Jump to content

Archived

This topic is now archived and is closed to further replies.

werner

Loginpage trouble

Recommended Posts

When I click on the login-link on my site, the page below is displayed. However, the if-statement is always executed, even the first time I enter the page (the message that you've now logged in), when it should(?) display the login form.

The site is included into my index.php, and in index.php the databaseconenction is called (if you're wondering where that is).

Anyone got a clue?

[code]<?php

  echo('
  <h1>Logg inn</h1>
  ');

  //set username and password variables, escape chars, set pass as md5 checksum
  $username =  mysql_real_escape_string($_POST['user']);
  $password = md5($_POST['pass']);

  //select users which matches submitted password and username (It'll be submitted in a form further down)
  $result = mysql_query("SELECT count(id) FROM users WHERE password='$_POST[pass]' AND username='$_POST[user]'");

  //if there is a match! (access granted)
  if(mysql_num_rows($result))
  {
    // We've already added slashes and MD5'd the password
    $_SESSION['user'] = $_POST['user'];
    $_SESSION['pass'] = $_POST['pass'];

    echo('<p>Du er nå logget inn :)</p>');
    //prevent code below to be executed
    exit;
  }
  //no match in DB, try again
  else
  {
    $fields = 'Brukernavn:<br />'.write_textfield(menulogin, text, user, brukernavn).'<br />Passord:<br />'.write_textfield(menulogin, password, pass, passord).'<br />'.write_submit('login', 'Logg inn!');

    echo write_form($fields, $_SERVER[PHP_SELF], 'post');
  }

?>[/code]

Share this post


Link to post
Share on other sites
if(!$_POST)
{
// display the form here
}
else
{
// Process the login
}

Share this post


Link to post
Share on other sites
Thanks for your reply. At least now it'ss display the form, though only once.

Problem: After pressing submit, it goes straight to index.php, (the loginpage is at index.php?page=login_page) nomatter what i type in the form-fields. I was under the impression $SERVER[PHP_SELF] did return you to the exact page you're on... but maybe that's what it's doing, as the loginpage is included into the index.php. In that case I have no clue on how to get this working. Help greatly appreciated :)

new code:

[code]<?php

  $fields = 'Brukernavn:<br />'.write_textfield(menulogin, text, user).'<br />Passord:<br />'.write_textfield(menulogin, password, pass).'<br />'.write_submit('login', 'Logg inn!');

  echo('
  <h1>Logg inn</h1>
  ');

  //if no post is made
  if(!$_POST)
  {
    echo write_form($fields, $_SERVER[PHP_SELF], 'post');
  }
  else
  {
    //set username and password variables, escape chars, set pass as md5 checksum
    $username =  mysql_real_escape_string($_POST['user']);
    $password = md5($_POST['pass']);

    //select users which matches submitted password and username (It'll be submitted in a form further down)
    $result = mysql_query("
      SELECT count(id)
      FROM users
      WHERE password='".$_POST[pass]."'
      AND username='".$_POST[user]."'
    ");

    //if there is a match! (access granted)
    if (mysql_num_rows($result) > 0)
    {
      //already escaped username and md5'ed the password
      $_SESSION['user'] = $_POST['user'];
      $_SESSION['pass'] = $_POST['pass'];
      echo('<p>Du er nå logget inn :)</p>');
    }
    //no match in DB, try again
    else
    {
      echo('<p>Beklager, feil brukernavn eller passord!</p>');
      echo write_form($fields, $_SERVER[PHP_SELF], 'post');
    }
  //end else
  }

?>[/code]

Share this post


Link to post
Share on other sites
Solved :)

(one just need to keep bangign the head against the wall a few thousand times)

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.