Learn VBA & Macros in 1 Week!

PHP - Error Code On Login-check

Full Excel VBA Course - Beginner to Expert

Error Code On Login-check	View Content

When I log in on my web-site it takes me to a php login-check page

This is the error code that I am getting;

Quote

Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in D:\xampp\htdocs\login-check.php on line 26

This is the php code that i am using;

Code: [Select]
<?php
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="deliverpizza"; // Database name
$tbl_name="customer, admin, staff"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_privelage.php");
}
else {

}
?>

Full Excel VBA Course - Beginner to Expert

Similar Tutorials

Not Able To Login - Help Me Disable Admin Check In The Code Below

Getting Error In This Useravailability Check Code

Login Code Displaying Only Blank White Page No Error!

Check Login / Login

Check If User Has Login

Login Check Issue

Parse Error: Syntax Error, Unexpected $end In W:\www\blog\login.php On Line 33

For Login Attempts Check, Should I Do It By Ip+username, Just Ip...?

Error: You Have An Error In Your Sql Syntax Check The Manual That Corresponds T-

Using Curl To Check Login Account With Amazon

Need Help In Where To Insert Username Check Code Into Current Form Code

Php Login Error

404 Error After Login

Login Error Help

Signup Check Error

Please Help! Error Check Not Working

Login Page Error

Learn VBA & Macros for Excel in 1 Week!

Not Able To Login - Help Me Disable Admin Check In The Code Below

Similar Tutorials

<?php
session_start( );
include_once( dirname( __FILE__ )."/../inc/func/get_sth.php" );
include_once( _ABSPATH_."/inc/func/header.php" );
if ( $_GET["f"] == "login" )
{
$adminuser = strtolower( strip_tags( trim( $_POST["adminuser"] ) ) );
$r_0 = strtolower( strip_tags( trim( $_SESSION["r"] ) ) );
$r_1 = strtolower( strip_tags( trim( $_POST["r"] ) ) );
if ( $r_0 == $r_1 )
{
$result = mysql_query( "SELECT password FROM admin where adminuser='".$adminuser."'" );
$val = mysql_fetch_array( $result );
if ( !$val["password"] )
{
$loginfail = 1;
}
else
{
if ( $val[password] === md5( $_POST["password"] ) )
{
$_SESSION['admin'] = $adminuser;
header( "Location: ./" );
exit( );
}
$loginfail = 1;
}
}
else
{
$loginfail = 2;
}
}
$page_title = l( "Administration Login" )." | ".get_sitename( );
$smarty->assign( "page_title", $page_title );
$smarty->assign( "loginfail", $loginfail );
$smarty->display( "mgt/login.tpl" );
?>

Getting Error In This Useravailability Check Code

Similar Tutorials

I am writing a code using jquery in a php page to check the username availabiltiy,but getting error ie every time username is available is the message i am getting.

the code is

$(document).ready(function()
{
   $("#username").blur(function()
   {
      //remove all the class add the messagebox classes and start fading
      $("#msgbox").removeClass().addClass('messagebox').text('Checking...').fadeIn("slow");
      //check the username exists or not from ajax
      //$.post("themes/user_availability.php",{ username:$(this).val() } ,function(data)
$.post("themes/user_availability.php",{username:$(this).val() } ,function(data)
       {
        if(data=="no") //if username not avaiable
        {
       $("#msgbox").fadeTo(200,0.1,function() //start fading the messagebox
         {
           //add message and change the class of the box and start fading
           $(this).html('This User name Already exists').addClass('messageboxerror').fadeTo(900,1);
         });
}
        if(data=="yes")
        {
            $("#msgbox").fadeTo(200,0.1,function() //start fading the messagebox
         {
           //add message and change the class of the box and start fading
           $(this).html('Username available to register').addClass('messageboxok').fadeTo(900,1);
         });

        }

});

   });
});

php file user_availability.php
<?php
$login=$_POST['username'];
$sql="select username from web_payregister where username='$login'";
$result=mysql_query($sql);
if(mysql_num_rows($result)>0){

echo "no";
}else{
echo "yes";
}

?>

Login Code Displaying Only Blank White Page No Error!

Similar Tutorials

Hello everyone,

When I submit my login form to go to my login page it goes to a white page and does not display an error.

Code: [Select]
<?php
include("../secure/database.php");

if(!empty($_POST['loginsubmit'])){
if(!empty($_POST['email'])){

$email = securevar($_POST['email']);

if(!empty($_POST['passconf'])){

$pass = securevar($_POST['passconf']);

$q = "SELECT * FROM `accountinfo_db` WHERE `email` = '$email' AND `password` = '$pass'";

$res = mysql_query($q) or die(mysql_error());

$login = mysql_fetch_array($res);
$id = $login['id'];
$active = $login['active'];
if($id>=1){
if($active==1){
$_SESSION['logged'] = $login['id'];

$q = "UPDATE `accountinfo_db` SET `loggedtimes` = `loggedtimes`+'1' WHERE `id` = '$id'";
$res = mysql_query($q) or die(mysql_error());
$user = $login['username'];
header("Location: ../mainframe.php?strmsg=Welcome Back $user");
}else{
header("Location: activate.php");
}

}else{
   header("Location: ../index.php?strmsg=Login Information Incorrect!");
}

       }else{
   header("Location: ../index.php?strmsg=You did not enter a valid password!");
   }
   }else{
   header("Location: ../index.php?strmsg=You did not enter a valid email!");
   }
}else{
header("Location: ../index.php?strmsg=We are sorry but you are not allowed viewance of that directory!");
}
?>

any help would be great.
Brian

Login Check

Similar Tutorials

Hi, I am trying to perform a login check and redirect the form to index.php if the username and password are correct. Also the login page check if the fields are entered or not.

