|
PHP - Login Auth Not Working Right
I'm making a login/sign up page and the following pieces are not working together properly. When I set up the login page following a guide, it had me direct input the structure and I added a user (password is encrypted). When I log in with that password/username, it passes authentication.php perfectly. When I use my signup form (signup.php is simply called by a button on an HTML), it fails saying "Incorrect Password!". I'd say it's failing because of encryption but it passes with my old login that is encrypted so I'm thoroughly lost. Authentication.php
<?php
session_start();
// Change this to your connection info.
$DATABASE_HOST = 'localhost';
$DATABASE_USER = 'root';
$DATABASE_PASS = 'test';
$DATABASE_NAME = 'login';
// Try and connect using the info above.
$con = mysqli_connect($DATABASE_HOST, $DATABASE_USER, $DATABASE_PASS, $DATABASE_NAME);
if ( mysqli_connect_errno() ) {
// If there is an error with the connection, stop the script and display the error.
die ('Failed to connect to MySQL: ' . mysqli_connect_error());
}
// Now we check if the data from the login form was submitted, isset() will check if the data exists.
if ( !isset($_POST['username'], $_POST['password']) ) {
// Could not get the data that should have been sent.
die ('Please fill both the username and password field!');
}
// Prepare our SQL, preparing the SQL statement will prevent SQL injection.
if ($stmt = $con->prepare('SELECT id, password FROM accounts WHERE username = ?')) {
// Bind parameters (s = string, i = int, b = blob, etc), in our case the username is a string so we use "s"
$stmt->bind_param('s', $_POST['username']);
$stmt->execute();
// Store the result so we can check if the account exists in the database.
$stmt->store_result();
if ($stmt->num_rows > 0) {
$stmt->bind_result($id, $password);
$stmt->fetch();
// Account exists, now we verify the password.
// Note: remember to use password_hash in your registration file to store the hashed passwords.
if (password_verify ($_POST['password'], $password)) {
// Verification success! User has loggedin!
// Create sessions so we know the user is logged in, they basically act like cookies but remember the data on the server.
session_regenerate_id();
$_SESSION['loggedin'] = TRUE;
$_SESSION['name'] = $_POST['username'];
$_SESSION['id'] = $id;
header('Location: dashboard.php');
} else {
echo 'Incorrect password!';
}
} else {
echo 'Incorrect username!';
}
$stmt->close();
}
?>
Signup.php
<?php
// get database connection
include_once '../config/database.php';
// instantiate user object
include_once '../objects/user.php';
$database = new Database();
$db = $database->getConnection();
$user = new User($db);
// set user property values
$user->username = $_POST['uname'];
$user->password = base64_encode($_POST['password']);
$user->created = date('Y-m-d H:i:s');
// create the user
if($user->signup()){
$user_arr=array(
"status" => true,
"message" => "Successfully Signup!",
"id" => $user->id,
"username" => $user->username
);
}
else{
$user_arr=array(
"status" => false,
"message" => "Username already exists!"
