[SOLVED] error in login processing script

[barbs75]

Hey guys,

 

I have a problem with my login.php script, a processing script which processes the login_form at login_form.php.

The problem i'm having is that the page just doesnt work properly, when the form is submitted it freezes for a while and then comes up withe browser error page.

 

I can't see whats wrong with the script!!

 

here's the code:

 

login.php

<?php 
session_start();
//include database connection script
include('database.php'); 

header("Cache-control: private"); 
$user = $_POST['username']; 
$pass = $_POST['password'];
$remember = $_POST['remember'];
$loginerrorarray = array();
$logindataarray = array();

//store entered data into array
$logindataarray['username'] = $user;
$logindataarray['password'] = $pass;
$_SESSION['logindata_storage'] = $logindataarray;
//Code to prevent mysql injection
//echo "the user name is $user\n";
//$user = mysql_real_escape_string($user);

// checking if the user exists 
$sql_user_check = "SELECT * FROM customer WHERE username='$user'"; //your table name here
$result_name_check = mysql_query($sql_user_check); 
$usersfound = mysql_num_rows($result_name_check);
//echo "the value of user_check is $result_name_check"; 
// if user not found, note that and end 
if ($usersfound < 1) { 
    $loginerrorarray['nouser'] = "User $user not found."; 
// if user does exist, continue with processing 
} else { //else1
    // checking if passwords match 
    $sql_pass_get = mysql_query("SELECT * FROM customer WHERE username='$user'"); //your table name here
    $user_info = mysql_fetch_array($sql_pass_get); 
    $encryptpass = $user_info['encryptpass']; 
    // if doesn't match, note that and end 
    if ($encryptpass != md5($pass)) { 
        $loginerrorarray['password'] = "Invalid password.  Try again.";
} else {//else2
	//check that user has activated their account
	$sql_status_check = mysql_query("SELECT * FROM customer WHERE username='$user'");
	$status_check_result = mysql_fetch_array($sql_status_check);
	$status_info = $status_check_result['status'];
	//echo "the status so far is $status_info";
	//if account hasnt been activated, throw error
	if ($status_info ==0) {
		$loginerrorarray['activation'] = "$user, you haven't yet fully activated your account. Please check your email inbox for an activation email sent by us, and follow the given instructions to start using your profile";
	} else {//else3
	//create sessions for each table entry 
	$_SESSION['username'] = $user_info['username'];
	$_SESSION['title'] = $user_info['title'];
	$_SESSION['forename'] = $user_info['forename'];
	$_SESSION['surname'] = $user_info['surname'];
	$_SESSION['email'] = $user_info['email']; 
	$_SESSION['encryptpass'] = $user_info['encryptpass']; 
	$_SESSION['membership'] = $user_info['membership']; 
	}//end of else3
//check that remember box has been checked
if($remember) {
	// Check to see if the 'remember' box was ticked to remember the user
	setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
	setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
}
}//end of else2
}//end of else1
//checks username session is registered, if it isn't checks if a value is assigned to error, if it has been
//output error and send them back to login screen, otherwise they are logged in correctly and welcome them
if (!$_SESSION['username']) { 
    if ($loginerrorarray) {
        $_SESSION['loginerror_storage']=$loginerrorarray;
	 include('login_form.php'); 
    } else { 
	//echo "Welcome to your login";
        //include('welcome.php'); 
    }
//otehrwise they are still logged in and welcome them back! 
} else { 
    //echo "<html><head><title>Welcome Back</title></head><body>Welcome back ".$_SESSION['username']."  <a href=\"settings.php\">Click //here</a> to view your current settings.</body></html>";
header('Location: userprofile.php'); 
}  
?>

 

If anyone can spot any errors or anything...

 

cheers

 

Craig