zhTonic Posted March 9, 2008 Share Posted March 9, 2008 Hey guys, I'm having some trouble with my login script.. I've been trying to integrate it with my VB forum but it will always come up as incorrect login. Any help would be appreciated. <?php session_start(); if($_SESSION['AUTH_DONATOR'] == true) { header("Location: index.php"); die(); } include "../config2.php"; $error = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\"><html dir=\"ltr\" lang=\"en\"><head> <meta http-equiv=\"Content-Type\" content=\"text/html; charset=ISO-8859-1\" /> <title>LocalMS - Admin Control Panel!</title> <link rel=\"stylesheet\" href=\"../cpstyles/vBulletin_3_Default/controlpanel.css\" /> <style type=\"text/css\"> #all { margin: 10px; } #all p, #all td, #all li, #all div { font-size: 11px; font-family: verdana, arial, helvetica, sans-serif; } </style></head><body style=\"margin:0px\"><table cellpadding=\"4\" cellspacing=\"0\" border=\"0\" width=\"100%\" class=\"navbody\" style=\"border:outset 2px\"><tr> <td width=\"160\"><img src=\"../cpstyles/vBulletin_3_Default/cp_logo.gif\" alt=\"\" title=\"vBulletin 3 ©2000 - 2008 Jelsoft Enterprises Ltd.\" /></td> <td style=\"padding-left:100px\"> <b>LocalMS Admin Control Panel!</b><br /> Control Panel ©LocalMS <br /> <b style=\"font-size:10pt;\"></b> </td></tr></table><div id=\"all\"><blockquote><p><form method=post>Forum ID:<br> <input type=text name=name><br>Password:<br> <input type=password name=pass><br>Incorrect Login/Password!<br><input type=submit value='Submit'></form></div> <table cellpadding=\"4\" cellspacing=\"0\" border=\"0\" width=\"100%\" class=\"navbody\" style=\"padding:4px; border:outset 2px;\"> <tr align=\"center\"> <form action=\"index.php\" method=\"get\"> <input type=\"hidden\" name=\"step\" value=\"1\" /> <td><b></b><br />vBulletin ©2000 - 2008 Jelsoft Enterprises Ltd.</td> <td></td> </tr> </table> </div><!-- START CONTROL PANEL FOOTER --><p align=\"center\"><a href=\"http://www.vbulletin.com/\" target=\"_blank\" class=\"copyright\">vBulletin v3.6.8, Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.</a></p></div></body></html>"; $usr = $_POST['name']; $pwpost = $_POST['pass']; $sql = mysql_query("SELECT * FROM mst_user WHERE username='$usr'"); $sqlly = mysql_fetch_array($sql); $salt = $sqlly["salt"]; $pwd = md5(md5($pwpost . $salt)); if (isset($usr)){ include "../config2.php"; $result = mysql_query( "SELECT * FROM mst_user WHERE username = '$usr' AND password = '$pwd' AND usergroupid = 13 "); if(mysql_num_rows($result) == 0) { $query = mysql_query( "SELECT * FROM mst_user WHERE username = '$usr' AND password = '$pwd' AND usergroupid = 17 "); if(mysql_num_rows($query) == 0) { $_SESSION['AUTH_DONATOR'] = false; echo $error; die(); } else { $_SESSION['AUTH_DONATOR'] = true; $_SESSION['type'] = "Donator"; header("Location: login.php"); die(); } $_SESSION['AUTH_DONATOR'] = false; echo $error; die(); } else { $_SESSION['AUTH_DONATOR'] = true; $_SESSION['type'] = "Admin"; header("Location: login.php"); die(); } } ?> Link to comment https://forums.phpfreaks.com/topic/95193-php-login-script-not-working-need-some-help/ Share on other sites More sharing options...
marklarah Posted March 9, 2008 Share Posted March 9, 2008 Your code if($_SESSION['AUTH_DONATOR'] == true) { header("Location: index.php"); die(); } Surely that should either be "=== true) {" or "if (isset($_SESSION['whatever'])){" Maybe that might help Link to comment https://forums.phpfreaks.com/topic/95193-php-login-script-not-working-need-some-help/#findComment-487604 Share on other sites More sharing options...
