|
PHP - Closing My Greybox After Login
Hi,
I wonder if there is any simple solution for the following. I have a login script (existing script modified for my site) that pops up in greybox (found at: orangoo.com/labs/GreyBox/). When clicked on Login a function is called which checks if the login is correct an then goes to a page. This is written in PHP. To refer to an page the following code is used => header ("Location: index.php"); This is working but off course the referral page is opened inside the greybox. I would like the greybox to close and the index.php page to reload. You can see what I'm trying on www.mypersonalad.org click "Aanmelden" in the upper left corner. Login: "testing" pass: "test". Please don't hack I have only heard about injection and have no protection for the moment. That's for later. I've tried adding code like this in php => header("Location: index.php onclick=\"parent.parent.GB_hide();\""); But that is not working. My thoughts are that I should check in my login page (the one in greybox) if the user is already logged in. If he is logged in give a message like: "You are now logged in. This page closes automatically in 2 seconds". But I don't know how to do this. Any help please? Similar TutorialsHi Guys, I have the following $pattern = '<tr class="newsitem">'; when I echo this out it produces <tr class="newsitem"> </tr> Why is it automatically closing the tag? I dont want this becuase i'm using preg_replace and the tag is closed elsewhere already on the page. I was curious.. I read that after using a PDO connection you should set the object to null to close it out. In this instance: Code: [Select] function IsOwner($regionid, $user) { global $Username, $SQL_Server, $SQL_User, $SQL_Pass; $pdo = new PDO("mysql:host=$SQL_Server;dbname=$SQL_Database", $SQL_User, $SQL_Pass); $sql = $pdo->prepare("SELECT count(region_id) FROM region_players WHERE region_id = ? AND user_id = ? AND owner = 1"); $sql->execute(array($regionid, $user)); if ($sql->rowCount() == 0) { return false; } else { return true; } $pdo = null; } Since the return is called prior to the nulling, does it leave a connection hanging or does PHP do some sort of auto-closeout when a function ends? Should I instead be doing: Code: [Select] function IsOwner($regionid, $user) { global $Username, $SQL_Server, $SQL_User, $SQL_Pass; $ownerstatus = false; $pdo = new PDO("mysql:host=$SQL_Server;dbname=$SQL_Database", $SQL_User, $SQL_Pass); $sql = $pdo->prepare("SELECT count(region_id) FROM region_players WHERE region_id = ? AND user_id = ? AND owner = 1"); $sql->execute(array($regionid, $user)); if ($sql->rowCount() > 0) $ownerstatus = true; $pdo = null; return $ownerstatus; } ? Hello, I'm working on a page where users can add articles by writing text in textareas with a WYSIWYG editor. When they submit the form it's saved in a database. As a summary of the article i grab the first 800 characters of the article, but as you could imagine there might occur html tags like <div> or <span> in the summary which are not closed. To prevent this from ruining my page layout when their articles are posted on the wegbsite I could use strip_tags but I'd like to keep the format, also this would delete images. I couldn't think of another solution then a function which checks for open tags and if so; add closing tags at the end of the summary. I already made a similar function a while back, but that one only checks for <div> and <span>, as those are the worst.. The nasty part is that I kind of deleted that function accidentally, and I can't fully remember how I wrote that.. So what I would like to have is a function that checks for all unclosed html tags and add the associated closing tags, in the right order, at the end of the summary. Any help getting on the right track is appreciated. Hi Have an issue with a script that connects to multiple Access databases to extract data. There is one master database and then numerous small databases (I take no responsibility for the design!). The master is opened and then the sub databases are looped around, opened process and closed in turn. However after about 20 connections I get the error [ODBC Microsoft Access Driver] Too many client tasks for any new connections. It is related to the number of connections rather than the number of operations on databases (ie, if I comment out one of the pieces of SQL run on each database it makes no difference). I am closing the connection and unsetting the variable that stores the connection. As such there shouldn't be an excess of connections open at any one time. Any suggestions? All the best Keith There are no opening and closing tags in the code example of the file PostsController.php in this tutorial:
http://book.cakephp....g/part-two.html
Should I always use opening and closing PHP tags throughout with CakePHP? Hello fellow coders!
We are looking for an experienced developer to make a custom rating hook voor IP Board (invision Power).
We have a few requirements. One of them is that you are based in the EU (and under circumstances US based).
If this sounds interesting to you, please have a look at the requirements, some additional info and the application form here.
Thanks in advanced!
We aim to close the application period on February 1th.