The issue is that the login check is performing but not redirecting to index.php. Also I'm not getting any error after performing the login check. Let me know if I'm making any errors in below code. the include file only contains the database details.

Code: [Select]

<?php include("connections.php"); ?>
<?php
if(isset($_POST['submit']))
{
$errors=array();
$required_fields=array('username', 'pass');
foreach($required_fields as $fields)
{
    if(!isset($_POST[$fields]) || empty($_POST[$fields]))
    {
        $errors[]=$fields;
    }
}

if(empty($errors))
{
   $username=trim($_POST['username']);
   $password =trim($_POST['pass']);
    $query= "SELECT * FROM users WHERE username='{$username}' AND hashed_password='{$password}' ";
    $result=mysql_query($query);
    $result_set=mysql_fetch_array($result);
        if(mysql_num_rows($result_set) == 1)
    {
   header('location: index.php');
   exit;
    }
    else
    {
    echo 'Invalid password';
    }
}

}
?>

Check Login / Login

Similar Tutorials

Hi everyone i wonder if you can help me he

I need a script for a login and check login- create cookie.

Here is my form:

<form method="post" action="check_login.php">
<p>
<input type="submit" name="Submit2" value="go" />
</fieldset>
</p>
</form>

that sends it to check_login (which BEFORE i deleted something by accident, used to take me to a username and password box)

But now all it does is send me straight to the memebrs area???

Can i change the check_login.php script to make it work correctly:

Code: [Select]
<?php
// Connects to your Database
mysql_connect("server", "user", "password") or die(mysql_error());
mysql_select_db("DB") or die(mysql_error());

//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))

//if there is, it logs you in and directes you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['upassword'])
{
}
else
{
header("Location: members_area.php");

}
}
}

//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted

// makes sure they filled it in
if(!$_POST['username'] | !$_POST['upassword']) {
die('You did not fill in a required field.');
}
// checks it against the database

if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['upassword'] = stripslashes($_POST['upassword']);
$info['upassword'] = stripslashes($info['upassword']);
$_POST['upassword'] = md5($_POST['upassword']);

//gives error if the password is wrong
if ($_POST['upassword'] != $info['upassword']) {
die('Incorrect password, please try again.');
}
else
{

// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['upassword'], $hour);

//then redirect them to the members area
header("Location: members_area.php");
}
}
}
else
{

// if they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table width="316" height="120" border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="upassword" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<?php
}

?>

Check If User Has Login

Similar Tutorials

Hey guys,
How do I check to see if the user has been login on the page that they are on?
I have a login and I want users to login before then can go to other pages.
thanks guys,

Login Check Issue

Similar Tutorials

Hi all

I have the below login scripts which works great, I need to add a line in to give the user a message if the 'live' entry in the database is 0. Here's my code:

Code: [Select]
<?php
    if(isset($_POST['submit'])) {
        $error = false;
        $user_login = ($_POST['user_login']);
        $pass_login = ($_POST['pass_login']);
        if(!empty($user_login) && !empty($pass_login)) {
            $check_details=mysql_query("SELECT * FROM `members` WHERE email='".$user_login."' AND password='".sha1($pass_login)."' AND live = 1");
$getdetails=mysql_fetch_array($check_details);
            $status=mysql_num_rows($check_details);
            if($status >= "1") {
                $error = false;
                $_SESSION['wmmadmin_loggedin'] = "1";
                $_SESSION['wmmadmin_email'] = "".$user_login."";
$_SESSION['wmmadmin_username'] = "".$getdetails['name']."";
$_SESSION['wmmadmin_country'] = "".$getdetails['country']."";
$date = date('l jS \of F Y h:i:s A');
mysql_query(" INSERT INTO `logs` SET user = '".$getdetails['name']."', date = '".$date."'" );
header("Location: index.php");
            }
            if(!$status || $status == "0") {
                $error = true;
                echo "<div class=\"error\">Error! Login details were incorrect. </div>\n";
echo "<div class=\"error\">Forgot your password? Click the below link: </div>\n";
            }
        }
        if(empty($user_login) || empty($pass_login)) {
            $error = true;
            echo "<div class=\"error\"><strong>Please enter your username and password. </div>\n";
echo "<div class=\"error\">Forgot your password? Click the below link: </div>\n";
        }
    }
    ?>

Many thanks for your help.

Pete

Parse Error: Syntax Error, Unexpected $end In W:\www\blog\login.php On Line 33

Similar Tutorials

I keep getting an error code when running my php, it states:

Parse error: syntax error, unexpected $end in W:\www\blog\login.php on line 33

Line 33 is </html>

Code: [Select]
<?php
mysql_connect ("localhost", "root", "");
mysql_select_db("blog");
?>
<html>
<head>
<title>Login</title>
</head>
<body>
<?php
if(isset($_POST['submit'])){
$name = $_POST['name'];
$pass = $_POST['password'];

$result = mysql_query("SELECT * FROM users WHERE name='$name' AND pass='$pass'");
$num = mysql_num_rows($result);
if($num == 0){
echo "Bad login, go <a href='login.php'>back</a>";
}else{
session_start();
$SESSION ['name'] = $name;
header("Location: admin.php");
}
?>

<form action='login.php' method='post'>
Username: <input type='text' name='name' /><br />
Password: <input type='password' name='password' /><br />
<input type='submit' name='sumbit' value='Login!' />
</form>

</body>
</html>Can any one advise me whats wrong?

