logging in help

[Lamez]

I have been trying to fix this annoying script error for hours and nothing is working.

This has been working until now.

 

I log in, and it recognizes my username and password and allows me to login, but when I get to the members page it says I am not logged in. The only page I modified is the members page.

 

Here is my member's page script

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link rel="stylesheet" type="text/css" href="../../style/default.css"/>
<?php include ("../../style/include/title.php"); ?>
</head>

<body>


 <div class="logo"><?php
include ("../../style/include/header.php");
?></div>

       <div class="spacer"></div>

<?php
include ("menu/menu.php");
?>

<div class="box"><font size="3">
  <center>
<?php //makes sure the user is logged in
$username = $_COOKIE['loggedin'];
if (!isset($_COOKIE['loggedin'])) die("You are not logged in, <a href=../../login.php>click here</a> to login.");
echo "<u>Welcome</u> <b>$username</b>";
?>
</center></font></div>


<?php
$getlink = $_GET["process"];

if ($getlink == "members_list") {
print <<<MBL
<div class="box">
<p><center><font size="3">Coming Soon!</font></center></p>
</div>
MBL;
}
else { //The Main Links
print <<<NEW

 <div class="boxn">
  <font size="3">
     </u>

       <div class="left">
   <br />
          <p><a href="upload/udsection.php">Upload\Download Section</a>
          <br />
          <br />
          <a href="proxy/goto.php">Lamez's Proxy</a> 
          <br />
  <br /> 
          <a href="arcade/playgame.php">Arcade</a><font color="#FF0000" size="1"><font color="#000000">*</font>Coming Soon!</font></p>
</div>


         <div class="right">
          <br />
          <p><a href="contact.php">Suggestions\Contact Lamez</a>		  
          <br />
          <br />
          <a href="news/news.php">Website News</a>
  <br />
          <br />
          <font color="#FF0000" size="1">Coming Soon!<font color="#000000">*</font></font><a href="lamez/corner.php">Lamez's Corner</a></p>
           </div>
     </div>
NEW;
}	 
?>
<?php
include ("../../style/include/footer.php");
?>		
</body>
</html>

 

You can try it here as

 

USERNAME: test

PASSWORD: test

 

http://www.lamezz.com/login.php

 

Please help me guys, thanks again!

 

[Ken2k7]

Uh was the cookie ever set?

[Lamez]

I believe so

 

I think this is what is giving me trouble

 

<?php //makes sure the user is logged in
$username = $_COOKIE['loggedin'];
if (!isset($_COOKIE['loggedin'])) die("You are not logged in, <a href=../../login.php>click here</a> to login.");
echo "<u>Welcome</u> <b>$username</b>";
?>

[Ken2k7]

Right, but I can't tell from that code whether the cookie was set.

[Lamez]

I am using sessions from what I understand, is that the same thing as a cookie?

 

Sorry I am a PHP noob still learning.

[Ken2k7]

No. $_SESSION will only keep the information as long as the user stays on the site. Once the user exits the page, the $_SESSION is deleted. $_COOKIE is different. You can set a cookie to expire after some specified time or until the user closes the browser.

 

Try if (!isset($_SESSION['loggedin'])) or whatever you named it. Though I would not use loggedin as the name for a session because you don't know who the person is.

[Lamez]

My Database is online.

I am not sure what the heck is going on. Do you think it could be my login script? Man I am so lost.

[Ken2k7]

Post in your login script.

[Lamez]

<?php
ob_start(); // <-- move to top
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link rel="stylesheet" type="text/css" href="../style/default.css"/>
<?php
include ("../style/include/title.php");
?>
</head>
<body>


 <div class="logo"><?php
include ("../style/include/header.php");
?></div>


     

       <div class="spacer"></div>
<div class="box"><font size="3"><center>

<?php
ob_start();

include("config.php"); 

// connect to the mysql server 
$link = mysql_connect($server, $db_user, $db_pass) 
or die ("Could not connect to mysql because ".mysql_error()); 

// select the database
mysql_select_db($database) 
or die ("Could not select database because ".mysql_error()); 

$match = "select id from $table where username = '".$_POST['username']."' 
and password = '".$_POST['password']."';"; 

$qry = mysql_query($match) 
or die ("Could not match data because ".mysql_error()); 
$num_rows = mysql_num_rows($qry); 

if ($num_rows <= 0) { 

echo "Invalid Username or Password<br>"; 
echo "<br />";
echo "<a href=../login.php>Try again</a>"; 

exit;

} else { 


setcookie("loggedin", "".$_POST['username']."", time()+(3600 * 24));
setcookie("username", "".$_POST['username']."");

echo "Welcome <strong>".$_POST['username']."</strong><br>"; 
echo "<br />";

}
ob_end_flush();
?>
Logging In
<br />
<img src="../style/img/bar.gif" />
<meta http-equiv="Refresh" content="5; URL=../login/_members/members.php">

</center>
</font>
</div>
<?php
include ("../style/include/footer.php");
?>
</body>
</html>

[Ken2k7]

<?php

$match = "select id from $table where username = '".$_POST['username']."' 
and password = '".$_POST['password']."'"; 

?>

 

Try replacing the one you have for match with that one. that. Also for num_rows, it's not going to be < 0, so just say == 0.

