Learn VBA & Macros in 1 Week!

PHP - Why Is This Not Loggin Me In

Full Excel VBA Course - Beginner to Expert

Why Is This Not Loggin Me In	View Content

Hi all. I'm really having an awful time. Pls what could be the problem with this cos i can login into my local server but cant login when i go live. thanks

<?php    
if(isset($_POST['login'])){

$username=$_POST['username'];
$password=$_POST['password'];

$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);

$pass = md5($password);


$stmt = $pdo->prepare("SELECT * FROM confirm WHERE username=:username AND password=:password");
$stmt->execute(array(
':username' =>$username,
':password' => $pass
));

if ($stmt->rowCount() ==1){
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;

header("location: ./account/");
exit();
}
else {
echo 'Invalid Username or Password';
}
    }
?>

Full Excel VBA Course - Beginner to Expert

Loggin Out Issues

Similar Tutorials

View Content

Im having issues with logging out of a my website. I have successfully managed to log in. I am using sessions to do it and have been using session_unregister, which I believe is not depreciated. I have tried using unset but I am now getting the error

 Parse error: syntax error, unexpected '"authenticatedUser"' (T_CONSTANT_ENCAPSED_STRING) in C:\wamp\www\ShreddedNutrition\HTML\Logout.php on line 8

this is my log out code

<?php

  session_start();

  $appUsername = $_SESSION["authenticatedUser"];
  $_SESSION["message"] =  "You Have Logged out";
 
  unset("authenticatedUser");

  // Relocate back to the login page
  header("Location: Login.php");
  //session_destroy();   
?>

and this is to log in

<?php
include 'db.inc';
session_start();
$UserEmail =$_POST["EmailAddress"];
   $UserPassword =$_POST["Password"];
   $query = "SELECT * FROM members WHERE EmailAddress = '$UserEmail' 
	         AND  password = '$UserPassword' "; 
		 
	$connection = mysql_connect($hostname, $username, $password) or die ("Unable to connect!"); 
	mysql_select_db($databaseName) or die ("Unable to select database!"); 
	$result = mysql_query($query) or die ("Error in query: $query. ".mysql_error()); 
	// see if any rows were returned 
	if (mysql_num_rows($result) > 0) { 
       $_SESSION["authenticatedUser"] = $UserEmail;
         // Relocate to the logged-in page
        header("Location: Index.php");
    } 
    else 
	  {
	   $_SESSION["message"] = "Could not connect log in as $UserEmail " ;
       header("Location: Login.php");
      }    
mysql_free_result($result); 
mysql_close($connection); 
 
?>

Php, Curl And Loggin On To Joomla

Similar Tutorials

View Content

Hi

I am trying to knock up a script to create a userid and log someone into a Joomla based site. The script is running on the same server as the site (and is legitimate, not nefarious).

I can create an ID OK, and I can retrieve the login page, scrape the details (including the token) and submit the form.

When I do this the user is logged in according to the Joomla sessions table, but it has also created a 2nd guest session there. Navigating to the Joomla site (either manually or doing a header redirect) just takes you to the site as though you are not logged in.

Code as it stands (and code to deal with being passed user ids and passwords will change to be at least vaguely secure, just trying to get things to work now)

Code: [Select]
<?php
session_start();
session_regenerate_id();

require("configuration.php");

$ConfigDetails = new JConfig();

$dbms = $ConfigDetails->dbtype;
$dbhost = $ConfigDetails->host;
$dbname = $ConfigDetails->db;
$dbuser = $ConfigDetails->user;
$dbpasswd = $ConfigDetails->password;

$salt = 'somesalt';

$url = "http://localhost/joomla/index.php";
$IncomingUid = $_REQUEST['uid'];
$IncomingName = $_REQUEST['name'];
$IncomingPassword = $_REQUEST['pwd'];
$IncomingEmail = $_REQUEST['email'];

// Make the database connection.
$SurveyConn = mysql_connect($dbhost,$dbuser,$dbpasswd);

mysql_select_db($dbname,$SurveyConn) or die(mysql_error());