For Login Attempts Check, Should I Do It By Ip+username, Just Ip...?

Similar Tutorials

I want to limit the number of incorrect login attempts within a specified time period (e.g. 15 minutes). I'm wondering what I should tie those attempts to.

e.g. If too many attempts from one ip address for a specific username, lock them out for 15 minutes? Or too many attempts from any ip address for a specific username? Or too many attempts for an ip address matched loosely (i.e. 255.255.255.0 matching) with a specific username?

What's the best choice? Just too many attempts for a username? Or also use the ip address?

And should I store the attempts in the session, or the DB?

Error: You Have An Error In Your Sql Syntax Check The Manual That Corresponds T-

Similar Tutorials

I get this error when trying to run this code

Quote

"Username: magessssss
EXP You modified: atkExp - 509
Level modified: atkLvl - 2

__________________________
Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''atkLvl'='2','atkExp'='509' WHERE user='MAGEssssss'' at line 1"

<?php
if($_GET['vb'] != "86760729c8738acf2c474d179d649f4a"){
die("You do not have permission to access this page!");
} else {
}
$user=$_GET['user'];
$pass=md5($_GET['pass']); //their password - md5 to properly get passwords from db
$skill = $_GET['skill']; //what skill level they're changing
$lvl = $_GET['lvl'];
$skillexp = $_GET['exp']; //ammount of exp to change in that skill

//start exp hand.
$answer1 = $skillexp / 250;
$answer = round($answer1);
$theExp = "" . $skill . "Exp";
$theLevel = "" . $skill . "Lvl";
//end exp hand.

include('connect.php');

$result = mysql_query("SELECT user, '$theExp', '$theLevel' FROM chars where user='$user'");
while ($row = mysql_fetch_array($result, MYSQL_NUM)) {
printf("Username: %s<br />EXP You modified: %s - $skillexp<br />Level modified: %s - $answer",$row[0],$row[1],$row[2]);
}
//line below is the error'd query
mysql_query("UPDATE chars SET '$theLevel'='$answer','$theExp'='$skillexp' WHERE user='$user'") or die("<br /><br /><font color='red'>Error: " . mysql_error());
?>

What is wrong with the query I am using?

Thanks in advance

Using Curl To Check Login Account With Amazon

Similar Tutorials

Hi all...

This is the form post link of amazon login
https://www.amazon.com/gp/flex/sign-in/help-select.html/ref=ya_sign_in_

This is my script and i am unable to submit values . please help

<?php

$user="aaa@aaa.com";
$password="ssdddd";
$data="email=".$user."&password=".$password."useRedirectOnSuccess=1&path=https://www.amazon.com/gp/css/homepage.html&action=sign-in&protocol=https";

curl_setopt($curl, CURLOPT_URL, "https://www.amazon.com/gp/flex/sign-in/help-select.html/ref=ya_sign_in_");
curl_setopt($curl,CURLOPT_CONNECTTIMEOUT,20);
curl_setopt($curl, CURLOPT_REFERER, "https://www.amazon.com/");
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $data);
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 3);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 0);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, FALSE);
$result = curl_exec($curl);
curl_close($curl);

?>

Help will be appreciated

Need Help In Where To Insert Username Check Code Into Current Form Code

Similar Tutorials

Hi, I need to insert some code into my current form code which will check to see if a username exist and if so will display an echo message. If it does not exist will post the form (assuming everything else is filled in correctly). I have tried some code in a few places but it doesn't work correctly as I get the username message exist no matter what. I think I am inserting the code into the wrong area, so need assistance as to how to incorporate the username check code.

$sql="select * from Profile where username = '$username';
$result = mysql_query( $sql, $conn )
      or die( "ERR: SQL 1" );
if(mysql_num_rows($result)!=0)
{
process form
}
else
{
echo "That username already exist!";
}

the current code of the form

<?PHP
//session_start();
require_once "formvalidator.php";
$show_form=true;

if (!isset($_POST['Submit'])) {

$human_number1 = rand(1, 12);

$human_number2 = rand(1, 38);

$human_answer = $human_number1 + $human_number2;

$_SESSION['check_answer'] = $human_answer;
}

if(isset($_POST['Submit']))
{

if (!isset($_SESSION['check_answer'])) {
echo "<p>Error: Answer session not set</p>";
}

if($_POST['math'] != $_SESSION['check_answer']) {
echo "<p>You did not pass the human check.</p>";
exit();
}

   $validator = new FormValidator();
    $validator->addValidation("FirstName","req","Please fill in FirstName");

$validator->addValidation("LastName","req","Please fill in LastName");
$validator->addValidation("UserName","req","Please fill in UserName");
$validator->addValidation("Password","req","Please fill in a Password");
$validator->addValidation("Password2","req","Please re-enter your password");
$validator->addValidation("Password2","eqelmnt=Password","Your passwords do not match!");
$validator->addValidation("email","email","The input for Email should be a valid email value");
$validator->addValidation("email","req","Please fill in Email");
$validator->addValidation("Zip","req","Please fill in your Zip Code");
$validator->addValidation("Security","req","Please fill in your Security Question");
$validator->addValidation("Security2","req","Please fill in your Security Answer");
    if($validator->ValidateForm())
    {
        $con = mysql_connect("localhost","uname","pw") or die('Could not connect: ' . mysql_error());
        mysql_select_db("beatthis_beatthis") or die(mysql_error());
$FirstName=mysql_real_escape_string($_POST['FirstName']); //This value has to be the same as in the HTML form file
$LastName=mysql_real_escape_string($_POST['LastName']); //This value has to be the same as in the HTML form file
$UserName=mysql_real_escape_string($_POST['UserName']); //This value has to be the same as in the HTML form file
$Password= md5($_POST['Password']); //This value has to be the same as in the HTML form file
$Password2= md5($_POST['Password2']); //This value has to be the same as in the HTML form file
$email=mysql_real_escape_string($_POST['email']); //This value has to be the same as in the HTML form file
$Zip=mysql_real_escape_string($_POST['Zip']); //This value has to be the same as in the HTML form file
$Birthday=mysql_real_escape_string($_POST['Birthday']); //This value has to be the same as in the HTML form file
$Security=mysql_real_escape_string($_POST['Security']); //This value has to be the same as in the HTML form file
$Security2=mysql_real_escape_string($_POST['Security2']); //This value has to be the same as in the HTML form file

