Login thing...session..

[GameYin]

Ok so I have this register and login script. www.gameyin.com

register.php works perfectly. Does what I asks...login.php will not display a form or anything for that matter...weird. Any help?

login.php

<?

function confirmUser($username, $password){
   global $conn;
   /* Add slashes if necessary (for query) */
   if(!get_magic_quotes_gpc()) {
$username = addslashes($username);
   }

   /* Verify that user is in database */
   $q = "select password from users where username = '$username'";
   $result = mysql_query($q,$conn);
   if(!$result || (mysql_numrows($result) < 1)){
      return 1; //Indicates username failure
   }

   /* Retrieve password from result, strip slashes */
   $dbarray = mysql_fetch_array($result);
   $dbarray['password']  = stripslashes($dbarray['password']);
   $password = stripslashes($password);

   /* Validate that password is correct */
   if($password == $dbarray['password']){
      return 0; //Success! Username and password confirmed
   }
   else{
      return 2; //Indicates password failure
   }
}

function checkLogin(){
   /* Check if user has been remembered */
   if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){
      $_SESSION['username'] = $_COOKIE['cookname'];
      $_SESSION['password'] = $_COOKIE['cookpass'];
   }

   /* Username and password have been set */
   if(isset($_SESSION['username']) && isset($_SESSION['password'])){
      /* Confirm that username and password are valid */
      if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){
         /* Variables are incorrect, user not logged in */
         unset($_SESSION['username']);
         unset($_SESSION['password']);
         return false;
      }
      return true;
   }
   /* User not logged in */
   else{
      return false;
   }
}

/**
* Determines whether or not to display the login
* form or to show the user that he is logged in
* based on if the session variables are set.
*/
function displayLogin(){
   global $logged_in;
   if($logged_in){
      echo "<h1>Logged In!</h1>";
      echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>";
   }
   else{
?>
<html>
<head>
<title>login test</title>
</head>
<body>
<h1>Login</h1>
<form action="" method="post">
<table align="left" border="0" cellspacing="0" cellpadding="3">
<tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr>
<tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr>
<tr><td colspan="2" align="left"><input type="checkbox" name="remember">
<font size="2">Remember me next time</td></tr>
<tr><td colspan="2" align="right"><input type="submit" name="sublogin" value="Login"></td></tr>
<tr><td colspan="2" align="left"><a href="register.php">Join</a></td></tr>
</table>
</form>
</body>
</html>

<?
   }
}

if(isset($_POST['sublogin'])){
   /* Check that all fields were typed in */
   if(!$_POST['user'] || !$_POST['pass']){
      die('You didn\'t fill in a required field.');
   }
   /* Spruce up username, check length */
   $_POST['user'] = trim($_POST['user']);
   if(strlen($_POST['user']) > 30){
      die("Sorry, the username is longer than 30 characters, please shorten it.");
   }

   /* Checks that username is in database and password is correct */
   $md5pass = md5($_POST['pass']);
   $result = confirmUser($_POST['user'], $md5pass);

   /* Check error codes */
   if($result == 1){
      die('That username doesn\'t exist in our database.');
   }
   else if($result == 2){
      die('Incorrect password, please try again.');
   }

   /* Username and password correct, register session variables */
   $_POST['user'] = stripslashes($_POST['user']);
   $_SESSION['username'] = $_POST['user'];
   $_SESSION['password'] = $md5pass;

   if(isset($_POST['remember'])){
      setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
      setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
   }

   /* Quick self-redirect to avoid resending data on refresh */
   echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[php_SELF]\">";
   return;
}

/* Sets the value of the logged_in variable, which can be used in your code */
$logged_in = checkLogin();

?>

 

index.html is supposed to determine whether a user is logged in, and if so, display the logout link and the usercp link. If not logged in the website is supposed to display register.html, but it seems it is displaying all 3. Here is the code I am using for it.

	</div>
   		<div class="tmenu">
<b><a class="add" href="index.html">Home</a></b> 
<a href="store/index.html">Store</a> 
<? 
if($logged_in){ ?>
        <a href="logout.php">Logout</a>
        <a href="usercp/index.html">User CP</a>
<?
}
else{ ?>
        <a href=\"register.php\">Register</a>

}
?>
        <a href="arcade/index.html">Arcade</a>  
<a href="tutorials/index.html">Tutorials</a> 
<a href="forums/index.html">Forums</a>
<a href="webhosting/index.html">Web Hosting</a>  
	</div>

Anybody see what I'm doing wrong?

[GameYin]

Anyone...?

[trq]

I suggest your turn error reporting on. Looks to me like you never close the displayLogin() function. eg; Your missing a }

[GameYin]

How would I do error reporting, and by the looks of it, I did close it. I didn't find a missing }

[Demonic]

error_reporting(E_ALL);

 

At the top of your login page.

[GameYin]

Still nothing happened when I put it at the top.

[revraz]

Maybe it's ignoring the <? shorttags, try <?php instead.

[GameYin]

Tried that too. Nothing has happened. Lets focus on one thing at a time, why won't my session display the logout/usercp link when i use the if statement, and register when it doesnt detect a logged person. It displays all three as of now...Help?