Jump to content

Help With Login Code

iisthesloth

By iisthesloth
in PHP Coding Help

 Share

Recommended Posts

iisthesloth Newbie

iisthesloth

Posted
Posted

Hey, for some reason everytime I try logging in, it is saying there is an incorrect password or email, though there is not. Can anyone find an error which may cause this? Thanks alot...

 

<?
if (isset($_POST['submitted'])) {
require_once ('../mysql_rolldc_connect.php');
  if (!empty($_POST['email'])) {
    $e = escape_data($_POST['email']);
  } else {
   echo "<script language='JavaScript'> alert('You forgot to enter your email address'); </script>";
   $e = FALSE;
}
   if (!empty($_POST['pass'])) {
    $p = escape_data($_POST['pass']);
  } else {
    echo "<script language='JavaScript'> loginView('toggleText'); </script>";
   $p = FALSE;
}

if ($e && $p) {
  $query = "SELECT user_id, first_name FROM users WHERE (email='$e' AND pass=SHA('$p')) AND active IS NULL";
   $result = mysql_query ($query) or trigger_error("Query: $query\n<br /> MySQL Error: " . mysql_error());
   
   if (@mysql_num_rows($result) == 1) {
    $row = mysql_fetch_array ($result, MYSQL_NUM);
 mysql_free_result($result);
 mysql_close();
 $_SESSION['first_name'] = $row[1];
 $_SESSION['user_id'] = $row[0];
 $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
   if ((substr($url, -1) == '/') OR (substr($url, -1) == '\\') ) {
   $url = substr ($url, 0, -1);
 }
 $url .= '/index1.php';
 ob_end_clean();
 header("Location: $url");
 exit();
  } else {
     echo "<script language='JavaScript'> alert('Incorrect Email or Password'); </script>";
  }
  } else {
  echo "<script language='JavaScript'> alert('Please try again'); </script>";
}
}
?>

<div id="interface">
  <ul>
   <li><a href="javascript:loginView('toggleText');" id="switch">Login</a><a href="#" id="forgotpass">Forgot Password?</a></li>
   <li><a href="/traderp/register.php">Register</a></li>
  </ul>
  
    <div class="loginTextarea" id="toggleText">
    <form action="index2.php" method="post">
     <div class="username"><h5>:: Email</h5>
      <input type="text" name="email" value="<? if (isset($_POST['email'])) echo $_POST['email']; ?>" class="username" rows="10" cols="10"></textarea></div>
     <div class="password"><h5 class="password">:: Password</h5>
      <input type="password" name="pass" class="password" rows="10" cols="10"></textarea>
       <input type="submit" name="submit" value="Login" />
       <input type="hidden" name="submitted" value="TRUE" /></div>
     </form>
    </div>
</div>

Link to comment
https://forums.phpfreaks.com/topic/62729-help-with-login-code/
Share on other sites
NerdConcepts Regular Member

NerdConcepts

Posted
Posted

I've set here and looked at your code, doesn't seem to be anything wrong with it, hows your database look? Maybe if I know what the fields in "users" look like maybe I can figure out what is going on.

 

Although I have never used NULL as a activation value. I tend to use something like "TRUE" if they are activated, just to give the field a value.

Link to comment
https://forums.phpfreaks.com/topic/62729-help-with-login-code/#findComment-312621
Share on other sites
iisthesloth Newbie

iisthesloth

Posted
  • Author
Posted

SHA1 didn't work, i'm sure its encoded with SHA though. However when I took the AND pass=SHA('$p') where it trys to match it, it gave me this error from the mysql_error() function...

 

 

 

Notice: Query: SELECT user_id, first_name FROM users WHERE (email='petesaia@comcast.net'))

MySQL Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1 in /home/.navigator/iisthesloth/rolldc.com/index2.php on line 56

Link to comment
https://forums.phpfreaks.com/topic/62729-help-with-login-code/#findComment-312645
Share on other sites
mrjcfreak Member

mrjcfreak

Posted
Posted

You have too many closing parentheses.

I meant in your PHP, just before your query, put echo sha1($_POST['password']) to see the encrypted string PHP is trying to match with the database...

 

Sorry I can't offer a quick fix, I'm just going through all the things I'd do to debug...

Link to comment
https://forums.phpfreaks.com/topic/62729-help-with-login-code/#findComment-312649
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.