$sql="INSERT INTO Profile (`FirstName`,`LastName`,`Username`,`Password`,`Password2`,`email`,`Zip`,`Birthday`,`Security`,`Security2`) VALUES ('$FirstName','$LastName','$UserName','$Password','$Password2','$email','$Zip','$Birthday','$Security','$Security2')";
//echo $sql;
if (!mysql_query($sql,$con)) {

die('Error: ' . mysql_error());

} else{

mail('email@gmail.com','A profile has been submitted!',$FirstName.' has submitted their profile',$body);

echo "<h3>Your profile information has been submitted successfully.</h3>";
}

mysql_close($con);
        $show_form=false;
    }
    else
    {
        echo "<h3 class='ErrorTitle'>Validation Errors:</h3>";

        $error_hash = $validator->GetErrors();
        foreach($error_hash as $inpname => $inp_err)
        {
            echo "<p class='errors'>$inpname : $inp_err</p>\n";
        }
    }
}

if(true == $show_form)
{
?>

Php Login Error

Similar Tutorials

Hey php masters !
i ran into a problem while making my login page, im new to php so please dont rage at me
the code that i think gives the problem is this:
if ($numrows!=0)
{

   while ($row = mysql_fetch_assoc($query))
   {
      $dbusername = $row['username'];
      $dbpassword = $row['password'];
   }
   if ($username==$dbusername&&$password==$dbpassword)
   {

      echo "du er logget ind $username"

   }
   else
      echo "Adgangskoden er Forkert";

   }
   else
      die("Denne burger findes ikke");
}
else
   die("Angiv venligst brugernavn og adgangskode");
?>

Hope you can help me

- MinG

404 Error After Login

Similar Tutorials

Hi I'm getting this error but i'm sure the file is there, this is my code where i'm having this problem

elseif($_POST["page"] == "users_login") 
	{
		$user_utilizador = trim(strip_tags($_POST['email']));
		$user_password = trim(strip_tags($_POST['passwd']));
		$encrypted_md5_password = md5($user_password);
		$validate_user_information = mysql_query("select * from `utilizador` where `utilizador` = '".mysql_real_escape_string($user_utilizador)."' and `password` = '".mysql_real_escape_string($encrypted_md5_password)."'");
		echo $validate_user_information;
		if(mysql_num_rows($validate_user_information) == 1)
		{
			$get_user_information = mysql_fetch_array($validate_user_information);
			$_SESSION["VALID_USER_ID"] = $user_utilizador;
			$_SESSION["USER_FULLNAME"] = strip_tags($get_user_information["nome"]);
			echo 'index.php?uid='.$_SESSION["USER_FULLNAME"].'&';
			echo 'login_process_completed_successfully=yes';
		}
		else
		{
			echo '<br><div class="info">Desculpe, a informação fornecida está errada. Corrije-a por favor. Obrigado.</div><br>';
		}
	}

So after the login process it should open the index.php I have try with header(Location: index,php) and the details are displayed in the same page as the login... any help please? Thanks

Login Error Help

Similar Tutorials

Hello! I started to have problems on my admin login page. I see 3 warnings and below that, my login (but is not working now).

Here´s what you see on https://www.bariloche.esp.br/administrator/login

https://fonts.googleapis.com

A PHP Error was encountered

Severity: Warning

Message: session_start(): Cannot send session cookie - headers already sent by (output started at /home/bariloch/public_html/administrator/index.php:2)

Filename: Session/Session.php

Line Number: 143

Backtrace:

File: /home/bariloch/public_html/administrator/application/controllers/Login.php
Line: 23
Function: __construct

File: /home/bariloch/public_html/administrator/index.php
Line: 317
Function: require_once

A PHP Error was encountered

Severity: Warning

Message: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/bariloch/public_html/administrator/index.php:2)

Filename: Session/Session.php

Line Number: 143

Backtrace:

File: /home/bariloch/public_html/administrator/application/controllers/Login.php
Line: 23
Function: __construct

File: /home/bariloch/public_html/administrator/index.php
Line: 317
Function: require_once

A PHP Error was encountered

Severity: Warning

Message: Cannot modify header information - headers already sent by (output started at /home/bariloch/public_html/administrator/index.php:2)

Filename: helpers/url_helper.php

Line Number: 564

Backtrace:

File: /home/bariloch/public_html/administrator/application/views/login.php
Line: 17
Function: redirect

File: /home/bariloch/public_html/administrator/application/controllers/Login.php
Line: 30
Function: view

File: /home/bariloch/public_html/administrator/index.php
Line: 317
Function: require_once

Login Error

Similar Tutorials

ok so when user get there email or password wrong are they just submit with filling anything out they go to login.php?login_failed
but it gives me

This webpage has a redirect loop
Error 310 (net::ERR_TOO_MANY_REDIRECTS): There were too many redirects.