Edited by cssfreakie2, 16 January 2015 - 03:36 PM. Hi, i m playing arround with php sessions and just started afew testing on it (i never actually used them so i m discovering something new) and i would like to know how can you terminate an PHP Session without closing your browser. For testing i did this small code, just to see the behavior: Code: [Select] <?php session_start(); $id = session_id(); echo $id; session_unset(); session_destroy(); ?> The code above seens only to kill the $_SESSION's variables but what i would like is to Kill the PHPSESSID cookie/session cookie. is there anyway you can achive that? thanks in advance Hi there I have been working on a login PHP script and had it working until I made so change late at night and forgot to back it up. The script uses PHP and Javascript as well as a Mysql database. The problem I am having is with the session closing unexpectedly when I go to enter the profile (or any other button placed after the login). It is rather hard to explain so here is the code [syntax=php]<?php //login php script include_once 'rnfunctions.php'; $theaction='index14.php'; function destroySession() { $_SESSION=array(); if ((session_id() != '') || isset($_COOKIE[session_name()])){ setcookie(session_name(),'', time()-2592000,'/'); session_destroy(); } } function startsessions($user,$pass,$theaction) { session_start(); session_name($user); $_SESSION['user'] = $user; $_SESSION['pass'] = $pass; $theuser =($_SESSION['user']); echo "You are now logged in as $theuser"; } function loggedin($theaction) { echo <<<_END <table> <tr> <td> <form name="myform" method='post' action='$theaction'> <input type='hidden' name='logout'value='logout' /> <a href="#" onMouseDown="submitform(0);">logout</a> | </form> </td> <td> <form name="myform2" method='post' action='$theaction'> <input type='hidden' name='profile'value='profile' /> <a href="#" onMouseDown="submitform(2);">profile</a> | </form> </td> <td> <form name="myform3" method='post' action='$theaction'> <input type='hidden' name='unregister'value='unregister' /> <a href="#" onMouseDown="submitform(3);">unregister</a> </form> </td> </tr> </table> _END; } function loginform($theaction) { echo <<<_END <table border="0"> <tr> <form name="myform" method='post' action='$theaction'> <td>Username-> </td><td> <input type='text' STYLE="color: #FFFFFF; font-family: Verdana; font-size: 12px; background-color: #1BCE11;" id ='password' id='username' size='12' maxlength='16' name='user' value='user' /></td> </tr> <tr> <td>Password-> </td><td> <input type='text' STYLE="color: #FFFFFF; font-family: Verdana; font-size: 12px; background-color: #1BCE11;" id ='password' size='12' maxlength='16' name='pass' value='pass' /></td> </tr> <tr> <td colspan="2"><a href="#" onMouseDown="submitform(0);">login</a></td> </form> </tr><tr><td colspan="2"> <form name="myform2" method='post' action='$theaction'> <input type='hidden' name='register'value='register' /> <a href="#" onMouseDown="submitform(2);">register</a> </form></td></tr> <tr><td colspan="2"> <form name="myform3" method='post' action='$theaction'> <input type='hidden' name='reset'value='reset' /> <a href="#" onMouseDown="submitform(3);">reset password</a></td> </tr> </table> _END; } function regform($theaction) { echo <<<_END <table border="0"> <tr> <form name="myform" method='post' action='$theaction'> <td>Username-> </td><td> <input type='text'STYLE="color: #FFFFFF; font-family: Verdana; font-size: 12px; background-color: #1BCE11;" size='12' maxlength='16' name='username' value='username' onBlur='checkUser(this)'/></td> </tr> <tr> <td>Password-> </td><td> <input type='password' STYLE="color: #FFFFFF; font-family: Verdana; font-size: 12px; background-color: #1BCE11;" size='12' maxlength='16' name='password' value='password' onBlur='checkpass(this)'/></td> </tr> <tr> <td>Email-> </td><td> <input type='text' STYLE="color: #FFFFFF; font-family: Verdana; font-size: 12px; background-color: #1BCE11;"size='12' maxlength='30' name='email' value='email' onBlur='checkEmail(this)'/></td> </tr> <tr> <td colspan="2"><a href="#" onMouseDown="submitform(0);">register</a> </form></td></tr><tr> <td colspan="2"> <form name="myform2" method='post' action='$theaction'> <input type='hidden' name='login'value='login' /> <a href="#" onMouseDown="submitform(2);">login</a> </form> </td> </tr> </table> <span