Jump to content

[SOLVED] Creating a member control panel

L

By L
in PHP Coding Help

Recommended Posts

L Member

L

Posted
  • Author
Posted

i took the $start line and put it right under the doctype in my index, and i change the isset. Only one problem is solved, i log in. The main part isn't solved whihc is 3/4 of my page not showing up and the Wrong User or pass echo that shows up when the page is seen before an attempt at logging in.

  • Replies 76
  • Created
  • Last Reply
L Member

L

Posted
  • Author
Posted 

<?php
include ('database.php');
//Make the query to the database to get the users information
$query = mysql_query("SELECT * FROM users WHERE userid='$userID'")or die(mysql_error());
$row = mysql_fetch_assoc($query);

//This is example information that you could echo out.
echo '<b>Username:</b> '.$row['username'].'</b><br>';
echo '<b>Email:</b> '.$row['email'].'</b>';
echo '<b>Registration Date:</b> '.$row['date'].'</b>';

?>

EDIT:

But what about my index...how come none of it's showing except the login?

EDIT 2:

Nm, it was just an issue of includes...and i had a session started twice :-[

EDIT 3: Changed code to look more like what I want.

L Member

L

Posted
  • Author
Posted

hmm...still blank....and no it looks like it isn't being checked againt database...ill try fixing that

EDIT:

Here's the code

<?php
session_start();
$userID = $_SESSION['userid'];
include ('database.php');
//Make the query to the database to get the users information


$query = mysql_query("SELECT * FROM users WHERE userid='$userID'")or die(mysql_error());
$row = mysql_fetch_assoc($query);

//This is example information that you could echo out.
echo '<b>Username:</b> '.$row['username'].'</b><br>';
echo '<b>Email:</b> '.$row['email'].'<br />';
echo '<b>Registration Date:</b> '.$row['date'].'</b>';

?>

L Member

L

Posted
  • Author
Posted

yah but when i do that the page, including the login, disapears...heres my login script.

<?php

if (ISSET($_POST['sublogin']) || $_POST['sublogin'] == "Login")
{
// Recreation of variables for later encryption uses the $_POST  will be replaced with the decrypted source
$username = trim($_POST['username']);
$password =  trim($_POST['password']);
$cryptpassword = md5($password);
$url = '/cp.php?user=$username';
$sql="SELECT `userid` FROM $table WHERE username='$username' and password='$cryptpassword'";
//Connects to DB
require("database.php");

$table = "users";


// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
$storage=  mysql_fetch_array($result);


// If result matched $myusername and $mypassword, table row must be 1 row
if($count==1)
{
// Registers sesions and redirect to file "login_success.php"

//Sessions here

   $_SESSION['username'] = $_POST['username'];
  $_SESSION['userid'] = storage['UserID'];
   
header("location: $url");
}
else 	
{
echo "Wrong Username or Password";
}
}
?>



<form action="cp.php" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td></tr><tr><td><input type="text" name="username" size="15" maxlength="30"/></td></tr>
<tr><td>Password:</td></tr><tr><td><input type="password" name="password" size="15" maxlength="30"></td></tr><tr><td>
<input type="submit" name="sublogin" value="Login" style="font-size: 8pt; color: #000000; word-spacing: 0; margin-top: 0; margin-bottom: 0" /></td></tr>
</table>
</form>

mmarif4u Regular Member

mmarif4u

Posted
Posted

I edit ur both codes try it and let me know:

index.php

<?php
session_start();
if (ISSET($_POST['sublogin']))
{
// Recreation of variables for later encryption uses the $_POST  will be replaced with the decrypted source
$username = trim($_POST['username']);
$password =  trim($_POST['password']);
$cryptpassword = md5($password);
$url = '/cp.php?user=$username';
//Connects to DB
require("database.php");
$table = "users";

$sql="SELECT * FROM $table WHERE username='$username' and password='$cryptpassword'";


// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
$storage=  mysql_fetch_array($result);
$userID= $storage->userID;

// If result matched $myusername and $mypassword, table row must be 1 row
if(($count, >)>0)
{
// Registers sesions and redirect to file "login_success.php"

//Sessions here

   $_SESSION['username'] = $username;
   $_SESSION['userid'] = $userID;
   
header("location: $url");
}
else 	
{
echo "Wrong Username or Password";
}
}
?>



<form action="" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td></tr><tr><td><input type="text" name="username" size="15" maxlength="30"/></td></tr>
<tr><td>Password:</td></tr><tr><td><input type="password" name="password" size="15" maxlength="30"></td></tr><tr><td>
<input type="submit" name="sublogin" value="Login" style="font-size: 8pt; color: #000000; word-spacing: 0; margin-top: 0; margin-bottom: 0" /></td></tr>
</table>
</form>

 

cp.php

<?php
session_start();
$userID = $_SESSION['userid'];
include ('database.php');
//Make the query to the database to get the users information
if (isset($userID)){

$query = mysql_query("SELECT * FROM users WHERE userid='$userID'")or die(mysql_error());
$row = mysql_fetch_assoc($query);

//This is example information that you could echo out.
echo '<b>Username:</b> '.$row['username'].'</b><br>';
echo '<b>Email:</b> '.$row['email'].'<br />';
echo '<b>Registration Date:</b> '.$row['date'].'</b>';
}else
{ echo "You are not authorized to access this area directly";
}
?>

mmarif4u Regular Member

mmarif4u

Posted
Posted

Put this at very top of the page before any include or reqiure or sessions.