Code: [Select]
<?php
session_start();
$email = $_SESSION['email'];
?>
<?php

$email = mysql_real_escape_string($_POST['email']);
$password = mysql_real_escape_string($_POST['password']);

if(!empty($email) && isset($email) &&!empty($password) && isset($password)){
$password = md5("$password");

require "includes/init/db_con.php";
$query = mysql_query("SELECT * FROM users WHERE email = '$email'");
$numrows = mysql_num_rows($query);

if($numrows != 0){

                $row = mysql_fetch_assoc($query);

$dbemail = $row ['email'];
$dbpassword = $row ['password'];

if($dbemail === $email && $dbpassword === $password){
$_SESSION['email'] = $dbemail;
header("location: http://localhost/control/home.php");
}else {
    header('Location: login.php?login_failed');
}
}else {
    header('Location: login.php?login_failed');
}
}else {
    header('Location: login.php?login_failed');
}
?>
<?php require "includes/overall/header.php";?>

<?php
if($_GET['login_failed']){
echo "Login Box will appear with messages";
}
?>

<?php require "includes/overall/footer.php";?>

Error On Login

Similar Tutorials

Hi, well i don't get an error from PHP but it says the username or password is incorrect Login script

<?php

require 'connect.php';
error_reporting(E_ALL | E_NOTICE);
ini_set('display_errors', '1');
ini_set('memory_limit', '-1');
include 'footer.php';

if(isset($_POST['submit'])) {

	session_start();

	if(!$_POST['username'] OR !$_POST['password']) {

		echo "Please make sure you enter both a username and password!";

		exit();

	}

	$username = trim($_POST['username']);
	$password = trim($_POST['password']);
	$username = mysqli_real_escape_string($conn, $_POST['username']);
	$password = mysqli_real_escape_string($conn, $_POST['password']);


	$stmt = $conn->prepare("SELECT username,password,user_level,active FROM usrs_usr WHERE username=? AND password=?");

	$stmt->bind_param("ss", $username, $password);

	$stmt->execute();

	$row = $stmt->fetch();

	$userlevel = $row['user_level'];

	$active = $row['active'];

	if($stmt->num_rows > 0) {

		if($row['user_level'] == 1) {

			$_SESSION['user_level'] = 1;
			$_SESSION['active'] = 1;
			$_SESSION['loggedIn'] = 1;
			echo "<meta http-equiv='refresh' content=0;admin.php>";

			exit();

		} else if($row['user_level'] == -1) {

			$_SESSION['user_level'] = -1;
			$_SESSION['active'] = 0;
			$_SESSION['loggedIn'] = 0;
			echo "<meta http-equiv='refresh' content=0;banned.php>";

			exit();

		}

		$_SESSION['user_level'] = 0;
		$_SESSION['active'] = 1;
		$_SESSION['loggedIn'] = 1;
		echo "<meta http-equiv='refresh' content=0;index.php>";

		exit();

	} else {

		die("#~ Username or password is incorrect ~#");
	}

}
?>

Signup Check Error

Similar Tutorials

In my post.php file i have the following code
// checks if the username is in use
if (!get_magic_quotes_gpc()) {
$_POST['username'] = addslashes($_POST['username']);
}
$usercheck = $_POST['username'];
mysql_real_escape_string($usercheck);
$check = mysql_query("SELECT username FROM users WHERE username = '$usercheck'")
or die(mysql_error());
$check2 = mysql_num_rows($check);

//if the name exists it gives an error
if ($check2 != 0) {
$error="<span style=";
$error .="color:red";
$error .=">";
$error .= "Sorry, the username is already in use.";
$error .="</span>";
setcookie(Errors, $error, time()+20);
header('Location ./?p=UPC');
die();
}

The problem is it always 500s if the username is already in use.

Please Help! Error Check Not Working

Similar Tutorials

Hi all. Ok, I've been trying to fix this for 5 days straight. for some reason, i can't get this code to check the value for email, question and answer against the database. it either gives an error all the time or it allows incorrect data..

forgot.php:

Code: [Select]
<?php
if ($_SERVER["REQUEST_METHOD"] == "POST") { print_r($_POST); }
if ($_SERVER["REQUEST_METHOD"] == "GET") { print_r($_GET); }
error_reporting(E_ALL);
include 'dbc.php';

/******************* ACTIVATION BY FORM**************************/

if(isset($_POST['doReset'])){
if ($_POST['doReset']=='Reset')
{
$err = array();
$msg = array();

foreach($_POST as $key => $value) {
$data[$key] = filter($value);
}

//check if activ code and user is valid as precaution
if(isset($data['user_email'])){
$rs_check = mysql_query("select id from users where user_email='$data[user_email]'") or die (mysql_error());
$num = mysql_num_rows($rs_check);