);
}
print_r(json_encode($user_arr));
?>
login.php
<?php
// include database and object files
include_once '../config/database.php';
include_once '../objects/user.php';
// get database connection
$database = new Database();
$db = $database->getConnection();
// prepare user object
$user = new User($db);
// set ID property of user to be edited
$user->username = isset($_GET['username']) ? $_GET['username'] : die();
$user->password = base64_encode(isset($_GET['password']) ? $_GET['password'] : die());
// read the details of user to be edited
$stmt = $user->login();
if($stmt->rowCount() > 0){
// get retrieved row
$row = $stmt->fetch(PDO::FETCH_ASSOC);
// create array
$user_arr=array(
"status" => true,
"message" => "Successfully Login!",
"id" => $row['id'],
"username" => $row['username']
);
}
else{
$user_arr=array(
"status" => false,
"message" => "Invalid Username or Password!",
);
}
// make it json format
// print_r(json_encode($user_arr));
if (in_array("Successfully Login!", $user_arr)) {
header('Location: ../../dashboard.html');
}
?>
Similar TutorialsHi I am using facebook auth but email id not fetching from facebook login please help me why is happening? Hi, I have a problem with my code probably it's authorisation mistake or something. I bought a book PHP6, MySQL, Apache Web Development and I am copying every excercise like it's in the book. If u have this book it's chapter 2, page 63. And here is the exact code from the book. It always says that the user ID or pass is incorrect. Code: [Select] <?php session_start (); $_SESSION['username'] = $_POST['user']; $_SESSION['userpass'] = $_POST['pass']; $_SESSION['authuser'] = 1; //over uzivatelske meno a heslo if ( ($_SESSION['username'] == 'Peter') and ($_SESSION['userpas'] == '12345')) { $_SESSION['authuser'] = 1; } else { echo "Unfortunately you do not have required authorisation to enter this site!"; exit(); } ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Najts oblubeny film!</title> </head> <body> <?php $oblubenyfilm = urlencode('Zivot Briana'); echo '<a href="moviesite.php?oblfilm=$oblubenyfilm\">'; echo 'Dalsie informacie o mojom oblubenom filme!'; echo '</a>' ?> </body> </html> The page is http://www.magicfoto.gigacast.net/test/login.php as you can see ID is "Peter" and pass "12345" If you know what should be wrong pls reply. PS.: I am a begginer so please be patient Thanks Ok So the main purpose of this is: 1). User has to grab a OTP from the generator (work's) 2) the OTC updates in the database field (work's) via the person's user_email 3). it sends an email containing the OTP what it is not doing is, when they go and login, it just keeps saying invalid login credentials. I'm pasting my code below to see if anyone can help me out here. this is still a work in progress. do_login.php (not working here) Keep's saying invalid password. <?php if(empty($_POST)) exit; include 'config.php'; // declare post fields $post_user_email = trim($_POST['user_email']); $post_password = trim($_POST['authcode']); $post_autologin = $_POST['autologin']; if(($post_user_email == $config_email) && ($post_password == $config_password)) { $_SESSION['Site-Key'] = $config_email; // Autologin Requested? if($post_autologin == 1) { $password_hash = md5($config_password); // will result in a 32 characters hash setcookie ($cookie_name, 'usr='.$config_email.'&hash='.$password_hash, time() + $cookie_time); } exit('OK'); } else { echo '<div id="error_notification">The submitted login info is incorrect.</div>'; } ?> Index.php <?php require_once 'config.php'; if(isset($_SESSION['google-ads123123'])) { header("Location: http://forum.site1.com"); exit; } ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML> <HEAD> <TITLE>Access Required</TITLE> <script type="text/javascript" src="js/mootools-1.2.1-core-yc.js"></script> <script type="text/javascript" src="js/process.js"></script> <link rel="stylesheet" type="text/css" href="style.css" /> </HEAD> <BODY> <center> <div id="status"> <fieldset><legend align="center">Authentication</legend> <div id="login_response"><!-- spanner --></div> <form id="login" name="login" method="post" action="do_login.php"> <table align="center" width="200" border="0"> <tr> <td width="80">Email</td><td><input id="user_email" type="text" name="user_email"></td> </tr> <tr> <td>AuthCode:</td> <td><input type="password" name="authcode"></td> </tr> <tr> <td> </td> <td><input type="checkbox" name="autologin" value="1">Remember Me</td> </tr> <tr> <td> </td> <td><input id="submit" type="submit" name="submit" value="Login"> <br /> <a href="getcode.php"> Get Auth Code </a> <div id="ajax_loading"><img align="absmiddle" src="images/spinner.gif"> Processing...</div></td> </tr> </table> </form> </fieldset> </div> </center> </BODY> </HTML> getcode.php (generates a MD5 and adds into db) <?php $db_host = '123'; $db_username = '123'; $db_password = '123'; $db_name = '123'; @mysql_connect($db_host, $db_username, $db_password) or die(mysql_error()); @mysql_select_db($db_name) or die(mysql_error()); // This is displayed if all the fields are not filled in $empty_fields_message = "<p>Please go back and complete all the fields in the form.</p>Click <a class=\"two\" href=\"javascript:history.go(-1)\">here</a> to go back"; // Convert to simple variables $email_address = $_POST['user_email']; if (!isset($_POST['user_email'])) { ?