id='logtext'></span> _END; } function retlogin($theaction) { echo <<<_END <form name="myform" method='post' action='$theaction'> <input type='hidden' name='login'value='login' /> <a href="#" onMouseDown="submitform(0);">back to login</a> </form> _END; } function resetform($theaction) { echo <<<_END <table border="0"> <tr> <form name="myform" method='post' action='$theaction'> <td>Enter New Password-> </td><td> <input type='password' STYLE="color: #FFFFFF; font-family: Verdana; font-size: 12px; background-color: #1BCE11;"size='12' maxlength='16' name='password1' value='password1' onBlur='checkpass(this)'/></td> </tr> <tr> <td>Email-> </td><td> <input type='text' STYLE="color: #FFFFFF; font-family: Verdana; font-size: 12px; background-color: #1BCE11;" id ='password' size='12' maxlength='30' name='email' value='email'onBlur='checkreset(this)'/></td> </tr> <tr> <td colspan="2"><a href="#" onMouseDown="submitform(0);">reset password</a> </form></td></tr><tr> <td colspan="2"> <form name="myform2" method='post' action='$theaction'> <input type='hidden' name='login'value='login' /> <a href="#" onMouseDown="submitform(2);">back to login</a> </form> </td> </tr> </table> <span id='logtext'></span> _END; } if (isset($_POST['login'])) { loginform($theaction); } elseif (isset($_POST['logout'])) { echo "you have logged out"; destroySession(); loginform($theaction); } //recieve reset password call elseif (isset($_POST['reset'])) { resetform($theaction); } //recieve reset password info elseif (isset($_POST['password1'])) { $theemail = $_POST['email']; $newpass = $_POST['password1']; //salt hash password for replacement $newpass = encriptpass($newpass); $query = "SELECT * FROM users WHERE email='$theemail'"; if (mysql_num_rows(queryMysql($query)) == 0) { echo "Email invalid please register<br />"; regform($theaction); } else { $message = validate_password($newpass); if ($message =="") { $regaddress = "http://www.imandanband.com.resetpass.php?newpass=".$newpass."&email=".$theemail; $to = $theemail; $subject = "Reset password at Imandan"; $body = "Hi there,\n\nYou have requested to reset your password to $newpass.\n\nPlease click the following link to validate your new password\n\n$regaddress or ignore this message if it has been sent in error"; if (mail($to, $subject, $body)) { echo("Message successfully sent! Go to your email to validate your new password"); retlogin($theaction); } else { echo("Message delivery failed...You must enter a valid email address"); } } } } elseif (isset($_POST['user'])) { $user = sanitizeString($_POST['user']); $pass = sanitizeString($_POST['pass']); $pass = encriptpass($pass); if ($user == "" || $pass == "") { $error = "Not all fields were entered<br />"; } else { $query = "SELECT user, pass FROM users WHERE user='$user' AND pass ='$pass'"; if (mysql_num_rows(queryMysql($query)) == 0) { echo "Username/Password invalid<br />"; loginform($theaction); } else { startsessions($user,$pass,$theaction); showprofile(); } } Hi there I have been working on a login PHP script and had it working until I made so change late at night and forgot to back it up. The script uses PHP and Javascript as well as a Mysql database. The problem I am having is with the session closing unexpectedly when I go to enter the profile (or any other button placed after the login). It is rather hard to explain so here is the PHP code <?php //login php script include_once 'rnfunctions.php'; $theaction='index14.php'; function destroySession() { $_SESSION=array(); if ((session_id() != '') || isset($_COOKIE[session_name()])){ setcookie(session_name(),'', time()-2592000,'/'); [color=#FFBF40]session_destroy();[/color] } } function startsessions($user,$pass,$theaction) { session_start(); session_name($user); $_SESSION['user'] = $user; $_SESSION['pass'] = $pass; $theuser =($_SESSION['user']); echo "You are now logged in as $theuser"; } function loggedin($theaction) { echo <<<_END <table> <tr> <td> <form name="myform" method='post' action='$theaction'> <input type='hidden' name='logout'value='logout' /> <a href="#" onMouseDown="submitform(0);">logout</a> | </form> </td> <td> ////////////////////here is the problem point//////////////////////////////////// <form name="myform2" method='post' action='$theaction'> <input type='hidden' name='profile'value='profile' /> <a