Other sessions will be very top of the page before any html doc or php code.

<?php
ini_set('display_errors','1');
error_reporting(E_ALL);
The rest of code.....
?>

L Member

L

Posted
  • Author
Posted

odd enough, it isn't showing any errors....maybe it might be cause im logged in?....let me clear my cookies and cache to make sure

here's my code to see if i just typed it wrong

<?php
ini_set('display_errors','1');
error_reporting(E_ALL);
session_start();
if (ISSET($_POST['sublogin']))
{
// Recreation of variables for later encryption uses the $_POST  will be replaced with the decrypted source
$username = trim($_POST['username']);
$password =  trim($_POST['password']);
$cryptpassword = md5($password);
$url = '/cp.php?user=$username';
//Connects to DB
require("database.php");
$table = "users";

$sql="SELECT * FROM $table WHERE username='$username' and password='$cryptpassword'";


// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
$storage=  mysql_fetch_array($result);
$userID= $storage->userID;

// If result matched $myusername and $mypassword, table row must be 1 row
if(($count, >)>0)
{
// Registers sesions and redirect to file "login_success.php"

//Sessions here

   $_SESSION['username'] = $username;
   $_SESSION['userid'] = $userID;
   
header("location: $url");
}
else 	
{
echo "Wrong Username or Password";
}
}
?>



<form action="" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td></tr><tr><td><input type="text" name="username" size="15" maxlength="30"/></td></tr>
<tr><td>Password:</td></tr><tr><td><input type="password" name="password" size="15" maxlength="30"></td></tr><tr><td>
<input type="submit" name="sublogin" value="Login" style="font-size: 8pt; color: #000000; word-spacing: 0; margin-top: 0; margin-bottom: 0" /></td></tr>
</table>
</form>

 

BIG EDIT:

I used another host and they gave me this error, "Parse error: syntax error, unexpected ',' in /hosted/subs/ulmb.com/i/n/infinitevortex/public_html/login.php on line 25"

L Member

L

Posted
  • Author
Posted

yah, but i'm also looking at the direct page at taizkul.prohosts.org/login.php, which has only the code here in the topic....also I got an error on anotehr host saying, "Parse error: syntax error, unexpected ',' in /hosted/subs/ulmb.com/i/n/infinitevortex/public_html/login.php on line 25"

pocobueno1388 Regular Member

pocobueno1388

Posted
Posted

Try this code:

 

<?php

session_start();
if (ISSET($_POST['sublogin']))
{
// Recreation of variables for later encryption uses the $_POST  will be replaced with the decrypted source
$username = trim($_POST['username']);
$password =  trim($_POST['password']);
$cryptpassword = md5($password);
$url = '/cp.php?user=$username';
//Connects to DB
require("database.php");
$table = "users";

$sql="SELECT * FROM $table WHERE username='$username' and password='$cryptpassword'";
$result = mysql_query($sql);


$storage=  mysql_fetch_assoc($result);
$userID= $storage['userID'];

// If result matched $myusername and $mypassword, table row must be 1 row
if(mysql_num_rows($result) > 0)
{
// Registers sesions and redirect to file "login_success.php"

//Sessions here

   $_SESSION['username'] = $username;
   $_SESSION['userid'] = $userID;
   
header("location: $url");
}
else 	
{
echo "Wrong Username or Password";
}
}
?>



<form action="" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td></tr><tr><td><input type="text" name="username" size="15" maxlength="30"/></td></tr>
<tr><td>Password:</td></tr><tr><td><input type="password" name="password" size="15" maxlength="30"></td></tr><tr><td>
<input type="submit" name="sublogin" value="Login" style="font-size: 8pt; color: #000000; word-spacing: 0; margin-top: 0; margin-bottom: 0" /></td></tr>
</table>
</form>

?>

L Member

L

Posted
  • Author
Posted

sweet it's showing up now!!! now i hope it works

EDIT:

It says I'm not authorized, even though I logged in using registered details....then it pointed me at the url: http://taizkul.prohosts.org/cp.php?user=$username

Something is wrong cause shouldn't the $username be L?

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.