> <h2>Generate your Auth Code</h2> <form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>"> <p class="style3"><label for="user_email">Email:</label> <input type="text" title="Please enter your email address" name="user_email" size="30"/></p> <p class="style3"><label title="Generate Auth Code"> </label> <input type="submit" value="Submit" class="submit-button"/></p> </form> <?php } elseif (empty($email_address)) { echo $empty_fields_message; } else { $status = "OK"; $msg=""; //error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR); if (!stristr($email_address,"@") OR !stristr($email_address,".")) { $msg="Your email address is not correct<BR>"; $status= "NOTOK";} echo "<br><br>"; if($status=="OK"){ $query="SELECT username FROM users WHERE user_email = '$email_address'"; $st=mysql_query($query); $recs=mysql_num_rows($st); $row=mysql_fetch_object($st); $em=$row->user_email;// email is stored to a variable if ($recs == 0) { echo "<center><font face='Verdana' size='2' color=red><b>No Auth Code</b><br> Sorry Your address is not in our database ."; exit;} function makeRandomPassword() { $salt = "abchefghjkmnpqrstuvwxyz0123456789"; srand((double)microtime()*1000000); $i = 0; while ($i <= 7) { $num = rand() % 33; $tmp = substr($salt, $num, 1); $pass = $pass . $tmp; $i++; } return $pass; } $random_password = makeRandomPassword(); $db2_password = md5($random_password); $sql = mysql_query("UPDATE users SET authcode='$db2_password' WHERE user_email='$email_address'"); $subject = "Auth Code Verification"; $message = " Here is your Auth Code, Auth Code: $random_password Auth Code: $db2_password This is an automated response, please do not reply!"; mail($email_address, $subject, $message, "From: Auth Server<theslcguy@safe-mail.net.com>"); echo "Your Auth Code has been sent! <br /> Please check your email! <br /> Also Allow up to 5 minutes to recieve your Code...<br />"; echo "<br><br>Click <a href='http://auth.site1.com'>here</a> to login"; } else { echo "<center><font face='Verdana' size='2' color=red >$msg <br><br><input type='button' value='Retry' onClick='history.go(-1)'></center></font>";} } ?> Config.php <?php session_start(); // Start Session header('Cache-control: private'); // IE 6 FIX // always modified header('Last-Modified: ' . gmdate("D, d M Y H:i:s") . ' GMT'); // HTTP/1.1 header('Cache-Control: no-store, no-cache, must-revalidate'); header('Cache-Control: post-check=0, pre-check=0', false); // HTTP/1.0 header('Pragma: no-cache'); // ---------- LOGIN INFO ---------- // $config_email = $POST["user_email"]; $config_authcode = $POST["authcode"]; $cookie_name = 'google-ads123123'; $cookie_time = (3600 * 24 * 30); // 30 days if(!$_SESSION['google-ads123123']) { include_once 'autologin.php'; } ?> Every time I click login on my html document the php is displayed any help, would be great.
<?php Hey there guys, I have been trying to resolve this myself the past hour or so and I can't seem to figure it out. I am in the middle of programming a contacts database, with a login system. Now, the register.php file I created to create users for the database works, but the following code is from my login.php file. When I am on the page in my browser and I type in a registered username and password combination it simply just reloads the login.php file, with blank form fields, as if you had just loaded the page. I am not quite sure what is causing this. Here is the code from my login.php file: <?php //Database Information $dbhost = "removed_for_this_post"; //Host Name $dbname = "removed_for_this_post"; //Database Name $dbuser = "removed_for_this_post"; //Database Username $dbpass = "removed_for_this_post"; //Database Password //Connect To Database mysql_connect ( $dbhost, $dbuser, $dbpass)or die("Could not connect: ".mysql_error()); mysql_select_db($dbname) or die(mysql_error()); session_start(); $username = $_POST['username']; $password = md5($_POST['password']); $query = "SELECT * FROM users WHERE username='$username' AND password='$password'"; $result = mysql_query($query); if (mysql_num_rows($result) != 1) { $error = "Bad Login"; include "login.html"; } else { $_SESSION['username'] = "$username"; include "main_interface.php"; } ?> Thanks for your help in advance!! Hey guys ive put together a super simple login and i can figure out the problem since it just wont create the sessions and echo the default error If anyone has any idea why i am getting this issue that would be awesome Code: [Select] <?php session_start(); // dBase file include "../admin/config.php"; if (!$_POST["username"] || !$_POST["password"]) { die("You need to provide a username and password."); } // Create query $q = "SELECT * FROM `nm_users` WHERE `username`='".$_POST["username"]."' AND `password`=PASSWORD('".$_POST["password"]."') LIMIT 1"; // Run query $r = mysql_query($q); if ( $obj = @mysql_fetch_object($r) ) { // Login good, create session variables $_SESSION["valid_id"] = $obj->id; $_SESSION["valid_user"] = $_POST["username"]; $_SESSION["valid_time"] = time(); // Redirect to member page Header("Location: members.php"); } else { // Login not successful die("Sorry, could not log you in. Wrong login information."); } ?> Hi.
