uniflare Posted March 5, 2008 Share Posted March 5, 2008 your query, try: $quotersa = "SELECT * FROM usersdb WHERE password='".md5($pass)."'"; hope this helps, Quote Link to comment Share on other sites More sharing options...
rofl90 Posted March 5, 2008 Author Share Posted March 5, 2008 Ok now when I enter my user/pass it just outputs the html and then stops heres my code: <?php error_reporting(E_ALL); $dbhost = 'xxx'; $dbuser = 'xx'; $dbpass = 'xx'; $dbname = 'xx'; mysql_connect($dbhost, $dbuser, $dbpass) or die(mysql_error()); mysql_select_db($dbname); ?> <style type="text/css"> <!-- .style2 { font-size: 14; font-family: "Trebuchet MS"; } --> </style> <span class="style2"> <?php $username = 'charlie,andreas'; $users = explode(",", $username); $password = "xxx"; $randomword = "xxx"; if (isset($_COOKIE['MyLoginPage'])) { if ($_COOKIE['MyLoginPage'] == md5($password.$randomword)) { ?> </span> <meta http-equiv="refresh" content="0;http://www.codeetech.com/backend/index2.php" /> <span class="style2"> <?php exit; } } if (isset($_GET['p']) && $_GET['p'] == "login") { $pass = $_POST['pass']; $quotersa = "SELECT * FROM usersdb WHERE password='".md5($pass)."'"; $resulto = mysql_query($quotersa) or die(mysql_query()); $quiza = mysql_fetch_array($resulto); $quizoo = $quiza['password']; $ip = $_POST['ip']; $inform = "insert into ips(ip) VALUES ('$ip')"; mysql_query($inform) or die(mysql_query()); $namer = $_POST['name']; $quoters = "SELECT username FROM usersdb WHERE username='$namer'"; $result = mysql_query($quoters) or die(mysql_query()); $infor = mysql_fetch_object($result); $infoz = $infor['username']; echo $quizoo; echo $infoz; echo $namer; echo $pass; if($infor != $namer) { echo $namer; echo $infor; echo "<p>Sorry, that username does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>"; exit; } elseif ($quizoo != $pass) { echo "<p>Sorry, that password does not match. Click <a href=\"http://www.codeetech.com/backend/\">here</a> to try again.</p>"; exit; } else { $result = mysql_query("SELECT * FROM settings") or die(mysql_error()); $row = mysql_fetch_array($result); $timing = $row['timeout']; setcookie('MyLoginPage', md5($password.$randomword), time()+ $timing); header("Location: index2.php"); } } ?> </span> <form action="<?php echo $_SERVER['PHP_SELF']; ?>?p=login" method="post" class="style2"><fieldset> <label>Your IP is <?php echo $_SERVER['REMOTE_ADDR']; ?>, and has been logged, unauthorised attempts to access will be logged, and steps will be taken. <br /></label> <br /> <input type="text" name="name" id="name" /> <label>Name</label><br /><br /> <label><input type="password" name="pass" id="pass" /> Password</label> <br /> <br /> <input type="submit" id="submit" value="Login" /> <input name="ip" type="hidden" id="hidden" value="<?php $ip = $_SERVER['REMOTE_ADDR']; echo $ip; ?>" /> <br /> <br /> Backend time out currently set at: <?php $result = mysql_query("SELECT * FROM settings") or die(mysql_error()); $row = mysql_fetch_array($result); $timing = $row['timeout']; echo $timing / 60; ?> minutes. </fieldset></form> Quote Link to comment Share on other sites More sharing options...
uniflare Posted March 5, 2008 Share Posted March 5, 2008 what o you mean? can you show us? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.