href="#" onMouseDown="submitform(2);">profile</a> | </form> /////////////////////////////////////////////////////////////////////////////////// </td> <td> <form name="myform3" method='post' action='$theaction'> <input type='hidden' name='unregister'value='unregister' /> <a href="#" onMouseDown="submitform(3);">unregister</a> </form> </td> </tr> </table> _END; } function loginform($theaction) { echo <<<_END <table border="0"> <tr> <form name="myform" method='post' action='$theaction'> <td>Username-> </td><td> <input type='text' STYLE="color: #FFFFFF; font-family: Verdana; font-size: 12px; background-color: #1BCE11;" id ='password' id='username' size='12' maxlength='16' name='user' value='user' /></td> </tr> <tr> <td>Password-> </td><td> <input type='text' STYLE="color: #FFFFFF; font-family: Verdana; font-size: 12px; background-color: #1BCE11;" id ='password' size='12' maxlength='16' name='pass' value='pass' /></td> </tr> <tr> <td colspan="2"><a href="#" onMouseDown="submitform(0);">login</a></td> </form> </tr><tr><td colspan="2"> <form name="myform2" method='post' action='$theaction'> <input type='hidden' name='register'value='register' /> <a href="#" onMouseDown="submitform(2);">register</a> </form></td></tr> <tr><td colspan="2"> <form name="myform3" method='post' action='$theaction'> <input type='hidden' name='reset'value='reset' /> <a href="#" onMouseDown="submitform(3);">reset password</a></td> </tr> </table> _END; } function regform($theaction) { echo <<<_END <table border="0"> <tr> <form name="myform" method='post' action='$theaction'> <td>Username-> </td><td> <input type='text'STYLE="color: #FFFFFF; font-family: Verdana; font-size: 12px; background-color: #1BCE11;" size='12' maxlength='16' name='username' value='username' onBlur='checkUser(this)'/></td> </tr> <tr> <td>Password-> </td><td> <input type='password' STYLE="color: #FFFFFF; font-family: Verdana; font-size: 12px; background-color: #1BCE11;" size='12' maxlength='16' name='password' value='password' onBlur='checkpass(this)'/></td> </tr> <tr> <td>Email-> </td><td> <input type='text' STYLE="color: #FFFFFF; font-family: Verdana; font-size: 12px; background-color: #1BCE11;"size='12' maxlength='30' name='email' value='email' onBlur='checkEmail(this)'/></td> </tr> <tr> <td colspan="2"><a href="#" onMouseDown="submitform(0);">register</a> </form></td></tr><tr> <td colspan="2"> <form name="myform2" method='post' action='$theaction'> <input type='hidden' name='login'value='login' /> <a href="#" onMouseDown="submitform(2);">login</a> </form> </td> </tr> </table> <span id='logtext'></span> _END; } function retlogin($theaction) { echo <<<_END <form name="myform" method='post' action='$theaction'> <input type='hidden' name='login'value='login' /> <a href="#" onMouseDown="submitform(0);">back to login</a> </form> _END; } function resetform($theaction) { echo <<<_END <table border="0"> <tr> <form name="myform" method='post' action='$theaction'> <td>Enter New Password-> </td><td> <input type='password' STYLE="color: #FFFFFF; font-family: Verdana; font-size: 12px; background-color: #1BCE11;"size='12' maxlength='16' name='password1' value='password1' onBlur='checkpass(this)'/></td> </tr> <tr> <td>Email-> </td><td> <input type='text' STYLE="color: #FFFFFF; font-family: Verdana; font-size: 12px; background-color: #1BCE11;" id ='password' size='12' maxlength='30' name='email' value='email'onBlur='checkreset(this)'/></td> </tr> <tr> <td colspan="2"><a href="#" onMouseDown="submitform(0);">reset password</a> </form></td></tr><tr> <td colspan="2"> <form name="myform2" method='post' action='$theaction'> <input type='hidden' name='login'value='login' /> <a href="#" onMouseDown="submitform(2);">back to login</a> </form> </td> </tr> </table> <span id='logtext'></span> _END; } if (isset($_POST['login'])) { loginform($theaction); } elseif (isset($_POST['logout'])) { echo "you have logged out"; [color=#FFBF40]destroySession();[/color] loginform($theaction); } //recieve reset password call elseif (isset($_POST['reset'])) { resetform($theaction); } //recieve reset password info elseif (isset($_POST['password1'])) { $theemail = $_POST['email']; $newpass = $_POST['password1']; //salt hash password for replacement $newpass = encriptpass($newpass); $query = "SELECT * FROM users WHERE email='$theemail'"; if (mysql_num_rows(queryMysql($query)) == 0) { echo "Email invalid please register<br />"; regform($theaction); } else { $message = validate_password($newpass); if ($message =="") { $regaddress = "http://www.imandanband.com.resetpass.php?newpass=".