clueless_php Posted September 9, 2007 Share Posted September 9, 2007 i get a message saying that the login worked, but it didnt.. what did i do wrong? <?php $con = mysql_connect("mysql3.freehostia.com","****BLAH****","****BLAH****"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("****BLAH****", $con); $result = mysql_query("SELECT * FROM account"); $allGood = false; while($row = mysql_fetch_array($result)) { if ((strnatcasecmp($row['UserName'],$_POST["name"]))==0) { if ($row['Password']==$_POST["pw"]) { $allGood=true; setcookie("user", $_POST["name"], time()+3600); } } } ?> <HTML> <HEAD> <TITLE><?php include("titlebar.php"); ?></TITLE> <link rel="stylesheet" type="text/css" href="template/blue/blue.css"> </HEAD> <BODY> <DIV id=mpage> <DIV id=head><?php include("title.php"); ?></DIV> <DIV id=nav><?php include("links.php"); ?></DIV> <DIV id=page> <DIV id=title>Log In</DIV> <DIV id=main> <?php if ($_POST["name"]!=''&&!$allGood) echo 'Problem loging in. please check to make sure that you are using the corect username and password then try again'; if (!$allGood) { echo '<form action="login.php" method="post"> <table> <tr><td>User Name:</td><td><input type="text" name="name" /></td></tr> <tr><td>Password:</td><td><input type="password" name="pw" /></td></tr> </table><input type="submit" value="Submit" /> <input type="reset" value="Clear"/> </form>'; } else if ($allGood) echo 'welcome ' . $_COOKIE["user"]; else echo 'ERROR'; ?> </div> </DIV> <DIV id=foot><?php include("foot.php"); ?></DIV> </DIV> </BODY></HTML> oh if it helps any my site is http://michaelscorner.freehostia.com Quote Link to comment Share on other sites More sharing options...
clueless_php Posted September 9, 2007 Author Share Posted September 9, 2007 *bump* i really need help on this... its driving me crasy Quote Link to comment Share on other sites More sharing options...
Fadion Posted September 9, 2007 Share Posted September 9, 2007 u have it a bit messy. Normaly i would do it: <?php $user = $_POST['username']; $pass = sha1($_POST['pw']); $allgood = false; $results = mysql_query("SELECT * FROM account WHERE username='$user'"); $numRows = mysql_num_rows($results); if($numRows == 1){ $values = mysql_fetch_array($results); if($values['password'] == $pass){ $allgood = true; } } ?> Also note the sha1() part. Do u have passwords hashed with sha1() or md5() in your database? If so u need to convert the post password to sha1() or md5(). Quote Link to comment Share on other sites More sharing options...
clueless_php Posted September 9, 2007 Author Share Posted September 9, 2007 it works with knowing if account info is correct... i just cant get cookie to work right Quote Link to comment Share on other sites More sharing options...
Fadion Posted September 9, 2007 Share Posted September 9, 2007 Try echoing in different part of your if statements (the part when u check the user and pass) to see if runs every part of it. The setcookie() usage is fine. Quote Link to comment Share on other sites More sharing options...
clueless_php Posted September 9, 2007 Author Share Posted September 9, 2007 tried it... it reaches the cookie... still have problems though... Quote Link to comment Share on other sites More sharing options...
Fadion Posted September 9, 2007 Share Posted September 9, 2007 The setcookie() code is alright and such is the way ure calling it with $_COOKIE. Dont know whats happening to your part. Also consider my sample code as instead of running a loop through all the records (as u did it with your code) u'll just recieve one single record, making your code a bit faster. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.