PHP - Login Problem.. :(
Hi, I had my login working and now it has stopped working. Idk why but heres the files:
<?php ob_start(); include 'inc/open.php'; // Define $ip and $password $ip=$_POST['ip']; $password=$_POST['password']; // To protect MySQL injection (more detail about MySQL injection) $ip = stripslashes($ip); $password = stripslashes($password); $ip = mysql_real_escape_string($ip); $password = mysql_real_escape_string($password); $sql="SELECT * FROM status WHERE ip='$ip' and password='$password'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $ip and $password, table row must be 1 row if($count==1){ // Register $ip, $password and redirect to file "login_success.php" session_register("ip"); session_register("password"); header("location:lindex.php"); } else { echo "Wrong ip or Password"; } ob_end_flush(); ?> And then I want my index page to recognize this and do the following: <?php session_start(); include('inc/open.php'); if(session_is_registered('ip')){ echo "<h5><a href='index.php'>Home</a> | <a href='addnew.php'>Add New Sever</a> | <a href='offline.php'>View Offline Servers</a> | <a href='editserver.php'>Server CP</a></h5>"; }else{ echo "<h5><a href='index.php'>Home</a> | <a href='addnew.php'>Add New Sever</a> | <a href='offline.php'>View Offline Servers</a> | <a href='editlogin.php'>Login</a></h5>"; } ?> Thank you. Problem: the login is working and redirecting to index.php however index.php is not recognizing that user is logged on. Similar TutorialsHello All, I have this problem, no matter if I typed the wrong or right email and password, I always get Login failed message here is my code index.php Code: [Select] <td class="white-text">Email: <form name="form1" method="post" action="/admin/Login.php"> <label for="user"></label> <input type="text" name="email" /> </td> </tr> <tr> <td><p><strong class="white-text">Password:</strong></p> <label for="sdf"></label> <input type="password" name="password" /> <p class="sdf"><strong></strong><a href="#" class="white-link-underline"><strong></strong></a> <input type="submit" name="submit" id="submit" value="Submit" /> </p> </form> </td> Login.php Code: [Select] <?php session_start(); $con = mysql_connect("localhost","123","123"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("123", $con); if (isset($_POST['email'])) { $email = mysql_real_escape_string($_POST['email']); $password = mysql_real_escape_string($_POST['password']); //Query $results = mysql_query("SELECT * FROM users WHERE 'email' = '$email' AND password = '$password' "); if(!$result) { $_SESSION['error'] = '<span style="color: red">Login Failed. Email or Password is Incorrect <br/>'; } else { $row = mysql_fetch_assoc($results); $_SESSION['userid'] = $row['id']; $_SESSION['email'] = $email; $_SESSION['error'] = 'Login Successful<br/>. Welcome,'. $email; } mysql_close($con); } header('Location: ./index.php') ?> Hello there, The problem is that my login system isn't consistent. There's an option of staying logged in, and if you check that a cookie gets created with a hash. When you visit the site again, you should be logged in automatically. But the thing is, that when you load the page, you aren't! But after a refresh you are logged in. So I'm guessing a problem in the order of things that get done... Here's the script: Code: [Select] <?php session_start(); if(isset($_COOKIE['LoginCookie'])) { $hash = $_COOKIE['LoginCookie']; mysql_select_db('database'); $sql = "SELECT all the info of the people FROM people WHERE cookie_hash = '".