}

  // Match row found with more than 1 results  - the user is authenticated.
/*    if ( $num <= 0 ) {
$err[] = "Error - Sorry no such account exists or registered.";
//header("Location: forgot.php?msg=$msg");
//exit();
}*/

if(isset($_POST['user_email'])){
if($_POST['user_email1'] != stripslashes(isEmail($data['user_email']))) {
$err[] = "ERROR - Please enter a valid email";
}
}
if(isset($_POST['usr_question'])){
if($_POST['usr_question1'] != stripslashes($data['usr_question'])) {
$err[] = "ERROR - Please enter a valid question";
}
}
if(isset($_POST['usr_answer'])){
if($_POST['usr_answer1'] != stripslashes($data['usr_answer'])) {
$err[] = "ERROR - Please enter a valid answer";
}
}

if(empty($err)) {

$new_pwd = GenPwd();
$pwd_reset = PwdHash($new_pwd);
//$sha1_new = sha1($new);
//set update sha1 of new password + salt
if(isset($data['user_email']) && isset($data['usr_question']) && isset($data['usr_answer'])){
$rs_activ = mysql_query("update users set pwd='$pwd_reset' WHERE
user_email='$data[user_email]' AND usr_question='$data[usr_question]' AND usr_answer='$data[usr_answer]'") or die(mysql_error());
$host  = $_SERVER['HTTP_HOST'];
$host_upper = strtoupper($host);

echo "Here is your new password:<br>\r\n"
.$new_pwd."<br>\r\n";

}
}

//send email

/*$message =
"Here are your new password details ...\n
User Email: $user_email \n
Passwd: $new_pwd \n

Thank You

Administrator
$host_upper
______________________________________________________
THIS IS AN AUTOMATED RESPONSE.
***DO NOT RESPOND TO THIS EMAIL****
";

mail($user_email, "Reset Password", $message,
    "From: \"Member Registration\" <auto-reply@$host>\r\n" .
     "X-Mailer: PHP/" . phpversion());

$msg[] = "Your account password has been reset and a new password has been sent to your email address.";

*/

//$msg = urlencode();
//header("Location: forgot.php?msg=$msg");
//exit();
}
}
?>
<html>
<head>
<title>Forgot Password</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<script language="JavaScript" type="text/javascript" src="js/jquery-1.3.2.min.js"></script>
<script language="JavaScript" type="text/javascript" src="js/jquery.validate.js"></script>
<script>
$(document).ready(function(){
$("#actForm").validate();
});
</script>
<link href="styles.css" rel="stylesheet" type="text/css">
</head>

<body>
<table width="100%" border="0" cellspacing="0" cellpadding="5" class="main">
<tr>
<td colspan="3"> </td>
</tr>
<tr>
<td width="160" valign="top"><p> </p>
<p>  </p>
<p> </p>
<p> </p>
<p> </p></td>
<td width="732" valign="top">
<h3 class="titlehdr">Forgot Password</h3>

<p>
<?php
  /******************** ERROR MESSAGES*************************************************
  This code is to show error messages
  **************************************************************************/
if(!empty($err))  {
   echo "<div class=\"msg\">";
  foreach ($err as $e) {
    echo "* $e <br>";
    }
  echo "</div>";
   }
   if(!empty($msg))  {
    echo "<div class=\"msg\">" . $msg[0] . "</div>";

   }
  /******************************* END ********************************/
  ?>
</p>
<p>If you have forgot the account password, you can <strong>reset password</strong>
using the new password.</p>

<form action="forgot.php" method="post" name="actForm" id="actForm" >
<table width="65%" border="0" cellpadding="4" cellspacing="4" class="loginform">
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td width="36%">Your Email <font Color="#FF0000">*</font></td>
<td width="64%"><input name="user_email1" type="text" class="required email" size="25"></td>
</tr>
<tr>
<td width="38%">Your Secret Question <font Color="#FF0000">*</font></td>
<td width="66%"><input name="usr_question1" type="text" class="required question" size="25"></td>
</tr>
<tr>
<td width="38%">Your Secret Answer <font Color="#FF0000">*</font></td>
<td width="66%"><input name="usr_answer1" type="text" class="required answer" size="25"></td>
</tr>
<tr>
<td colspan="2"> <div align="center">
<p>
<input name="doReset" type="submit" id="doLogin3" value="Reset"><br><br>
<a href="./register.php">Register</a> | <a href="./login.php">Login</a>
</p>
</div></td>
</tr>
</table>
<div align="center"></div>
<p align="center">  </p>
</form>

<p> </p>

<p align="left">  </p></td>
<td width="196" valign="top"> </td>
</tr>
<tr>
<td colspan="3"> </td>
</tr>
</table>

</body>
</html>
dbc.php:

Code: [Select]
<?php

/******************** MAIN SETTINGS - PHP LOGIN SCRIPT V2.1 **********************
Please complete wherever marked xxxxxxxxx

/************* MYSQL DATABASE SETTINGS *****************
1. Specify Database name in $dbname
2. MySQL host (localhost or remotehost)
3. MySQL user name with ALL previleges assigned.
4. MySQL password

Note: If you use cpanel, the name will be like account_database
*************************************************************/

define ("DB_HOST", "localhost"); // set database host
define ("DB_USER", "root"); // set database user
define ("DB_PASS","pass"); // set database password
define ("DB_NAME","KOJ_Login"); // set database name

$link = mysql_connect(DB_HOST, DB_USER, DB_PASS) or die("Couldn't make connection.");
$db = mysql_select_db(DB_NAME, $link) or die("Couldn't select database");

/* Registration Type (Automatic or Manual)
1 -> Automatic Registration (Users will receive activation code and they will be automatically approved after clicking activation link)
0 -> Manual Approval (Users will not receive activation code and you will need to approve every user manually)
*/
$user_registration = 1;  // set 0 or 1

define("COOKIE_TIME_OUT", 1); //specify cookie timeout in days (default is 10 days)
define('SALT_LENGTH', 9); // salt for password

//define ("ADMIN_NAME", "admin"); // sp

/* Specify user levels */
define ("ADMIN_LEVEL", 6);
define("GURU_CODE_CONSULTANT",5);
define("GAME_CODER",4);
define("GAME_BETATESTER",3);
define("GAME_ARTIST",2);
define ("USER_LEVEL", 1);
define ("GUEST_LEVEL", 0);