$newpass."&email=".$theemail; $to = $theemail; $subject = "Reset password at Imandan"; $body = "Hi there,\n\nYou have requested to reset your password to $newpass.\n\nPlease click the following link to validate your new password\n\n$regaddress or ignore this message if it has been sent in error"; if (mail($to, $subject, $body)) { echo("Message successfully sent! Go to your email to validate your new password"); retlogin($theaction); } else { echo("Message delivery failed...You must enter a valid email address"); } } } } elseif (isset($_POST['user'])) { $user = sanitizeString($_POST['user']); $pass = sanitizeString($_POST['pass']); $pass = encriptpass($pass); if ($user == "" || $pass == "") { $error = "Not all fields were entered<br />"; } else { $query = "SELECT user, pass FROM users WHERE user='$user' AND pass ='$pass'"; if (mysql_num_rows(queryMysql($query)) == 0) { echo "Username/Password invalid<br />"; loginform($theaction); } else { startsessions($user,$pass,$theaction); showprofile(); } } } else{ loginform($theaction); } The code that is marked is where I have the problem. It calls a javascript function to submit the form. The javascript function is as follows Code: [Select] function submitform(num) { if (num == 2) { document.myform2.submit(); return 1; } if (num == 3) { document.myform3.submit(); return 1; } if (num == 4) { document.myform4.submit(); return 1; } if (num == 5) { document.myform5.submit(); return 1; } if (num == 6) { document.myform6.submit(); return 1; } else { document.myform.submit(); return 1; } }I can log in though when I go to enter the profile the $_SESSION['user'] is gone and I am logged out. I just can't seem to track down the problem and it is frustrating the heck out of me. If anyone has any ideas PLEASE help! I'm reading over this book and I came across something that looked very odd:
public function DisplayHeader()
{
?>
<table width="100%" cellpadding="12"
cellspacing="0" border="0">
<tr bgcolor ="black">
<td align ="left"><img src = "logo.gif" /></td>
<td>
<h1>TLA Consulting Pty Ltd</h1>
</td>
<td align ="right"><img src = "logo.gif" /></td>
</tr>
</table>
<?php
}
In the function it closes a php tag, uses raw html that is rendered as is on the page, and then returns back to opening the php tag. I understand why it is being done. It is easier to write raw html here than to echo it in a php block, but it just looks odd. Anyone actually use this technique?
hi i need help an idea how can i separate members from admins since i dont know how to create login form i used tutorial ( http://www.youtube.com/watch?v=4oSCuEtxRK8 ) (its session login form only that i made it work other tutorials wre too old or something) how what i want to do is separate members and admins because admin need more rights to do now i have idea but dont know will it work like that what i want to do is create additional row in table named it flag and create 0 (inactive user) 1 (member) 2 (admin) will that work? and how can i create different navigation bars for users and admins? do you recommend that i use different folders to create it or just script based on session and flag? Hello guys, Is there on web any updated tutorial on how can I add Facebook login on my simple php login script? Hi guys. What I want to create is really complicated. Well I have a login system that works with post on an external website. I have my own website, but they do not give me access to the database for security reasons, therefore I have to use their login system to verify my users. What their website does is that it has a post, with username and password. The POST website is lets say "https://www.example.com/login". If login is achieved (i.e. username and password are correct), it will redirect me to "https://www.example.com/login/success" else it will redirect me to "https://www.example.com/login/retry". So I want a PHP script that will do that post, and then according to the redirected website address it will return me TRUE for success, FALSE for not successful login. Any idea?? Thanks How to add the ability to login with username or email for login?