$hash."'"; if($result = mysql_query($sql)) { $row = mysql_fetch_array($result); if(empty($row)) { setcookie('LoginCookie','',time()-3600); } if(mysql_num_rows($result) == 1) { $_SESSION['loggedin'] = true; $_SESSION['loggedinnick'] = $row['nick']; $_SESSION['loggedinvoornaam'] = $row['voornaam']; $_SESSION['loggedinachternaam'] = $row['achternaam']; $_SESSION['loggedinid'] = $row['id']; $_SESSION['loggedintype'] = $row['type']; } } } if(isset($_POST['login'])) { if(empty($_POST['username']) || empty($_POST['wachtwoord'])) { $_SESSION['melding'] = 'ERROR'; header('Location: index.php'); exit(); } $username = CleanMyDirtyData($_POST['username']); $wachtwoord = sha1(CleanMyDirtyData($_POST['wachtwoord'])); mysql_select_db('database'); $sqlmail = mysql_query("SELECT * FROM people WHERE email='$username' AND wachtwoord = '$wachtwoord'"); $sqlnaam = mysql_query("SELECT * FROM people WHERE nick='$username' AND wachtwoord = '$wachtwoord'"); if(mysql_num_rows($sqlmail) == 1 || mysql_num_rows($sqlnaam) == 1) { if(mysql_num_rows($sqlmail) == 1) { $row = mysql_fetch_array($sqlmail); } else { $row = mysql_fetch_array($sqlnaam); } if(isset($_POST['remember'])) { $hash = sha1($username . 'Some secret thingys for your safety'); setcookie('LoginCookie',$hash,time()+30000000); mysql_query("UPDATE leden SET cookie_hash='" . $hash . "' WHERE id='" . $row['id'] . "'")or die(mysql_error()); } $_SESSION['loggedin'] = true; $_SESSION['loggedinnick'] = $row['nick']; $_SESSION['loggedinvoornaam'] = $row['voornaam']; $_SESSION['loggedinachternaam'] = $row['achternaam']; $_SESSION['loggedinid'] = $row['id']; $_SESSION['loggedintype'] = $row['type']; $_SESSION['melding'] = 'You are logged in now.'; } else { $_SESSION['melding'] = 'ERROR'; header('Location: index.php'); exit(); } } So if the checkbox that you want to stay logged in, there is no cookie made but the $_SESSION['loggedin'] is set to true. Throughout the rest of the page, this parameter is used to show either content for guests of private content for people that are logged in. BUT the problem is that if it is checked on the first page load the $_SESSION['loggedin'] doesn't seem to get set even though the cookie is set. Another slight problem with my script is that when a user logs in on another pc, the hash get's changed in the database and the user gets logged out of the site on the previous page. What is the easiest way to do that? And do you guys think this script is safe? Or do you see some holes? Thanks in advance! arbitter login system. why wont it work? Did same thing @ school it worked. this is my action page: <?php ob_start(); $host="host"; // Host name $username="user"; // Mysql username $password="pass"; // Mysql password $db_name="db"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // Define $myusername and $mypassword $myusername=$_POST['myusername']; $mypassword=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $myusername = stripslashes($myusername); $mypassword = stripslashes($mypassword); $myusername = mysql_real_escape_string($myusername); $mypassword = mysql_real_escape_string($mypassword); $sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'"; $result=mysql_query($sql); // Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $myusername and $mypassword, table row must be 1 row if($count==1){ // Register $myusername, $mypassword and redirect to file "users/index.php" session_register("myusername"); session_register("mypassword"); header("location:users/index.php"); } else { echo "Error. Username or password incorrect. Have you <a href='#' onclick='alert()'>registered?</a>"; } ob_end_flush(); ?> It comes up with this error: Warning: session_register() [function.session-register]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\external\index.php:59) in C:\xampp\htdocs\external\action.php on line 32 Warning: session_register() [function.session-register]: Cannot send session cache limiter - headers already sent (output started at C:\xampp\htdocs\external\index.php:59) in C:\xampp\htdocs\external\action.php on line 32 Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\external\index.php:59) in C:\xampp\htdocs\external\action.php on line 34 If you have not registered, please click here Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively in Unknown on line 0 Good day! I have an index.php or a login page.The scenario on my webpage is when i successfully login and i accidentally press the back button the login page appear again and when i try to login again i could login again, which is not good. here is my code: <?php session_start(); if(isset($_SESSION['USER_ID'])){ exit("you can't login in again when your all ready logged!"); } //require_once 'conn.php'; $db_name="dspi"; mysql_connect("localhost", "root", "") or die("Cannot connect to server"); mysql_select_db("$db_name")or die("Cannot select DB"); $department = mysql_real_escape_string($_POST['department']); $username = mysql_real_escape_string($_POST['username']); $sql=mysql_query("SELECT `Department`, `Username` FROM `tbllogin` WHERE `Department` = '{$department}' AND Username = '{$username}'") or die(mysql_error()); $ct = mysql_num_rows($sql); if($ct == 1) { $row = mysql_fetch_assoc($sql); if($row['Department']=='Accounting') { header('location: Company.php'); } elseif($row['Department']=='Engineering') { header('location: Company.php'); } elseif($row['Department']=='Finishing_Goods') { header('location: Company.php'); } elseif($row['Department']=='HRAD') { header('location: Company.php'); } elseif($row['Department']=='MIS') { header('location:Company.php'); } elseif($row['Department']=='Packaging_and_Design') { header('location:Company.php'); } elseif($row['Department']=='Production') { header('location:Company.php'); } elseif($row['Department']=='Purchasing_Logistic') { header('location:Company.php'); } elseif($row['Department']=='QA_and_Technical') { header('location:Company.php'); } elseif($row['Department']=='Supply_Chain') { header('location:Company.php'); } else { header('location:index.php'); echo"Incorrect Username or Department"; } } ?> i want help as i cant find that the reason that why registered members cant login, when user pass entered it does not process any thing any help will be appreciated Code: [Select] <?php session_start(); session_register("id_session"); session_register("password_session"); include "header.php"; include "config.php"; $a=""; $b=""; if ($_POST) { $a=trim($_POST["id"]); $b=trim($_POST["password"]); $a=str_replace("'","",$a); $b=str_replace("'","",$b); $a=str_replace("\"","",$a); $b=str_replace("\"","",$b); } if ($a=="" || $b=="") { if ($_SESSION["id_session"]=="" || $_SESSION["password_session"]=="") { ?> <form action=members.php method=post> <br><br><Center><table><tr><td colspan=2 align=center><h3>Members Login Area</h3></td></tr> <tr><td>Member's ID</td><td><input type=text name=id></td></tr> <tr><td>Password</td><td><input type=password name=password></td></tr> <tr><td> </td><td> <a href="forgot.php" onclick="doexit=false;"><font face="Verdana,Arial,Helvetica" size="1" color="#000000"><b>Forgot Your Password?</b></font></a></td></tr> <tr><td colspan=2 align=center><input type=submit value="Log In"></td></tr> </table></form> <? } else { middle(); } } else { $check=0; $id=$_POST["id"]; $rs = mysql_query("select * from members where ID='$id'"); if ($rs) { $arr=mysql_fetch_array($rs); $n2=$arr['Password']; if ($n2==$b) { $check=1; $_SESSION["id_session"]=$arr[0]; $_SESSION["password_session"]=$arr[9]; middle(); } } if ($check==0) { print "<h2>Invalid User Id or Password</h2>"; ?> <form action=members.php method=post> <br><br><Center><table><tr><td colspan=2 align=center><h3>Members Login Area</h3></td></tr> <tr><td>Member's ID</td><td><input type=text name=id></td></tr> <tr><td>Password</td><td><input type=password name=password></td></tr> <tr><td> </td><td> <a href="forgot.php" onclick="doexit=false;"><font face="Verdana,Arial,Helvetica" size="1" color="#000000"><b>Forgot Your Password?