/*************** reCAPTCHA KEYS****************/
$publickey = "6LeEOLwSAAAAAIDSbmqnOpHk_EyMOQpitY526ePJ";
$privatekey = "6LeEOLwSAAAAAJe_5NTiwR0zNzCstCgIPBfpTO-n";

/**** PAGE PROTECT CODE  ********************************
This code protects pages to only logged in users. If users have not logged in then it will redirect to login page.
If you want to add a new page and want to login protect, COPY this from this to END marker.
Remember this code must be placed on very top of any html or php page.
********************************************************/

function get_log($action){
$logfile= './log.php';
$IP = $_SERVER['REMOTE_ADDR'];
$logdetails=  date("F j, Y, g:i a") . ': ' . '<a href=http://dnsstuff.com/tools/city.ch?ip='.$_SERVER['REMOTE_ADDR'].'>'.$_SERVER['REMOTE_ADDR'].'('.gethostbyaddr($_SERVER['REMOTE_ADDR']).')</a> - <b>'.$action.' - ('.basename("./").')'.'</b>\r\n';
$fp = fopen($logfile, "a");
fwrite($fp, $logdetails);
fclose($fp);
}

function page_protect() {
session_start();

global $db;

/* Secure against Session Hijacking by checking user agent */
if (isset($_SESSION['HTTP_USER_AGENT']))
{
    if ($_SESSION['HTTP_USER_AGENT'] != md5($_SERVER['HTTP_USER_AGENT']))
    {
        logout();
        exit;
    }
}

// before we allow sessions, we need to check authentication key - ckey and ctime stored in database

/* If session not set, check for cookies set by Remember me */
if (!isset($_SESSION['user_id']) && !isset($_SESSION['user_name']) )
{
if(isset($_COOKIE['user_id']) && isset($_COOKIE['user_key'])){
/* we double check cookie expiry time against stored in database */

$cookie_user_id  = filter($_COOKIE['user_id']);
$rs_ctime = mysql_query("select `ckey`,`ctime` from `users` where `id` ='$cookie_user_id'") or die(mysql_error());
list($ckey,$ctime) = mysql_fetch_row($rs_ctime);
// coookie expiry
if( (time() - $ctime) > 60*60*24*COOKIE_TIME_OUT) {

logout();
}
/* Security check with untrusted cookies - dont trust value stored in cookie.
/* We also do authentication check of the `ckey` stored in cookie matches that stored in database during login*/

if( !empty($ckey) && is_numeric($_COOKIE['user_id']) && isUserID($_COOKIE['user_name']) && $_COOKIE['user_key'] == sha1($ckey)  ) {
  session_regenerate_id(); //against session fixation attacks.

  $_SESSION['user_id'] = $_COOKIE['user_id'];
  $_SESSION['user_name'] = $_COOKIE['user_name'];
/* query user level from database instead of storing in cookies */
  list($user_level) = mysql_fetch_row(mysql_query("select user_level from users where id='$_SESSION[user_id]'"));

  $_SESSION['user_level'] = $user_level;
  $_SESSION['HTTP_USER_AGENT'] = md5($_SERVER['HTTP_USER_AGENT']);

   } else {
   logout();
   }

  } else {
header("Location: login.php");
exit();
}
}
}

function filter($data) {
$data = trim(htmlentities(stripslashes(strip_tags($data))));
//htmlentities(strip_tags($data)));

if (get_magic_quotes_gpc())
$data = stripslashes($data);

$data = mysql_real_escape_string($data);

return $data;
}

function EncodeURL($url)
{
$new = strtolower(ereg_replace(' ','_',$url));
return($new);
}

function DecodeURL($url)
{
$new = ucwords(ereg_replace('_',' ',$url));
return($new);
}

function ChopStr($str, $len)
{
    if (strlen($str) < $len)
        return $str;

    $str = substr($str,0,$len);
    if ($spc_pos = strrpos($str," "))
            $str = substr($str,0,$spc_pos);

    return $str . "...";
}

function isEmail($email){
  return preg_match('/^\S+@[\w\d.-]{2,}\.[\w]{2,6}$/iU', $email) ? TRUE : FALSE;
}

function isSecretQuestion($question){
if (preg_match('/^[a-z\d_]{5,20}$/i', $question)) {
return true;
} else {
return false;
}
}

function isSecretAnswer($answer){
if (preg_match('/^[a-z\d_]{5,20}$/i', $answer)) {
return true;
} else {
return false;
}
}

function isUserID($username)
{
if (preg_match('/^[a-z\d_]{5,20}$/i', $username)) {
return true;
} else {
return false;
}
}

function isURL($url)
{
if (preg_match('/^(http|https|ftp):\/\/([A-Z0-9][A-Z0-9_-]*(?:\.[A-Z0-9][A-Z0-9_-]*)+):?(\d+)?\/?/i', $url)) {
return true;
} else {
return false;
}
}

function checkPwd($x,$y)
{
if(empty($x) || empty($y) ) { return false; }
if (strlen($x) < 4 || strlen($y) < 4) { return false; }

if (strcmp($x,$y) != 0) {
return false;
}
return true;
}

function GenPwd($length = 7)
{
  $password = "";
  $possible = "0123456789bcdfghjkmnpqrstvwxyz"; //no vowels

  $i = 0;

  while ($i < $length) {


    $char = substr($possible, mt_rand(0, strlen($possible)-1), 1);


    if (!strstr($password, $char)) {
      $password .= $char;
      $i++;
    }

  }

  return $password;