<?php
ob_start();
include('../header.php');
include_once("../db_connect.php");
session_start();
if(isset($_SESSION['user_id'])!="") {
header("Location: ../dashboard");
}
if (isset($_POST['login'])) {
$email = mysqli_real_escape_string($conn, $_POST['email']);
$password = mysqli_real_escape_string($conn, $_POST['password']);
$result = mysqli_query($conn, "SELECT * FROM users WHERE email = '" . $email. "' and pass = '" . md5($password). "'");
if ($row = mysqli_fetch_array($result)) {
$_SESSION['user_id'] = $row['uid'];
$_SESSION['user_name'] = $row['user'];
$_SESSION['user_email'] = $row['email'];
header("Location: ../dashboard");
} else {
$error_message = "Incorrect Email or Password!!!";
}
}
?>
Hi guys, Can anyone assist me. I am trying to create a login for admin and user (if user not a member click register link) below is my code: But whenever I enter the value as: Username: admin Password:123 - I got an error message "That user does not exist!" Any suggestion and help would be appreciated. Thanks. login.php <?php //Assigned varibale $error_msg as empty //$error_msg = ""; session_start(); $error_msg = ""; if (isset($_POST['submit'])) { if ($a_username = "admin" && $a_password = "123") { //Define $_POST from form text feilds $username = $_POST['username']; $password = $_POST['password']; //Add some stripslashes $username = stripslashes($username); $password = stripslashes($password); //Check if usernmae and password is good, if it is it will start session if ($username == $a_username && $password == $a_password) { session_start(); $_SESSION['session_logged'] = 'true'; $_SESSION['session_username'] = $username; //Redirect to admin page header("Location: admin_area.php"); } } $username = (isset($_POST['username'])) ? $_POST['username'] : ''; $password = (isset($_POST['password'])) ? $_POST['password'] : ''; if($username && $password) { $connect = mysql_connect("localhost", "root", "") or die ("Couldn't connect!"); mysql_select_db("friendsdb") or die ("Couldn't find the DB"); $query = mysql_query ("SELECT * FROM `user` WHERE username = '$username'"); $numrows = mysql_num_rows($query); if ($numrows != 0){ while ($row = mysql_fetch_array($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } //Check to see if they are match! if ($username == $dbusername && md5($password) == $dbpassword) { header ("Location: user_area.php"); $_SESSION['username'] = $username; } else $error_msg = "Incorrect password!"; //code of login }else $error_msg = "That user does not exist!"; //echo $numrows; } else $error_msg = "Please enter a username and password!"; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Login Page</title> </head> <body> <br /> <?php require "header.php"; ?><br /> <div align="center"> <table width="200" border="1"> <?php // If $error_msg not equal to emtpy then display error message if($error_msg!="") echo "<div id=\"error_message\"style=\"color:red; \">$error_msg</div><br />";?> <form action="<?php echo $_SERVER['PHP_SELF'];?>" method="post"> <!--form action="login_a.php" method="post"--> Username: <input type="text" name="username" /><br /><br /> Password: <input type="password" name="password" /><br /><br /> <input type="submit" name = "submit" value="Log in" /> </form> <p> </p> Register a <a href="register.php">New User</a> </table> </div> </body> </html> Hi everyone i wonder if you can help me he I need a script for a login and check login- create cookie. Here is my form: <form method="post" action="check_login.php"> <p> <input type="submit" name="Submit2" value="go" /> </fieldset> </p> </form> that sends it to check_login (which BEFORE i deleted something by accident, used to take me to a username and password box) But now all it does is send me straight to the memebrs area??? Can i change the check_login.php script to make it work correctly: Code: [Select] <?php // Connects to your Database mysql_connect("server", "user", "password") or die(mysql_error()); mysql_select_db("DB") or die(mysql_error()); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $username = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['upassword']) { } else { header("Location: members_area.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['username'] | !$_POST['upassword']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>'); } while($info = mysql_fetch_array( $check )) { $_POST['upassword'] = stripslashes($_POST['upassword']); $info['upassword'] = stripslashes($info['upassword']); $_POST['upassword'] = md5($_POST['upassword']); //gives error if the password is wrong if ($_POST['upassword'] != $info['upassword']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['upassword'], $hour); //then redirect them to the members area header("Location: members_area.php"); } } } else { // if they are not logged in ?> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table width="316" height="120" border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="upassword" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> <?php } ?> Hello, I am once again desperately asking for your help, I am working on a simple login page and I am having trouble actually getting it to login. I display error messages for if the user doesn't enter anything but I can't seem to get it to work for if the credentials are wrong. It logs the user in whether the information is right or not and i dont even know what to do now