</b></font></a></td></tr> <tr><td colspan=2 align=center><input type=submit value="Log In"></td></tr> </table></form> <? } } function middle() { $id=$_SESSION["id_session"]; $rs = mysql_query("select * from members where ID=$id"); $arr=mysql_fetch_array($rs); $check=1; $id=$arr[0]; $password=$arr[9]; $name=$arr[1]; $address=$arr[2]; $city=$arr[3]; $state=$arr[4]; $zip=$arr[5]; $country=$arr[6]; $phone=$arr[7]; $email=$arr[8]; $password=$b; $paymentoption=$arr[10]; $refby=$arr[11]; $l1=$arr[12]; $l2=$arr[13]; $l3=$arr[14]; $l4=$arr[15]; $l5=$arr[16]; $l6=$arr[17]; $l7=$arr[18]; $l8=$arr[19]; $l9=$arr[20]; $l10=$arr[21]; $leader=$arr[22]; $total=$arr[23]; $unpaid=$arr[24]; $paid=$arr[25]; ?> <table border="0" width="650"> <tr> <td width="150" valign="top"> <table width="140"> <tr> <td align="left"><br><br><br><br> <ul><font face="verdana" size="1"> <a href="stats.php">Statistics</a><br><br> <a href="update_pf.php">Edit Personal Information</a><br><br> <a href="sample_e.php">Referral Code & Links</a><br><br> <a href="logout.php">Logout</a><br><br> </td></tr></table> </td> <td VALIGN="top"> <table> <tr> <td> <font face="verdana" size="3"><b> <p>Account Center</b></font></p> <br> </td> </tr> <tr> <td> <div align="center"> <table border="0" cellpadding="3" cellspacing="0" width="400"> <tr> <td colspan="2"><b> <hr><font face="Verdana, Arial, Helvetica, sans-serif" size="-1"><center> Account Details for <?echo $name;?></font></center></b><hr> </td> </tr> <tr> <td valign="center" align="left"><strong><font face="Verdana" size="-1">Total Commisions Earned: </font></strong><br></td> <td valign="center"> <font face="Verdana" size="-1">$<? echo $total;?></font><br></td> </tr> <tr> <td valign="center" align="left"><strong><font face="Verdana" size="-1">Commisions Due: </font></strong><br></td> <td valign="center"> <font face="Verdana" size="-1">$<? echo $unpaid;?></font><br></td> </tr> <tr> <td valign="center" align="left"><strong><font face="Verdana" size="-1">Commisions Paid: </font></strong><br></td> <td valign="center"> <font face="Verdana" size="-1">$<? echo $paid;?></font><br></td> </tr> <tr> <td valign="center" align="left" colspan=2> </td> </tr> <tr> <td valign="center" align="left"><strong><font face="Verdana" size="-1">Direct Referrals: </font></strong><br></td> <td valign="center"> <font face="Verdana" size="-1"><? $rsd=mysql_query("select * from members where Leader=".$id); echo mysql_num_rows($rsd); ?></font><br></td> </tr> <tr> <td valign="center" align="left" colspan=2> </td> </tr> <tr> <td valign="center" align="left" colspan=2><strong><font face="Verdana" size="3">Downline Information </font></strong><br></td> </tr> <tr> <td valign="center" align="left"><strong><font face="Verdana" size="-1">Total Downline Size: </font></strong><br></td> <td valign="center"> <font face="Verdana" size="-1"><? echo ($l1+$l2+$l3+$l4+$l5+$l6+$l7+$l8+$l9+$l10); ?></font><br></td> </tr> <tr><td colspan=2> <Table width=100%> <tr><td bgcolor=#000000><strong><font face="Verdana" size="-1" color=#ffffff>Level</font></strong></td> <td bgcolor=#000000><strong><font face="Verdana" size="-1" color=#ffffff>Number of Members</font></strong></td> </tr> <? include "config.php"; ?> <? for($i=1;$i<=$levels;$i++) { ?> <tr><td><strong><font face="Verdana" size="-1"><? echo $i; ?></font></strong></td> <td ><font face="Verdana" size="-1"> <? if($i==1) { echo $l1; } elseif($i==2) { echo $l2; } elseif($i==3) { echo $l3; } elseif($i==4) { echo $l4; } elseif($i==5) { echo $l5; } elseif($i==6) { echo $l6; } elseif($i==7) { echo $l7; } elseif($i==8) { echo $l8; } elseif($i==9) { echo $l9; } elseif($i==10) { echo $l10; } ?> </font></td> </tr> <? } ?> </table> </td></tr> <tr><td colspan=4><hr></td><tr> </table> </div> </td> </tr> </table> <font face="verdana" size="3"><b> <p>Download Center</b></font></p> <? include "download.php"; ?> </td> </tr> </table> <br><br> <? } include "footer.php"; ?> edit: added [code][/code] blocks Hi, below is the error and php that i used for my login page.