$sql = "SELECT * FROM ".$ConfigDetails->dbprefix."users WHERE username = '".mysql_real_escape_string($IncomingUid)."'";

$rs = mysql_query($sql) or die(mysql_error());

if ($row = mysql_fetch_assoc($rs))
{
if ($IncomingPassword == $row['password'])
{
}
}
else
{
$PasswordEncrypted = md5($IncomingPassword.$salt).':'.$salt;
$sqli = "INSERT INTO ".$ConfigDetails->dbprefix."users (id, name, username, email, password, usertype, block, sendEmail, registerDate, lastvisitDate, activation, params) VALUES(NULL, '".mysql_real_escape_string($IncomingName)."','".mysql_real_escape_string($IncomingUid)."','".mysql_real_escape_string($IncomingEmail)."','".mysql_real_escape_string($PasswordEncrypted)."','deprecated',0,1,NOW(), NOW(), '', '')";
$rs = mysql_query($sqli) or die(mysql_error()." $sqli");
$sqli = "INSERT INTO ".$ConfigDetails->dbprefix."user_usergroup_map (user_id, group_id) VALUES(".mysql_insert_id().", 8)";
$rs = mysql_query($sqli) or die(mysql_error()." $sqli");
}

$agent = "'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.6) Gecko/20060728 Firefox/1.5.0.6'";

$c1 = curl_init();
curl_setopt($c1, CURLOPT_URL, $url );
curl_setopt($c1, CURLOPT_SSL_VERIFYPEER, FALSE );
curl_setopt($c1, CURLOPT_RETURNTRANSFER, TRUE );
curl_setopt($c1, CURLOPT_VERBOSE, 1);
curl_setopt($c1, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($c1, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt($c1, CURLOPT_USERAGENT, $agent );
curl_setopt($c1, CURLOPT_HEADER, TRUE );
curl_setopt($c1, CURLOPT_REFERER, $url1);
curl_setopt($c1, CURLOPT_POST, 1);

$html = curl_exec($c1);

$dom = new DOMDocument();

$FormFieldsArray = array();
if (@$dom->loadHTML($html))
{
// yep, not necessarily valid-html...
$xpath = new DOMXpath($dom);

$nodeListInputs = $xpath->query('//input');
if ($nodeListInputs->length > 0)
{
$FormFieldsArray = array();
for ($i=0 ; $i<$nodeListInputs->length ; $i++)
{
$nodeInput = $nodeListInputs->item($i);
$name = $nodeInput->getAttribute('name');
$value = $nodeInput->getAttribute('value');
$FormFieldsArray[$name] = $value;
}
}
}
else
{
// too bad...
}

if (count($FormFieldsArray) > 0)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url );
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE );
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE );
curl_setopt($ch, CURLOPT_VERBOSE, 1);
curl_setopt($ch, CURLOPT_COOKIEJAR, 'cookie.txt');
curl_setopt($ch, CURLOPT_COOKIEFILE, 'cookie.txt');
curl_setopt($ch, CURLOPT_USERAGENT, $agent );
curl_setopt($ch, CURLOPT_HEADER, TRUE );
curl_setopt($ch, CURLOPT_REFERER, $url1);

// POST fields
$postfields = array();
foreach($FormFieldsArray AS $FormFieldName=>$FormFieldValue)
{
switch ($FormFieldName)
{
case 'username' :
$postfields['username'] = urlencode($IncomingUid);
break;
case 'passwd' :
$postfields['passwd'] = urlencode($IncomingPassword);
break;
case 'password' :
$postfields['password'] = urlencode($IncomingPassword);
break;
default :
$postfields[$FormFieldName] = $FormFieldValue;
break;
}
}

curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postfields);

$ret = curl_exec($ch);

// Get logged in cookie and pass it to the browser
preg_match('/^Set-Cookie: (.*?);/m', $ret, $m);
$cookie = explode('=', $m[1]);
setcookie($cookie[0], $cookie[1]);
header("location: ".$url);
}
//echo $ret;
?>
Any ideas?

All the best

Keith