shash98 Posted March 16, 2008 Share Posted March 16, 2008 Hi, I've been trying to get a php script to run, its basically a quiz program for college students.. this is the administrator login script called login.php: <?php session_start(); header("Cache-control: private"); if (isset($_POST['uname']) && isset($_POST['passwd']) ) { $_SESSION['uname']=$_POST['uname']; $_SESSION['passwd']=$_POST['passwd']; $_SESSION['stat']=""; } @include("function.php"); if (!check() || $_POST['uname']!='root') { header("Location: admin.htm"); session_destroy(); exit; } else { print "<html><title>Welcome ".$_SESSION['fname']."</title>"; // The frames begin from here. print <<<EndCode <frameset cols="250,*" border="0"> <frame name="contents" target="main" src="lefta.php" scrolling="auto" noresize> <frame name="main" src="righta.php"> </frameset> EndCode; print "</html>"; } ?> i have created a root user in the mysql database, the above script populates a page called admin.htm, the problem is that whenever i give it the login values for the mysql db i've created and hit the "Go" button, the page just refreshes once.. it does'nt display the admin.htm page like it should.. .. here's the code for function.php <?php // this is my library of functions // to include this library use ~11..@include("../function.php");..11~ // User authentication is done by the following function function check() { /*session_start(); header("Cache-control: private");*/ if (isset($_SESSION['uname']) && isset($_SESSION['passwd']) ) { if (isset($_SESSION['stat']) && $_SESSION['stat']=='ok') { return true; } $conn = mysql_connect("localhost", "universal", "acumen"); if (mysql_errno()) { return false; } $selected = mysql_select_db("exam", $conn); if (mysql_errno()) { return false; } $result=mysql_query("select * from user where uname='".$_SESSION['uname']."' and password=password('".$_SESSION['passwd']."')"); if (mysql_num_rows($result)) { $name_row = mysql_fetch_row($result); $_SESSION['fname']=$name_row[1]; $_SESSION['stat']='ok'; return true; } return false; } else { return false; } } $len=strlen($text); $new=""; for ($i=0;$i<$len;$i++) { if ($text{$i}=='\\') { $new=$new.'\\\\'; } else if ($text{$i}=='\'') { $new=$new.'\\\''; } else $new=$new.$text{$i}; } return $new; } ?> could anyone please tell me why the page just refreshes without logging in and displaying the admin.htm page?? Quote Link to comment Share on other sites More sharing options...
BlueSkyIS Posted March 16, 2008 Share Posted March 16, 2008 probably because this is never true: if (!check() || $_POST['uname']!='root') { Also, you probably don't want to do a session_destroy(), even though it is after the header and therefore technically should never be executed. Quote Link to comment Share on other sites More sharing options...
shash98 Posted March 16, 2008 Author Share Posted March 16, 2008 so can u plz guide me where i am goin wrong and tell me the correct path? actually i made a code called make.php and using that code the database is automatically created.. i use xampp and inorder to login in the make.php page, we should enter the username and password of admin(which is mysql) i created a new user with the help of root usrname and named it as "universal" and the password i gave is "acumen". So i login as universal and acumen as my username and password. The following page i get is LOGIN SUCCESSFUL AND DATABASE CREATED SUCCESSFULLY. The code for make.php is as follows ----------------------------------------------------------------------------------------------------- Code-: <?php // Only the administrator is allowed to execute this script!!! // Here I am going to create the databases and the tables // A universal user will also be created. $ppp=<<<EndCode <html> <head> <title>Administrator</title> <script language="JavaScript"> function start() { login.uname.focus(); } function doSubmit() { // form validation Script if (login.uname.value=="" || login.passwd.value=="") { alert("Please enter valid data."); return false; } document.login.submit(); } </script> </head> <body onLoad="start()"> <form action="make.php" method="post" name="login"> <center> <table cellspacing="0" cellpadding="5" border="0" width="245" align="right"> <tr> <td colspan="2" bgcolor="#99CCFF"><B><font color="#800000">Login Administrator</font></B></td> </tr> <tr> <td bgcolor="#C0C0C0" width="64"><font color="#800000">Username:</font></td> <td bgcolor="#C0C0C0" width="181"><input type="text" name="uname" size="22"></td> </tr> <tr> <td bgcolor="#C0C0C0" width="64"><font color="#800000">Password:</font></td> <td bgcolor="#C0C0C0" width="181"> <input type="password" name="passwd" size="15" maxlength="10"> <input type="submit" value="Go" onClick="return doSubmit()"></td> </tr> </table> </center> </form> </body> EndCode; ?