Error:
Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'ODBC'@'localhost' (using password: NO) in C:\xampp\htdocs\Sportify\admin\checkauthadmin.php on line 11 Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in C:\xampp\htdocs\Sportify\admin\checkauthadmin.php on line 11 Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'ODBC'@'localhost' (using password: NO) in C:\xampp\htdocs\Sportify\admin\checkauthadmin.php on line 12 Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in C:\xampp\htdocs\Sportify\admin\checkauthadmin.php on line 12 Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'ODBC'@'localhost' (using password: NO) in C:\xampp\htdocs\Sportify\admin\checkauthadmin.php on line 13 Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in C:\xampp\htdocs\Sportify\admin\checkauthadmin.php on line 13 Php: <?php //session_start(); $today = date(Ymd); $_SESSION[username] = $_POST['username']; $_SESSION[password] = $_POST['password']; $_SESSION[id] = $_POST['id']; $username = stripslashes($_SESSION[username]); $password = stripslashes($_SESSION[password]); $username = mysql_real_escape_string($_SESSION[username]); $password = mysql_real_escape_string($_SESSION[password]); $id = mysql_real_escape_string($_SESSION[id]); include('connection.php'); $sql_login = "SELECT id FROM admin WHERE username = '$username' and password = '$password'"; $result_login = mysql_query($sql_login); $count_login = mysql_num_rows($result_login); //$row = mysql_fetch_assoc($sql_login); if($count_login == 1) { //session_register("user_email"); //session_register("user_password"); //echo "PASS"; header("location:../admin/main_admin.php"); } else { header("location:admin_login2.php"); } exit; ?> I am trying to use SOAP to log into and view reports from SSRS 2005 located on another server. When I run the code below, I get the error "SOAP-ERROR: Parsing WSDL: Couldn't load from 'https://[SERVER]/reportserver/ReportExecution2005.asmx?wsdl' : Premature end of data in tag HTML line 2 " PHP version 5.2.5 SOAP is enabled - I can access amazon's SOAP, so I have confirmed it works; I cannot access mine I have confirmed that this is the correct login information and url to what I want. I can put it into a browser and log in from there and get access to it, but I cannot get it through the PHP SOAPClient. Any help would be greatly appreciated. Code: [Select] <?php ini_set('soap.wsdl_cache_enabled', false); $soap_url = 'https://[SERVER]/reportserver/ReportExecution2005.asmx?wsdl'; try { $options = Array('login' => 'username', 'password' => 'password'); $soap_client = new SoapClient($soap_url, $options); var_dump($soap_client->__getFunctions()); } catch (SoapFault $e) { echo $e->getMessage(); } ?> [CODE] I'm always getting the "Falha ao selecionar o usuario no banco de dados." error. Why??? Another thing, any tip to improve my code? A way to do the same thing, but with a "more clean" code... login.php Code: [Select] <?php session_start(); require_once('../includes/link.php'); include('../functions/clean.php'); $errmsg_arr = array(); $errflag = false; $email = clean($_POST['email']); $password = clean($_POST['password']); if(($email == '') OR ($password == '')) { $errmsg_arr[] = 'Por favor, preencha todos os campos.'; $errflag = true; $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: ../index.php"); exit(); } $query = "SELECT * FROM users WHERE email = '$email' AND passwd = '".md5($_POST['password'])."'"; $result = mysql_query($query); $user = mysql_fetch_assoc($result); if($result) { if(mysql_num_rows($result) == 1) { $user = mysql_fetch_assoc($result); session_regenerate_id(); $_SESSION['SESS_ID'] = $user['id']; $_SESSION['SESS_STATUS'] = $user['status']; $_SESSION['SESS_SCHOOL_ID'] = $user['school_id']; $_SESSION['SESS_CLASS_ID'] = $user['class_id']; $_SESSION['SESS_NAME'] = $user['name']; $_SESSION['SESS_REGISTRATION'] = $user['registration']; $_SESSION['SESS_EMAIL'] = $user['email']; session_write_close(); if($_SESSION['SESS_STATUS'] == 1) { header("location: ../users/superadministrator/index.php"); exit(); } } else { $errmsg_arr[] = 'Suas informacoes de login estao incorreta. Por favor, tente novamente.'; $errflag = true; $_SESSION['ERRMSG_ARR'] = $errmsg_arr; session_write_close(); header("location: ../index.php"); exit(); } } else { die("Falha ao selecionar o usuario no banco de dados."); } ?> link.php Code: [Select] <?php define('DB_HOST', 'localhost'); define('DB_USER', 'root'); define('DB_PASSWORD', ''); define('DB_DATABASE', 'social_escola'); $link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD); if (!$link) { die('Falha ao conectar ao servidor: ' . mysql_error()); } $db = mysql_select_db(DB_DATABASE); if (!$db) { die('Falha ao selecionar o banco de dados: ' . mysql_error()); } ?> clean.php Code: [Select] <?php function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } ?> hello everyone....i am new for this script, hope u guys able to help me. Thank you in advance! i have created register.php and it works, but i try login then the error message show: Notice: Undefined index: password in C:\xampp\htdocs\login.php on line 26 The username and password you entered do not match those on file im using xampp for localhost, all .php file i place it in xampp\htdocs for the users.txt( i create a users folder outside the htdocs, c:\xampp\users & i place my users.txt inside the users folder) following is my login.php script: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Login</title> </head> <body> <?php /// Script 11.7 - login.php /*This script logs a user in by check the stored values in text file. */ if(isset($_POST['submitted'])) { //handle the form $loggedin = FALSE; //not currently logged in //Enable auto_detect_line_settings: ini_set('auto_detect_line_endings',1); //open the file: $fp = fopen('../users/users.txt','rb'); //Loop through the file: while($line = fgetcsv($fp,100,"\t")) { //Check the file data against the submitted data: if(($line[0] == $_POST['username'])AND($line[1] == md5(trim($_POST['password'])))) { $loggedin = TRUE; //correct username/password combination //stop looping through the file: break; } //End of IF } //End of While fclose($fp); //Close the file //print a message: if($loggedin) { print '<p>You are now logged in.</p>'; } else { print '<p style="color:red;">The username and password you entered do not match those on file</p>'; } }else { //Display the form //Leave php and display the form: ?> <form action="login.php" method="post"> <p>Username: <input type="text" name="username" size="20" /></p> <p>Password: <input type="password" name="password1" size="20" /></p> <input type="submit" name="submit" value="Login" /> <input type="hidden" name="submitted" value="true" /> </form> <?php }//end of submission IF. ?> </body> </html> hi, I'm coding a website, after being away from php for a while, and there's this simple thing that's driving me crazy. I made a simple login system to test, and I have to refresh the page twice so it becomes active, and I can't figure out why. what's wrong with this code? (keep in mind that it's just a test, I plan to get username from database, send encrypted info to cookies, and all that, but after I get this working) Code: [Select] <?php if (isset($_POST['submitlogin'])) { if ((($_POST['username'])&&($_POST['password']))=="admin") { setcookie("user", "Administrator", time()+3600); } else { $loginerror="1"; } } if (isset($_GET['logout'])) { setcookie("user", "", time()-3600); } ?> <html> <head> </head> <body> <?php if (isset($_COOKIE['user'])) { echo "Hello, ".$_COOKIE['user']; ?> <br /><a href="?logout=yes">Logout</a> <?php }else{?> <form action="" method="post"> <input name="username" type="text" /><br /> <input name="password" type="password" /><br /> <input name="submitlogin" type="submit" value="Login" /> </form> <?php }?> </body> </html> thanks for any help! Hello again guys, am having trouble with a login script I have been working on. Have crawled the web for answers so thought i would post here again for some help. A brief run down on what the script is intended to do: 1.) The script checks to see if a user is logged in, and asks them to if their not. 2.) If theuser is logged in their userid is grabbed from $_SESSION and assigned to $userid 3.) Connection to the database is made and the field premium is updated with value "1" where userid = $userid A error message is supposed to be shown if the query has an error, but currently an error is not produced, the premium field remains NULL and the echo is shown. Can't for the the life of me fiqure out why it isn't working, but i think it is quite simple. Heres my script <?php if (!is_authed()) { echo 'You are not logged-in. Please login so we can add your purchased video to your account.'; include 'login_form.inc.php'; } else { include 'cp/config.php'; include 'cp/opendb.php'; $_SESSION['userid'] = $userid; $query = "UPDATE user SET premium='1' WHERE userid='$userid'"; mysql_query($query) or die('Error, query failed : ' . mysql_error()); echo 'Thank You for purchasing our series. We have added it to your account so you can use it straight away.'; } ?> For some reason the I can not handle with this function, will allways return 0 mysql_num_rows and i`m not able to login. Code: [Select] <?php session_start(); mysql_connect("localhost", "root", ""); mysql_select_db("proiect"); include("inc/functii.php"); echo "<form method='post' name='login'> <table cellspacing='1' cellpadding='2' border='0' > <tr> <td colspan='2' align='center' height='55'> Admin Login </td> </tr> <tr> <td id='paddingbot' colspan='2'> Username </td> </tr> <tr> <td id='paddingtop' colspan='2'><input type='text' name='username' size='33'/></td> </tr> <tr> <td colspan='2'></td> </tr> <tr> <td id='paddingbot' colspan='2'> Password </td> </tr> <tr> <td id='paddingtop' colspan='2'><input type='password' name='password' size='33' /></td> </tr> <tr> <td id='rem_me'><input type='checkbox' name='remember_me' /></td> <td> Remember me </td> </tr> <tr> <td align='right' colspan='2'><input type='submit' name='login' value='Login >' /></td> </tr> <tr> <td colspan='2' align='center'>"; checkLogin(); echo "</tr> </table> </form>"; ?