This is the code any suggestions would be greatly appreciated
<?php
/*
Name: Deanna Slotegraaf
Course Code: WEBD3201
Date: 2020-09-22
*/
$file = "sign-in.php";
$date = "2020-09-22";
$title = "WEBD3201 Login Page";
$description = "This page was created for WEBD3201 as a login page for a real estate website";
$banner = "Login Page";
require 'header.php';
$error = "";
if($_SERVER["REQUEST_METHOD"] == "GET")
{
$username = "";
$password = "";
$lastaccess = "";
$error = "";
$result = "";
$validUser = "";
}
else if($_SERVER["REQUEST_METHOD"] == "POST")
{
$conn;
$username = trim($_POST['username']); //Remove trailing white space
$password = trim($_POST['password']); //Remove trailing white space
if (!isset($username) || $username == "") {
$error .= "<br/>Username is required";
}
if (!isset($password) || $password == ""){
$error .= "<br/>Password is required";
}
if ($error == "") {
$password = md5($password);
$query = "SELECT * FROM users WHERE EmailAddress='$username' AND Password='$password'";
$results = pg_query($conn, $query);
//$_SESSION['username'] = $username;
//$_SESSION['success'] = "You are now logged in";
header('location: dashboard.php');
}else {
$error .= "Username and/or Password is incorrect";
}
}
?>
<div class = "form-signin">
<?php
echo "<h2 style='color:red; font-size:20px'>".$error."</h2>";
?>
<form action = "<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<label for="uname"><b>Login ID</b></label>
<input type="text" name="username" value="<?php echo $username; ?>"/>
<br/>
<label for="psw"><b>Password</b></label>
<input type="password" name="password" value="<?php echo $password; ?>"/>
<br/>
<button type="submit" name="login_user">Login</button>
<button type="reset">Reset</button></div>
</form>
</div>
<?php require "footer.php"; ?>
Hi Guys, Im new here, Can someone please help me and tell me why my PHP code isn't working :/ <?php session_start(); $sql = mysql_connect('localhost', 'putwriter_login', 'MyPassHere'); if(!$sql){ die(mysql_error()); } mysql_select_db('putwriter_college'); $user = mysql_real_escape_string($_POST['user']); $pass = mysql_real_escape_string($_POST['password']); $sqlSel = mysql_query("SELECT * FROM `putwriter_college`.`Login` WHERE `EmailAddress`=$user AND `Password`=$pass LIMIT 1;"); while($row = mysql_fetch_assoc($sqlSel)){ echo 'Im probably not here'; if(($row['EmailAddress'] == $user) && ($row['Password'] == $pass)){ $_SESSION['loggedIn'] = md5('someSessId'); echo "<meta http-equiv='refresh' content='2;url=./home.php'>"; }else{ die('FAIL'); } } ?> This is what I get : Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/putwriter/domains/putwriter.co.uk/public_html/login.php on line 16
<html>
<head>
<title>Admin Panel</title>
<style>
body {font-family:verdana; font-size:12; font-weight:bold; color:black; background-color:white}
td {font-family:verdana; font-size:12; font-weight:bold; color:black}
.style1 {
font-size: 12px;
font-weight: bold;
}
</style>
</head>
<body onLoad="document.f1.username1.focus();">
<!-- main table start here -->
<table width=761 height=500 align=center border=0 bordercolor=black cellspacing=0 cellpadding=0>
<tr>
<td align=center>
<!-- second table start here -->
<table width="757" border="0" cellspacing="0" cellpadding="0" height="100%" bgcolor=white>
<tr>
<td align=center>
<form method="post" action="login.php" name="f1">
<table align=center width=400 border=0 bordercolor=black cellspacing=0 cellpadding=5>
<caption align=center><?=$MyError?></center>
<tr bgcolor=#333333>
<td colspan=2 align=center bgcolor="#333333"><span class="style1"><font color="#FFFFFF">Site Admin Login </font></span></td>
</tr>
<tr bgcolor=#77D2FF>
<td bgcolor="#FFFFFF">Username: <font size="1"> </font></td>
<td bgcolor="#FFFFFF"><input type="text" name="username1" maxlength="20"></td>
</tr>
<tr bgcolor=#77D2FF>
<td bgcolor="#FFFFFF">Password: <font size="1"> </font></td>
<td bgcolor="#FFFFFF"><input type="password" name="password1" maxlength="20"></td>
</tr>
</table>
<br>
<center>
<input type="submit" name="s2" value="Login" style="background-color:#6598CD; font-size:11; color:black; font-family:verdana, arial; font-weight:bold; border-width:1; border-color:#333333">
</center>
</form>
</table>
<!-- second table end here -->
</td>
</tr>
</table>
<!-- main table end here -->
<?
require_once("../conn.php");
if(isset($_POST[s2]))
{
$MyUsername1 = strip_tags($_POST[username1]);
$MyPassword1 = strip_tags($_POST[password1]);
if(empty($MyUsername1) || empty($MyPassword1))
{
$MyError = "<center><font color=red size=2 face=verdana><b>All fields are required!</b></font></center>";
}
else
{
//check the login info if exists
$q1 = "select * from re2_admin where AdminID = '$MyUsername1' and AdminPass = '$MyPassword1' ";
$r1 = mysql_query($q1);
if(!$r1)
{
echo mysql_error();
header("Location:error1.php");
exit();
}
else
{
if(mysql_num_rows($r1) == '1')
{
$a1 = mysql_fetch_array($r1);
$_SESSION[AdminID] = $MyUsername1;
$_SESSION[AdminEmail] = $a1[AdminEmail];
$_SESSION[AdminName] = $a1[AdminName];
header("location:index.php");
exit();
}
}
}
}
?>
I have listed the HTML then the PHP. In the actual file, the PHP comes before the HTML.
