <p><b><span class="style1">*</span></b><span class="style1"> required</span> </p>
               <p>
                    <input type="submit" 
                          value="Become a Member">
             </p></td></tr>
         </table>
        </form>
       </td>
  </tr>
</table>

 

Link to comment
Share on other sites
MadTechie Regular Member

MadTechie

Posted
Posted

OK i think the problem is here

if ($num2 > 0)  // password is correct           
         {
           $_SESSION['auth']="yes";                       
           $logname=$_POST['fusername']; 
           $_SESSION['logname'] = $logname;               
           $today = date("Y-m-d h:i:s");                  
           $sql = "INSERT INTO Login (loginName,loginTime)
                   VALUES ('$logname','$today')";
           mysql_query($sql) or die("Can't execute query."); //<---HERE
           header("Location: Member_page.php");           
         }

 

Try commenting it out and see if the 2nd login works (were resolve the problem if this is it but we need to check to see if this is the problem first)

 

also add some error checking

change

mysql_query($sql) or die("Can't execute query."); //<---HERE

to

#mysql_query($sql) or die(mysql_error()); //<---HERE

 

if it works remove the # and try again.. and post the error

Link to comment
Share on other sites
tqla Advanced Member

tqla

Posted
  • Author
Posted

Thank you! thank you! thank you MadTechie!

 

It wasn't the if ($num2 > 0) part but I took your advice and added the Error Checking and it turned out that my table was called Login not login (caps thing).

 

Thanks again. Whew.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.