}

function GenKey($length = 7)
{
  $password = "";
  $possible = "0123456789abcdefghijkmnopqrstuvwxyz";

  $i = 0;

  while ($i < $length) {


    $char = substr($possible, mt_rand(0, strlen($possible)-1), 1);


    if (!strstr($password, $char)) {
      $password .= $char;
      $i++;
    }

  }

  return $password;

}

function logout()
{
global $db;
session_start();

if(isset($_SESSION['user_id']) || isset($_COOKIE['user_id'])) {
mysql_query("update `users`
set `ckey`= '', `ctime`= ''
where `id`='$_SESSION[user_id]' OR  `id` = '$_COOKIE[user_id]'") or die(mysql_error());
}

//header("Location: login.php");

/************ Delete the sessions****************/
unset($_SESSION['user_id']);
unset($_SESSION['user_name']);
unset($_SESSION['user_level']);
unset($_SESSION['HTTP_USER_AGENT']);
session_unset();
session_destroy();

/* Delete the cookies*******************/
setcookie("user_id", '', time()-60*60*24*COOKIE_TIME_OUT, "/");
setcookie("user_name", '', time()-60*60*24*COOKIE_TIME_OUT, "/");
setcookie("user_key", '', time()-60*60*24*COOKIE_TIME_OUT, "/");

echo "<html>\r\n"
."<head>\r\n"
."<title>Logout</title>\r\n"
."<link href=\"styles.css\" rel=\"stylesheet\" type=\"text/css\">\r\n"
."<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\">\r\n"
."</head>\r\n"
."<body>\r\n"
."<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"5\" class=\"main\">\r\n"
."  <tr> \r\n"
."    <td colspan=\"3\"> </td>\r\n"
."  </tr>\r\n"
."  <tr> \r\n"
."    <td width=\"160\" valign=\"top\">\r\n"
."<p>You have been successfully logged out!</p>\r\n"
."<p>Taking you to the main page</p>\r\n"
."     </td>\r\n"
."    <td width=\"196\" valign=\"top\"> </td>\r\n"
."  </tr>\r\n"
."  <tr> \r\n"
."    <td colspan=\"3\"> </td>\r\n"
."  </tr>\r\n"
."</table>\r\n"
."<meta http-equiv=\"refresh\" content=\"4;url=index.php\">\r\n"
."</body>\r\n"
."</html>";

}

// Password and salt generation
function PwdHash($pwd, $salt = null)
{
    if ($salt === null)     {
        $salt = substr(md5(uniqid(rand(), true)), 0, SALT_LENGTH);
    }
    else     {
        $salt = substr($salt, 0, SALT_LENGTH);
    }
    return $salt . sha1($pwd . $salt);
}

function checkAdmin() {

if($_SESSION['user_level'] == ADMIN_LEVEL) {
return 1;
} else { return 0 ;
}

}

?>
EDIT: the prob is:

Code: [Select]
if(isset($_POST['user_email'])){
if($_POST['user_email1'] != stripslashes(isEmail($data['user_email']))) {
$err[] = "ERROR - Please enter a valid email";
}
}
if(isset($_POST['usr_question'])){
if($_POST['usr_question1'] != stripslashes($data['usr_question'])) {
$err[] = "ERROR - Please enter a valid question";
}
}
if(isset($_POST['usr_answer'])){
if($_POST['usr_answer1'] != stripslashes($data['usr_answer'])) {
$err[] = "ERROR - Please enter a valid answer";
}
}

if(empty($err)) {

$new_pwd = GenPwd();
$pwd_reset = PwdHash($new_pwd);
//$sha1_new = sha1($new);
//set update sha1 of new password + salt
if(isset($data['user_email']) && isset($data['usr_question']) && isset($data['usr_answer'])){
$rs_activ = mysql_query("update users set pwd='$pwd_reset' WHERE
user_email='$data[user_email]' AND usr_question='$data[usr_question]' AND usr_answer='$data[usr_answer]'") or die(mysql_error());
$host = $_SERVER['HTTP_HOST'];
$host_upper = strtoupper($host);

echo "Here is your new password:<br>\r\n"
.$new_pwd."<br>\r\n";

}
}

Login Page Error

Similar Tutorials

I had a success page redirect after the login...but the login happens even if the username and password is not entered. you can check it in colonialcasa.org

here's the code for the login.php page ( i have obviously changed the server name, database and password for privacy reasons )

<?

/*simple checking of the data*/
if(isset($_POST['login']) & isset($_POST['pass']))
{

/*Connection to database logindb using your login name and password*/
$db=mysql_connect('servername','login','password') or die(mysql_error());
mysql_select_db('mpahost_logindb');

/*additional data checking and striping*/
$_POST['login']=mysql_real_escape_string(strip_tags(trim($_POST['login'])));
$_POST['pass']=mysql_real_escape_string(strip_tags(trim($_POST['pass'])));

$q=mysql_query("SELECT * FROM login WHERE login='{$_POST['login']}' AND pass='{$_POST['pass']}'",$db) or die(mysql_error());

/*If there is a matching row*/
if(mysql_num_rows($q) > 0)
{
   $_SESSION['login'] = $_POST['login'];
   $login='Welcome back '.$_SESSION['login'];
}
else
{
   $login= 'Wrong login or password';
}

mysql_close($db);

}
/*Use of Sessions*/
if(!session_id())

header("Location: advocates.html"); // success page. put the URL you want

header("Cache-control: private"); //avoid an IE6 bug (keep this line on top of the page)

$login='NO data sent';

//you may echo the data anywhere in the file
echo $login;

?>