Xyphon Posted December 12, 2007 Share Posted December 12, 2007 <?PHP // Connects to your Database include('Connect.php'); $submit= $_POST['submit']; //Body Settings echo "<center><font color='#AFAFAF' face='verdana' size='1'>"; //If User Is Logged In if(isset($_COOKIE['UserID'])) { //Display Message echo "Sorry, you are already logged in. Click <a href='index.php'>Here</a> to go back."; //Exit Page exit; } //If Form Is Submitted if($submit) { // Checks if pass/user exists $_POST['username'] = addslashes($_POST['username']); $usercheck = $_POST['username']; $_POST['password'] = addslashes($_POST['password']); $passcheck = $_POST['password']; $Result1= mysql_query("SELECT * FROM users WHERE username='$usercheck' AND password='$passcheck'"); $Rows1= mysql_fetch_array($Result1); $Rows2= mysql_fetch_array($Result2); if($Rows1==0) { echo "Invalid Username/password."; exit; } $UserID= $Rows1['ID']; setcookie("UserID", "$UserID", time()+9999999); echo "You have successfully logged in.<br /><br /><a href='index.php'>Continue</a>"; } //If Form Isn't Submitted else { echo " <form method='POST'> <input type='hidden' name='submit' value='1'> <b>Username</b><br /> <input type=\"text\" name=\"username\" maxlength=\"30\"> <br /><br /> <b>Password</b><br /> <input type=\"password\" name=\"password\" maxlength=\"25\"> <br /><br /> <input type='submit' value='Sign In' onclick=\"this.disabled='true'; this.value='Please Wait...'; this.form.submit();\"> </form>"; } ?> The error is no matter what I type in, even if it's valid, it says invalid user/password. Quote Link to comment Share on other sites More sharing options...
marcus Posted December 12, 2007 Share Posted December 12, 2007 <?php // Connects to your Database include ('Connect.php'); $submit = $_POST['submit']; //Body Settings echo "<center><font color='#AFAFAF' face='verdana' size='1'>"; //If User Is Logged In if (isset($_COOKIE['UserID'])) { //Display Message echo "Sorry, you are already logged in. Click <a href='index.php'>Here[/url] to go back."; //Exit Page exit; } //If Form Is Submitted if ($submit) { // Checks if pass/user exists $_POST['username'] = addslashes($_POST['username']); $usercheck = $_POST['username']; $_POST['password'] = addslashes($_POST['password']); $passcheck = $_POST['password']; $Result1 = mysql_query("SELECT * FROM users WHERE username='$usercheck' AND password='$passcheck'"); $Rows1 = mysql_fetch_array($Result1); $Rows2 = mysql_fetch_array($Result2); if (mysql_num_rows($Result1) == 0) { echo "Invalid Username/password."; exit; } $UserID = $Rows1['ID']; setcookie("UserID", "$UserID", time() + 9999999); echo "You have successfully logged in. <a href='index.php'>Continue</a>"; } //If Form Isn't Submitted else { echo " <form method='POST'> <input type='hidden' name='submit' value='1'> Username <input type=\"text\" name=\"username\" maxlength=\"30\"> Password <input type=\"password\" name=\"password\" maxlength=\"25\"> <input type='submit' value='Sign In' onclick=\"this.disabled='true'; this.value='Please Wait...'; this.form.submit();\"> </form>"; } ?> mysql_num_rows Quote Link to comment Share on other sites More sharing options...
Xyphon Posted December 12, 2007 Author Share Posted December 12, 2007 Thank you.. But now it says Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/www/ptcrpg.awardspace.com/login.php on line 28 Invalid Username/password. I am a big noob, and I have trouble with errors. Do you know what else is wrong? Quote Link to comment Share on other sites More sharing options...
marcus Posted December 12, 2007 Share Posted December 12, 2007 Just remove the line that has $Row2 Quote Link to comment Share on other sites More sharing options...
Xyphon Posted December 12, 2007 Author Share Posted December 12, 2007 I figured it on myself, but it still says invalid. Quote Link to comment Share on other sites More sharing options...
trq Posted December 12, 2007 Share Posted December 12, 2007 Then its simply not finding a matching record. Are you passwords md5'd? Quote Link to comment Share on other sites More sharing options...
marcus Posted December 12, 2007 Share Posted December 12, 2007 Try just doing: $usercheck = addslashes($_POST['username']); $passcheck = addslashes($_POST['password']); When a user registers does their password get encrypted? Quote Link to comment Share on other sites More sharing options...
Xyphon Posted December 12, 2007 Author Share Posted December 12, 2007 Yes it does Quote Link to comment Share on other sites More sharing options...
lemmin Posted December 12, 2007 Share Posted December 12, 2007 Looks like you guys are right, he needs to get a hash. Just thought I would add that it shouldn't matter if he uses mysql_num_rows or not because comparing it to 0 will check if the array is NULL or not. Quote Link to comment Share on other sites More sharing options...
Xyphon Posted December 12, 2007 Author Share Posted December 12, 2007 So I should put back empty? Quote Link to comment Share on other sites More sharing options...
marcus Posted December 12, 2007 Share Posted December 12, 2007 $passcheck = md5($passcheck); Quote Link to comment Share on other sites More sharing options...
Xyphon Posted December 12, 2007 Author Share Posted December 12, 2007 $passcheck = md5($passcheck); I replace usercheck and passcheck with that? I dont understand how to put the variable inside itself.. Quote Link to comment Share on other sites More sharing options...
marcus Posted December 12, 2007 Share Posted December 12, 2007 Lol no. $usercheck = addslashes($_POST['username']); $passcheck = md5(addslashes($_POST['password'])); Quote Link to comment Share on other sites More sharing options...
Xyphon Posted December 12, 2007 Author Share Posted December 12, 2007 Thanks, but now theres soemthing wrong wiht my cookie Warning: Cannot modify header information - headers already sent by (output started at /home/www/ptcrpg.awardspace.com/login.php: in /home/www/ptcrpg.awardspace.com/login.php on line 35 My friend had the same problem so he used sessions, but cookies are easier. Quote Link to comment Share on other sites More sharing options...
marcus Posted December 12, 2007 Share Posted December 12, 2007 To save some time just use a buffering method. <?php ob_start(); // your code ob_end_flush(); ?> Quote Link to comment Share on other sites More sharing options...
Xyphon Posted December 12, 2007 Author Share Posted December 12, 2007 Thank you, Im now logged in Now to reset my database.. Quote Link to comment Share on other sites More sharing options...
Xyphon Posted December 12, 2007 Author Share Posted December 12, 2007 Oops, something else wrong.. It doesnt work on internet, only on firefox O.O Quote Link to comment Share on other sites More sharing options...
revraz Posted December 12, 2007 Share Posted December 12, 2007 This line is wrong as well echo "Sorry, you are already logged in. Click <a href='index.php'>Here[/url] to go back."; [/url] is bbcode, you need a </a> Quote Link to comment Share on other sites More sharing options...
Xyphon Posted December 12, 2007 Author Share Posted December 12, 2007 I know, my friend was adding a few lines, and used URL for some reason. Anyways, thats fixed.. Why does it only work on firefox? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.