> <?php if (isset($_POST['uname']) && isset($_POST['passwd'])) { if ($_POST['uname']=="universal") { // if administrator, then create databases and users // . $conn = mysql_connect("localhost", $_POST['uname'], $_POST['passwd']) or die("Could not connect to MySQL.<br>"); print "<h1><I>Login Successful</I></h1>"; if ( !mysql_query("create database exam", $conn)) { echo "Error...<br>".mysql_error(); // print existing database configurations & create new user // because database is already present mysql_query("GRANT ALL PRIVILEGES on exam.* TO universal@localhost IDENTIFIED BY 'acumen';"); $selected = mysql_select_db("exam", $conn) or die("Could not select database."); $result = mysql_query("show tables", $conn); print "<br><br><hr><table BORDER=1>"; print "<tr><td>Tables</td></tr>"; while ($name_row = mysql_fetch_row($result)) { echo "<TR>"; echo "<TD>",$name_row[0],"</TD>"; echo "</TR>"; } print "</table><hr>"; print "User name: universal<br>"; echo "<br><I>Closing...</I>"; mysql_close($conn); exit; } else { $selected = mysql_select_db("exam", $conn) or die("Could not select database."); // Once the database is selected...create the tables. // 'Info' table will describe all the tables in database exam // Table 'user' for users and their passwords // Table 'pques' is properties of question papers // Table 'result' for storing results of students // Table 'running' will show how many exams are currently running mysql_query("create table info (tname varchar(30) NOT NULL,tinfo varchar(50) NOT NULL,ttype varchar(30) NOT NULL,primary key(tname))",$conn); mysql_query("create table user (uname varchar(30) NOT NULL,fname varchar(50) NOT NULL,password varchar(20) NOT NULL, primary key(uname))",$conn); mysql_query("insert into user values ('root','admin',password('".$_POST['passwd']."'))"); mysql_query("insert into info values ('info','System information','admin')"); mysql_query("insert into info values ('user','User information','admin')"); mysql_query("GRANT ALL PRIVILEGES on exam.* TO universal@localhost IDENTIFIED BY 'acumen';"); mysql_query("insert into user values ('universal','Normal Usr',password('acumen'))"); mysql_query("create table pques (qcode varchar(30) NOT NULL,sub varchar(30) NOT NULL,qneg float NOT NULL,qtime int(4) NOT NULL,qnos int(4) NOT NULL,qinst text, primary key(qcode))",$conn); mysql_query("insert into info values ('pques','Question Format & Properties','admin')"); mysql_query("create table result (qcode varchar(30) NOT NULL,sid varchar(10) NOT NULL, sname varchar(50),marks float, time datetime, sta int(2) NOT NULL,primary key(qcode,sid))",$conn); mysql_query("insert into info values ('result','Results Table','admin')",$conn); mysql_query("create table running (qcode varchar(30) NOT NULL, primary key(qcode))",$conn); mysql_query("insert into info values ('running','Running Examinations','admin')"); print "<html><title>Make Successful</title>"; print "<h1>Database and Tables Created. <br> Please don't run it again.</h1>"; $result = mysql_query("show tables", $conn); print "<br><br><hr><table BORDER=1>"; print "<tr><td>Tables</td></tr>"; while ($name_row = mysql_fetch_row($result)) { echo "<TR>"; echo "<TD>",$name_row[0],"</TD>"; echo "</TR>"; } print "</table><hr>"; print "User name: universal<br>"; print "</html>"; mysql_close($conn); } } else { print "<font color=\"#FF0000\"><h1>Log in Unsucessful.</h1></font>"; print $ppp; } } else { print $ppp; } ?> Ihav no problems with this code.... The next thing to be done is login as a user and this is the code for that ----------------------------------------------------------------------------------------------------- Code-: <?php session_start(); header("Cache-control: private"); if (isset($_POST['uname']) && isset($_POST['passwd']) ) { $_SESSION['uname']=$_POST['uname']; $_SESSION['passwd']=$_POST['passwd']; } @include("function.php"); if (!check()) { header("Location: index.htm"); session_destroy(); exit; } else { print "<html><title>Welcome ".$_SESSION['fname']."</title>"; // The frames begin from here. Page for users. left frame is content page // The output will be shown in the main frame print <<<EndCode <frameset cols="200,*" border="0"> <frame name="contents" target="main" src="left.php" scrolling="auto" noresize> <frame name="main" src="right.php"> </frameset> EndCode; print "</html>"; } ?> Now in this code i am not able to find what username and password i should enter coz it doesnt do anything other than just refresh without giving the output....and also logina.php is also having the same problem... plz guide me in this regard as i am not able to figure out wat username and password should b entered so tht it navigates to the other page.... The code is correct though as far as i am concerned Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.