zhTonic Posted March 9, 2008 Author Share Posted March 9, 2008 Your code if($_SESSION['AUTH_DONATOR'] == true) { header("Location: index.php"); die(); } Surely that should either be "=== true) {" or "if (isset($_SESSION['whatever'])){" Maybe that might help Hmm i don't really think that's the issue as this script just derives from my admin panel script which will login just fine.. <?php session_start(); if($_SESSION['AUTH_ADMIN'] == true) { header("Location: index.php"); die(); } $error = "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\"><html dir=\"ltr\" lang=\"en\"><head> <meta http-equiv=\"Content-Type\" content=\"text/html; charset=ISO-8859-1\" /> <title>LocalMS - Admin Control Panel!</title> <link rel=\"stylesheet\" href=\"../cpstyles/vBulletin_3_Default/controlpanel.css\" /> <style type=\"text/css\"> #all { margin: 10px; } #all p, #all td, #all li, #all div { font-size: 11px; font-family: verdana, arial, helvetica, sans-serif; } </style></head><body style=\"margin:0px\"><table cellpadding=\"4\" cellspacing=\"0\" border=\"0\" width=\"100%\" class=\"navbody\" style=\"border:outset 2px\"><tr> <td width=\"160\"><img src=\"../cpstyles/vBulletin_3_Default/cp_logo.gif\" alt=\"\" title=\"vBulletin 3 ©2000 - 2008 Jelsoft Enterprises Ltd.\" /></td> <td style=\"padding-left:100px\"> <b>LocalMS Admin Control Panel!</b><br /> Control Panel ©LocalMS <br /> <b style=\"font-size:10pt;\"></b> </td></tr></table><div id=\"all\"><blockquote><p><form method=post>Forum ID:<br> <input type=text name=name><br>Password:<br> <input type=password name=pass><br>Incorrect Login/Password!<br><input type=submit value='Submit'></form></div> <table cellpadding=\"4\" cellspacing=\"0\" border=\"0\" width=\"100%\" class=\"navbody\" style=\"padding:4px; border:outset 2px;\"> <tr align=\"center\"> <form action=\"index.php\" method=\"get\"> <input type=\"hidden\" name=\"step\" value=\"1\" /> <td><b></b><br />vBulletin ©2000 - 2008 Jelsoft Enterprises Ltd.</td> <td></td> </tr> </table> </div><!-- START CONTROL PANEL FOOTER --><p align=\"center\"><a href=\"http://www.vbulletin.com/\" target=\"_blank\" class=\"copyright\">vBulletin v3.6.8, Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.</a></p></div></body></html>"; $usr = $_POST['name']; $pwd = sha1($_POST['pass']); if (isset($usr)){ include "../config.php"; $result = mysql_query( "SELECT * FROM accounts WHERE name = '$usr' AND password = '$pwd' AND webadmin = '1' "); if(mysql_num_rows($result) == 0) { $query = mysql_query( "SELECT * FROM accounts WHERE name = '$usr' AND password = '$pwd' AND gm = '1' "); if(mysql_num_rows($query) == 0) { $_SESSION['AUTH_ADMIN'] = false; echo $error; die(); } else { $_SESSION['AUTH_ADMIN'] = true; $_SESSION['type'] = "GM"; header("Location: login.php"); die(); } $_SESSION['AUTH_ADMIN'] = false; echo $error; die(); } else { $_SESSION['AUTH_ADMIN'] = true; $_SESSION['type'] = "Admin"; header("Location: login.php"); die(); } } ?> Link to comment https://forums.phpfreaks.com/topic/95193-php-login-script-not-working-need-some-help/#findComment-487636 Share on other sites More sharing options...
zhTonic Posted March 10, 2008 Author Share Posted March 10, 2008 Looks like i fixed it myself... HOW stupid am i that i didn't notice i was formatting the hash wrong. I just didn't encase the $pwpost variable. BEFORE: $pwd = md5(md5($pwpost . $salt)); AFTER: $pwd = md5(md5($pwpost) . $salt); Thank you mark for the reply anyways. Link to comment https://forums.phpfreaks.com/topic/95193-php-login-script-not-working-need-some-help/#findComment-488135 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.