Where's the error?

[LemonInflux]

eh?

[trq]

eh?

 

Does this meen you don't understand something? What?

[LemonInflux]

Yes, it means I don't understand what you mean.

[BlueSkyIS]

this is going to be a long conversation.

 

[LemonInflux]

I just want to know what's wrong with mine, not what I could be doing :\

[BlueSkyIS]

looks like you have a function defined. does it get called anywhere?

 

You dont echo the messages within the function, nor return the $message variable for display outside of the function.

[LemonInflux]

Why not?

[BlueSkyIS]

we're telling you what's wrong.

 

1. you have a function called login. do you ever call it from anywhere else in your code?

 

2. inside your function, you set a value for $message but it is never echoed anywhere or provided outside of the function.

 

essentially you have a function that is never called that wouldn't do anything if it was called.

 

[LemonInflux]

The user enters a username and password, and submits it. On submit, the function is called. Then, the messages are echoed on the page.

[BlueSkyIS]

excellent. can we see the updated code where this happens?

[LemonInflux]

auth.inc.php (complete w/ notes):

 

<?php

session_start();

// authenticate username/password against /data/users.db.php
// returns: -1 if user does not exist
//           0 if user exists but password is incorrect
//           1 if username and password are correct
function auth($user, $pass){

$result = -1;

if((trim($user) != "") && (trim($pass) != "")){

$sql = 'SELECT * FROM `members`';
$sqlresult = mysql_query($sql);
while ($row = mysql_fetch_assoc($sqlresult)) {

  // if username matches
  // test password
  if($row['username'] == $user){
   
   // if match, user/pass combination is correct
   // return 1
   if($row['password'] == $pass){
    $result = 1;
    break;
   }else{
    // otherwise return 0
    $result = 0;
    break;
   }
  }
}
}

// return value
return $result;
}

// Check if Sessions have exist or else see if any var's are posted
if(!isset($_SESSION["SESSION_UNAME"]) && !isset($_SESSION["SESSION_UPASS"])){
$f_user = $_POST['f_user'];
$f_pass = sha1($_POST['f_pass']);
}else{
$f_user = $_SESSION["SESSION_UNAME"];
$f_pass = $_SESSION["SESSION_UPASS"];
}

if($_GET['logout'] == "true"){
$f_user = "";
$f_pass = "";
session_unset();
session_destroy();
header("Location: ?");
}

?>

 

Then, where it's called.

 

<?php
include('config.inc.php');
include('db_fns.php');
db_connect();
include('auth.inc.php');
if(auth($f_user, $f_pass) == 1){
$_SESSION['SESSION_UNAME'] = $f_user;
$_SESSION['SESSION_UPASS'] = $f_pass;
}
?>

 

Then, if I want the message, I use 'if(isset($message)){echo $message; }'

[BlueSkyIS]

there is no $message in the code you posted.??

 

Also it looks like there are too many braces, }

 

you may want to consider indenting your code so mistakes jump out. Your return is outside of the function:

 

function auth($user, $pass){
 
$result = -1;

if((trim($user) != "") && (trim($pass) != "")){

$sql = 'SELECT * FROM `members`';
$sqlresult = mysql_query($sql);
while ($row = mysql_fetch_assoc($sqlresult)) {
	// if username matches
	// test password
	if($row['username'] == $user){
   
		// if match, user/pass combination is correct
		// return 1
		if($row['password'] == $pass){
			$result = 1;
			break;
		} else {
			// otherwise return 0
			$result = 0;
			break;
		}
	}
 	}
}

// return value
return $result; // RETURN IS OUTSIDE OF THE FUNCTION
}

 

this shouldn't even compile. no errors shown?

[LemonInflux]

Used that, still no luck. To try it out, go to http://reflexprojects.net/forumbuild/index.php - username: tom, password: test

[BlueSkyIS]

i was pointing out the mistake, not correcting it. as i stated, that code you posted shouldn't even compile. one of the problems is that your return is OUTSIDE THE FUNCTION.

 

		
          }
	}
} // FUNCTION IS CLOSE HERE, BUT....

// return value
return $result; // RETURN IS OUTSIDE OF THE FUNCTION
}

[LemonInflux]

Put it in, still no luck.