[Lamez]

nope, man I am tired of this, I am going to go to sleep for a while, thanks though

[Ken2k7]

It says $_POST['username']. Where's the form?

[Lamez]

that script was my script to log you in from the users input, or the form action

 

here is the form action url http://lamezz.com/_bin_/login.php

 

here is the form http://lamezz.com/login.php

 

here is the login form code

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<link rel="stylesheet" type="text/css" href="../style/default.css"/>
<?php
include ("style/include/title.php");
?>
</head>
<script type="text/javascript">
function setFocus(aField) {
document.forms[0][aField].focus();
}

function isAnEmailAddress(aTextField) {

if (document.forms[0][aTextField].value.length<5) {
return false;
}
else if (document.forms[0][aTextField].value.indexOf("@") < 1) {
return false;
}
else if (document.forms[0][aTextField].value.length -
document.forms[0][aTextField].value.indexOf("@") < 4) {
return false;
}
else { return true; }
}

function isEmpty(aTextField) {
if ((document.forms[0][aTextField].value.length==0) ||
(document.forms[0][aTextField].value==null)) {
return true;
}
else { return false; }
}

function validate() {

if (isEmpty("username")) {
alert("Please fill your username.");
setFocus("username");
return false;
}
if (isEmpty("password")) {
alert("Please fill in your password.");
setFocus("password");
return false;
}
return true;

}
</script>
<body>
 <div class="logo"><?php
include ("style/include/header.php");
?></div>


       <div class="spacer"></div> 
<?php
include ("menu/menu.php");;
?>   

<?php
$getlink = $_GET["id"];

if ($getlink == "new_user") {
print <<<NEW
<div class="box">
<font size="3"><center>Welcome New User!<br>Please sign in for the first time!<center></font>
</div>
<div class="box">
<p align="center"><font size="4" color="#FFFFFF"><u>Login</u></font></p><br />
<center><form action="_bin_/login.php" method="post" onSubmit="return validate()">
<font size="2">Username:  <input type="text" name="username" size="20"><br><br />
Password:  <input type="password" name="password" size="20"></font><br>
<p align="center"><input type="submit" value="Log In"> <br />
<br>
<a href="login.php?id=forgot_password"><font size="3">Forgot Password?</font></a>
</p>
</form></center>
</div>

NEW;
}
elseif ($getlink == "forgot_password") {
print <<<FRO
<div class="box">
<p><center><font size="4" color="#FFFFFF"><u>Forgot Password</u></font></p><br />
<form action="_bin_/e_mail.php" method="post">
<font size="2">
  
  <p>Username:<br />
    <input type="text" name="username" size="20">
    <br />
    <br>
    New Password:<br />
    <input type="password" name="password" size="20">
    <br />
    <br>
    Email:<br />
    <input type="text" name="email" size="20">    
    <br />
    <br>
    <input type="submit" value="Send">
  </p>
  <font size="3"><a href="login.php#">Login!</a>
</form>
</div>
FRO;
}
elseif ($getlink == "sent") {
print <<<SEN
<meta http-equiv="refresh" content="6;url=index.php">
<div class="box">
<center>
<font size="3">Your forgot password form has been sent.</font><p></p>
<font size="3" color="#FF0000">Please Allow 48 hours for your password to be changed!<p></p>
<font size="3"><a href="index.php">Return to Home</a></font>
</font>
</center>
</div>
SEN;
}
else {
print <<<DEF
<div class="box">
<p align="center"><font size="4" color="#FFFFFF"><u>Login</u></font></p><br />
<center><form action="_bin_/login.php" method="post" onSubmit="return validate()">
<font size="2">Username:  <input type="text" name="username" size="20"><br><br />
Password:  <input type="password" name="password" size="20"></font><br>
<p align="center"><input type="submit" value="Log In"> <br />
<br>
<a href="login.php?id=forgot_password"><font size="3">Forgot Password?</font></a>
</p>
</form></center>
</div>
DEF;
}
?>

<?php
include ("style/include/footer.php");
?>

</body>
</html>

[Ken2k7]

Hmmm in your login script, it says something like:

 

$sql = "select id from $table...";

 

Is $table defined?

[Lamez]

yea in my config.php

 

its ac_users or in my words account users

[Ken2k7]

Okay try verifying the cookies by using echo $_COOKIE["loggedin"];

[Lamez]

would I put that in my members page?