Jump to content


Photo

Loginpage trouble


  • Please log in to reply
3 replies to this topic

#1 werner

werner
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 28 April 2006 - 01:38 PM

When I click on the login-link on my site, the page below is displayed. However, the if-statement is always executed, even the first time I enter the page (the message that you've now logged in), when it should(?) display the login form.

The site is included into my index.php, and in index.php the databaseconenction is called (if you're wondering where that is).

Anyone got a clue?

<?php
 
  echo('
  <h1>Logg inn</h1>
  ');
 
  //set username and password variables, escape chars, set pass as md5 checksum
  $username =  mysql_real_escape_string($_POST['user']);
  $password = md5($_POST['pass']);
 
  //select users which matches submitted password and username (It'll be submitted in a form further down)
  $result = mysql_query("SELECT count(id) FROM users WHERE password='$_POST[pass]' AND username='$_POST[user]'");
 
  //if there is a match! (access granted)
  if(mysql_num_rows($result))
  {
    // We've already added slashes and MD5'd the password
    $_SESSION['user'] = $_POST['user'];
    $_SESSION['pass'] = $_POST['pass'];
 
    echo('<p>Du er nå logget inn :)</p>');
    //prevent code below to be executed
    exit;
  }
  //no match in DB, try again
  else
  {
    $fields = 'Brukernavn:<br />'.write_textfield(menulogin, text, user, brukernavn).'<br />Passord:<br />'.write_textfield(menulogin, password, pass, passord).'<br />'.write_submit('login', 'Logg inn!');
 
    echo write_form($fields, $_SERVER[PHP_SELF], 'post');
  }
 
?>


#2 wisewood

wisewood
  • Members
  • PipPipPip
  • Advanced Member
  • 226 posts
  • LocationRotherham, England

Posted 28 April 2006 - 02:18 PM

if(!$_POST)
{
// display the form here
}
else
{
// Process the login
}
wisewood: proven fact, I am both wise, and wooden.

#3 werner

werner
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 02 May 2006 - 08:31 AM

Thanks for your reply. At least now it'ss display the form, though only once.

Problem: After pressing submit, it goes straight to index.php, (the loginpage is at index.php?page=login_page) nomatter what i type in the form-fields. I was under the impression $SERVER[PHP_SELF] did return you to the exact page you're on... but maybe that's what it's doing, as the loginpage is included into the index.php. In that case I have no clue on how to get this working. Help greatly appreciated :)

new code:

<?php

  $fields = 'Brukernavn:<br />'.write_textfield(menulogin, text, user).'<br />Passord:<br />'.write_textfield(menulogin, password, pass).'<br />'.write_submit('login', 'Logg inn!');

  echo('
  <h1>Logg inn</h1>
  ');

  //if no post is made
  if(!$_POST)
  {
    echo write_form($fields, $_SERVER[PHP_SELF], 'post');
  }
  else
  {
    //set username and password variables, escape chars, set pass as md5 checksum
    $username =  mysql_real_escape_string($_POST['user']);
    $password = md5($_POST['pass']);

    //select users which matches submitted password and username (It'll be submitted in a form further down)
    $result = mysql_query("
      SELECT count(id) 
      FROM users 
      WHERE password='".$_POST[pass]."'
      AND username='".$_POST[user]."'
    ");

    //if there is a match! (access granted)
    if (mysql_num_rows($result) > 0)
    {
      //already escaped username and md5'ed the password
      $_SESSION['user'] = $_POST['user'];
      $_SESSION['pass'] = $_POST['pass'];
      echo('<p>Du er nå logget inn :)</p>');
    }
    //no match in DB, try again
    else
    {
      echo('<p>Beklager, feil brukernavn eller passord!</p>');
      echo write_form($fields, $_SERVER[PHP_SELF], 'post');
    }
  //end else
  }

?>


#4 werner

werner
  • New Members
  • Pip
  • Newbie
  • 3 posts

Posted 02 May 2006 - 10:22 AM

Solved :)

(one just need to keep bangign the head against the wall a few thousand times)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users