> Code: [Select] <?php function checkLogin () { if (isset($_POST['login'])) if (($_POST['username']) == '') { echo "Please, complete the field for username."; } elseif (($_POST['password']) == '') { echo "Please, complete the field for password."; } elseif (($_POST['username'] !== '') && ($_POST['password']) !== '') { $username = $_POST['username']; $password = md5($_POST['password']); $result = mysql_query("SELECT * FROM admin WHERE username='".$username."' AND password='".$password."'") or die ("Error:".mysql_error()); $nr = mysql_num_rows($result); if ($nr < 1) { echo $nr; } else { $_SESSION['username'] = $username; $_SESSION['password'] = $password; echo "Welcome".$username; } } } ?> Hi, I have create a small website with a login, over the past month it has been working fine, however today I tried to login and it says incorrect password. So I go into my phpMyAdmin database and change the password with the function type as PASSWORD. I go to login again and it still doesnt work. I did however have a dummy account on the site and that does work, and the only difference I can see is the encryption of the password, the new passwords I create start with the astrix symbol (*) and the old password that works doesnt have that. I can guess im probably using the wrong encryption type, but Iv tried loads of different ones and still nothing. I have however noticed which line of code in my PHP code isnt working for the new Passwords, but I cant see a problem. I have put it below, if anyone knows what the problem is, please, please, please let me know. Code: [Select] if ($pwd === PwdHash($pass,substr($pwd,0,9))) { It fails at this point and goes strait to the else at the bottom of the if statement. Thanks Ben p.s. if you want me to post all the Login code I will happily do so. Hi I want to make a simple login system which goes like this: a) the 1st page (login_form.php) will check if you are logged or not and give you the login form (username - password) b) when you submit a 2nd page (login_check) will check if you really typed anything . If it finds that the texts are null it will return you to the 1st page (without you pressing anything) and give you the form again with a error message written say above. Else it checks the mysql database.(on another page i think) i find it difficult to navigate through the pages cause header gives me error (headers allready sent) and meta tag doesnt keep the $_POST values. (for example the error meassage) Please help Sorry for my English it's not my native. Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\xampp\htdocs\sas\shoppingcart\adminlogin.php on line 16 Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\sas\shoppingcart\adminlogin.php:16) in C:\xampp\htdocs\sas\shoppingcart\adminlogin.php on line 33 I have the following code: <?php include "connect.php"; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Welcome</title> <script type="text/javascript" src="js/jquery.min.js"></script> <script type="text/javascript" src="js/jquery.ketchup.js"></script> <script type="text/javascript" src="js/jquery.ketchup.messages.js"></script> <script type="text/javascript" src="js/jquery.ketchup.validations.basic.js"></script> <script language="javascript" type="text/javascript" src="niceforms.js"></script> <link rel="stylesheet" type="text/css" media="all" href="niceforms-default.css" /> <link rel="stylesheet" type="text/css" media="screen" href="css/jquery.ketchup.css" /> </head> <body> <div id="container"> <?php if(!empty($_SESSION['connection_status']) && !empty($_SESSION['username'])) { ?> <form action="logout.php" class="niceform"> <fieldset> <legend>Member Area</legend> <div id= "container"> <p>Thanks for logging in <b><?=$_SESSION['username']?></b> !</p> <p><input type="submit" name="submit" id="submit" value="Logout" /></p> </div> </fieldset> </form> <?php } elseif(!empty($_POST['username']) && !empty($_POST['password'])) { $username = mysql_real_escape_string($_POST['username']); $password = md5(mysql_real_escape_string($_POST['password'])); $validation = mysql_query("SELECT * FROM users WHERE username = '".$username."' AND password = '".$password."'"); if(mysql_num_rows($validation) == 1) { $row = mysql_fetch_array($validation); $email = $row ['email']; $_SESSION['username'] = $username; $_SESSION['email'] = $email; $_SESSION['connection_status'] = 1; echo "<h1>Success</h1>"; echo "<p>Members area is loading.