I have a script I sell over again. I have installed it many times. The script has a 'site admin' backend to manage the site from. The default user and password to login to the script is 'admin.' It works everytime. But I installed it last night for a customer on their host and 'admin' does not work. I checked PHPMyAdmin to see if that was the username/password in there and it is.
I would much appreciate your help in solving this. I am guessing the fact that my script is very old has something to do with it.
I have a user database so members can log in to my site, what I want to do is when they first login, I want a message to pop up for them to confirm they have read something, but once they confirm it has been read I don't want it to pop up anymore after that, how would I do that? Thanks Hi, I want to store login info and create account, but when after I create account, I can't log in, it still displays: "Please register above!" login script: ======== Code: [Select] <html> <head> <title>Login</title> </head> <body> <hr /> <form method="post" action=""> <label>Username:</label> <input type="text" name="username"> <br /> <label>Password:</label> <input type="password" name="password"> <p> <input type="submit" value="Login" name="Login" /> <input type="reset" value="Reset" name="Reset" /> </p> </form> <?php //if username/password filled in and submitted, check db to find match login info if(array_key_exists("Login",$_POST) && !empty($_POST["username"]) && !empty($_POST["password"])) { $attemptedUsername=$_POST["username"]; $attemptedPassword=crypt($_POST["password"]); mysql_connect("localhost","root"); mysql_select_db("dummydpevx"); $getLoginInfoQuery=mysql_query("SELECT userName,userPassword FROM users WHERE userName='$attemptedUsername' AND userPassword='$attemptedPassword'"); $getLoginInfo=mysql_fetch_assoc($getLoginInfoQuery); $getUsername=$getLoginInfo["userName"]; $getPassword=crypt($getLoginInfo["userPassword"]); if($attemptedPassword==$getPassword) { session_start();//NB: Start session BEFORE doing any session stuff! $_SESSION["isAuthenticated"]="userAuthenticated"; header("Location: SecureSite.php"); exit; } else//"Please register above!" print "Please register above!"; } ?> </body> </html> here is register script: =============== Code: [Select] <html> <head> <title>Register</title> </head> <body> <form method="post" action="" > <p>Create a username <input type="text" name="newUsername" size="10" /> </p> <p>Create a password <input type="password" name= "newPassword" size="10" /> </p> <p> <input type="submit" value="Make account now" name="makeAccountSubmit" /> </p> </form> <?php if(array_key_exists("makeAccountSubmit",$_POST) && !empty($_POST["newUsername"]) && !empty($_POST["newPassword"]) ) { //IF username doesn't exist, then store new user login info to db dummydpevx mysql_connect("localhost","root"); mysql_select_db("someDB"); $newUserName=$_POST["newUsername"]; $newPassword=crypt($_POST["newPassword"]); $usernameQuery=mysql_query("SELECT userName FROM users WHERE userName='$newUserName'"); if(mysql_num_rows($usernameQuery)==0) { $makeNewAccountQuery=mysql_query("INSERT INTO users (userName,userPassword) VALUES('$newUserName','$newPassword')"); print "You are now registered, <a href='login.php'>proceed to login</a>"; } //ELSE IF username exists already, "Username already taken, please enter another BUT KEEP IN MIND user can have any passwords (EVEN IDENTICAL ONES b/c doesn't make sense to say password exists (this will help hackers have easier time hacking!) if(mysql_num_rows($usernameQuery)==1) print "Username taken. Please make another one. <br />"; } if(array_key_exists("makeAccountSubmit",$_POST) ) { if(empty($_POST["newUsername"]) && empty($_POST["newPassword"])) print "Please fill in a username and password! <br />"; else if(empty($_POST["newPassword"])) print "Please fill in a password!<br />"; else if(empty($_POST["newUsername"])) print "Please fill in a username! <br />"; } ?> </body> </html> Please I would appreciate any help, thanks! |
|||||||