werner Posted April 28, 2006 Share Posted April 28, 2006 When I click on the login-link on my site, the page below is displayed. However, the if-statement is always executed, even the first time I enter the page (the message that you've now logged in), when it should(?) display the login form.The site is included into my index.php, and in index.php the databaseconenction is called (if you're wondering where that is).Anyone got a clue?[code]<?php echo(' <h1>Logg inn</h1> '); //set username and password variables, escape chars, set pass as md5 checksum $username = mysql_real_escape_string($_POST['user']); $password = md5($_POST['pass']); //select users which matches submitted password and username (It'll be submitted in a form further down) $result = mysql_query("SELECT count(id) FROM users WHERE password='$_POST[pass]' AND username='$_POST[user]'"); //if there is a match! (access granted) if(mysql_num_rows($result)) { // We've already added slashes and MD5'd the password $_SESSION['user'] = $_POST['user']; $_SESSION['pass'] = $_POST['pass']; echo('<p>Du er nå logget inn :)</p>'); //prevent code below to be executed exit; } //no match in DB, try again else { $fields = 'Brukernavn:<br />'.write_textfield(menulogin, text, user, brukernavn).'<br />Passord:<br />'.write_textfield(menulogin, password, pass, passord).'<br />'.write_submit('login', 'Logg inn!'); echo write_form($fields, $_SERVER[PHP_SELF], 'post'); } ?>[/code] Quote Link to comment Share on other sites More sharing options...
wisewood Posted April 28, 2006 Share Posted April 28, 2006 if(!$_POST){ // display the form here}else{// Process the login} Quote Link to comment Share on other sites More sharing options...
werner Posted May 2, 2006 Author Share Posted May 2, 2006 Thanks for your reply. At least now it'ss display the form, though only once.Problem: After pressing submit, it goes straight to index.php, (the loginpage is at index.php?page=login_page) nomatter what i type in the form-fields. I was under the impression $SERVER[PHP_SELF] did return you to the exact page you're on... but maybe that's what it's doing, as the loginpage is included into the index.php. In that case I have no clue on how to get this working. Help greatly appreciated :)new code:[code]<?php $fields = 'Brukernavn:<br />'.write_textfield(menulogin, text, user).'<br />Passord:<br />'.write_textfield(menulogin, password, pass).'<br />'.write_submit('login', 'Logg inn!'); echo(' <h1>Logg inn</h1> '); //if no post is made if(!$_POST) { echo write_form($fields, $_SERVER[PHP_SELF], 'post'); } else { //set username and password variables, escape chars, set pass as md5 checksum $username = mysql_real_escape_string($_POST['user']); $password = md5($_POST['pass']); //select users which matches submitted password and username (It'll be submitted in a form further down) $result = mysql_query(" SELECT count(id) FROM users WHERE password='".$_POST[pass]."' AND username='".$_POST[user]."' "); //if there is a match! (access granted) if (mysql_num_rows($result) > 0) { //already escaped username and md5'ed the password $_SESSION['user'] = $_POST['user']; $_SESSION['pass'] = $_POST['pass']; echo('<p>Du er nå logget inn :)</p>'); } //no match in DB, try again else { echo('<p>Beklager, feil brukernavn eller passord!</p>'); echo write_form($fields, $_SERVER[PHP_SELF], 'post'); } //end else }?>[/code] Quote Link to comment Share on other sites More sharing options...
werner Posted May 2, 2006 Author Share Posted May 2, 2006 Solved :)(one just need to keep bangign the head against the wall a few thousand times) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.