</p>"; echo "<meta http-equiv='refresh' content='=4;index.php' />"; } else { echo "<h1>Error</h1>"; echo "<p> There was an error, please try again <a href=\"index.php\">here </a> .</p>"; } } else { ?> <form method="post" action="index.php" name="loginform" id="loginform" class="niceform"> <fieldset> <legend>Member Login</legend> <p>Thanks for visiting. Please login below or click <a href="register.php">here</a> to register.</p> <dl> <dt><label for="username">Username:</label><br /></dt> <dd><input type="text" name="username" id="username" class= "validate(rangelength(4,30))"/></dd> </dl> <dl> <dt><label for="password">Password:</label><br /></dt> <dd><input type="password" name="password" id="password" class= "validate(rangelength(4,30))" /></dd> </dl> <p><a href="forgot_password.php">Forgot password?</a></p> </fieldset> <fieldset class="action"> <input type="submit" name="submit" id="submit" value="Sign In" /> </fieldset> </form> <?php } ?> </div> <script type = "text/javascript"> $(document).ready(function() { $('#loginform').ketchup(); }); </script> </boby> </html> When I try to login with true username/password, I always get: There was an error, please try again here . I have a login script which is showing problem. The problem is that when my username and password are correct it directs to index.php page and displays the correct username there. But if the password is wrong it still directs to the same page instead of different(err-login.php) page,but this time no username is displayed. index.php: the password verifying code is as follows(the whole code of index.php is not mentioned since it is too long and a bit messy) <code> <?php $connection=mysql_connect("localhost","root",""); mysql_select_db("forum",$connection); $select=mysql_query("SELECT * FROM user_id WHERE uname='$_REQUEST[uname]'",$connection); $row=mysql_fetch_array($select); if($row['password']==$_REQUEST['password']){ session_start(); $_SESSION['name']=$_REQUEST['uname']; } else{ header("Location:err-login.php"); } ?> </code> NOTE:-The name of my db and table are correct. I have referred to username as uname. Hello guys, first post here.
I have a web system which contains a login form programmed in 3 different languages HTML, PHP and JS. The problem is that it's not working, you can access without entering any data, you just press enter and it will work, I don't know why it is not validating any credentials. I was thinking about some query problems but I don't know. I am a newbie on this. I have read a lot but haven't found an answer. A friend helped me build the system but left that uncompleted and he's nowhere to be found.
I was wondering if you could help me out with this.
<form role="form" ng-submit="login(user,password)"> <div class="form-group"> <input type="user" class="form-control" ng-model='user' placeholder="Usuario"> </div> <div class="form-group"> <input type="password" class="form-control" ng-model='password' placeholder="ContraseƱa"> </div> <div class="alert alert-warning" id='alert' style="display:none">Revise la informacion...</div> <div class="alert alert-danger" style="display:none" id='alertErr'>Error Usuario o ContraseƱa Erronea intentelo de nuevo</div> <button type="submit" class="btn btn-primary">Ingresar</button> </form> <?php require_once 'database.php'; $db = new Database(); $body = json_decode(file_get_contents('php://input')); $user =$db->query("SELECT * FROM usuario WHERE usua_login = '".$body->user."' AND usua_pass = '".$body->password."'"); if($user == false){ http_response_code(404); } else{ http_response_code(200); echo json_encode($user); } ?> 'use strict'; /** * @ngdoc function * @name belkitaerpApp.controller:MainCtrl * @description * # MainCtrl * Controller of the belkitaerpApp */ angular.module('belkitaerpApp') .controller('MainCtrl', function ($scope,$http,$location) { $scope.login = function(user,password){ console.log('Login...'); if(user =='' || password ==''){ $('#alert').show("slow"); setTimeout(function() { $('#alert').hide('slow'); }, 3000); } else{ $http.post('../serverSide/login.php',{user:user,password:password}).success(function(data){ console.log('OK!'); $location.path('/products'); }).error(function(data){ $('#alertErr').show("slow"); setTimeout(function() { $('#alertErr').hide('slow'); }, 3000); }); } } }); Hi, I am having a bit of problem with my login/logout script. When user is logged in I want the script to show logout and if they are not login I want the script to show login. The problem is even when the user is logged in it says "you must be logged in Click here to login " here is the script Please help Code: [Select] <?php session_start(); $_SESSION['username'] = $_POST['username']; if ($_SESSION['username']) echo "Welcome, ".$_SESSION['username']."!<br><a href='logout.php'>Logout</a>" ; else die("you must be logged in <a href='Login.php'>Click here to login</a>"); ?> what did I do wrong in this script ? Thanks |