I am trying to authenticate a mail server from the wordpress user database. Wordpress now uses phpass for password hashing, but it has changed not so long ago. So I would like to use the WP functions, to stay compatible in future releases
There is a possibility in Dovecot, to run a shell script for authentication (checkpassword). So, I thought, this script could start a php scipt, and it would use the WP functions for authentications. I made the php script, and it worked. Then I made the bash script, which runs the php, and it worked too. But when the Dovecot starts the bash script, it gives a PHP error. I am stuck now.
It is a simple Debian Wheezy LAMP, with postfix, dovecot, wordpress.
The PHP code is:
<?php
define('WP_USE_THEMES', false);
require("wp-config.php");
$mail = $argv[1];
$pass = $argv[2];
$con=mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);
$result = mysqli_query($con,"SELECT user_login FROM ".$table_prefix."users WHERE user_email='".$mail."'");
$row = mysqli_fetch_array($result);
$user = $row['user_login'];
mysqli_close($con);
$check = wp_authenticate_username_password(NULL, $user, $pass);
if ( is_wp_error($check) ) {
$ispassok = "1";
} else {
$ispassok = $user;
}
exit ($ispassok);
It gets the email address and the password as an argument, finds out the username, then uses a WP function to check out is it a valid user/pass combination. If it is, then it returns the username, if not, then returns "1".
The bash script is:
#!/bin/bash
# The first and only argument is path to checkpassword-reply binary.
# It should be executed at the end if authentication succeeds.
CHECKPASSWORD_REPLY_BINARY="$1"
# Messages to stderr will end up in mail log (prefixed with "dovecot: auth: Error:")
LOG=/dev/stderr
# User and password will be supplied on file descriptor 3.
INPUT_FD=3
export ISOK
read -d $'\0' -r -u $INPUT_FD USER
read -d $'\0' -r -u $INPUT_FD PASS
#USER=$1
#PASS=$2
ISOK=$(php /var/www/wordpress/proba.php $USER $PASS)
echo "User:"$USER" Pass:"$PASS" IsOK:"$ISOK > /etc/dovecot/out.txt
if [ "$ISOK" = "1" ]; then
exit 1
else
export password="{PLAIN}$PASS"
exec $CHECKPASSWORD_REPLY_BINARY
fi
There is a commented out lines, used for testing. When I run the script manually from shell with email address and cleartext password as arguments, it works as it should. But when the dovecot runs it, then I have an error message in mail log about php error:
Jun 2 21:45:09 NWVK001 dovecot: auth: Error: PHP Fatal error: Out of memory (allocated 5505024) (tried to allocate 12288 bytes) in /var/www/wordpress/wp-includes/link-template.php on line 2909 Jun 2 21:45:09 NWVK001 dovecot: auth: Error: Fatal error: Out of memory (allocated 5505024) (tried to allocate 12288 bytes) in /var/www/wordpress/wp-includes/link-template.php on line 2909I searched around, but couldn't find any help. If there is someone with an idea, I would gladly listen. Thanks. I've got a little php script here at work that used to log into a SSH server and grab some log files and show them in a web browser. Simple stuff. Recently we've changed the login on the servers to use our VPN tokens instead of a password that I pick for my account. We can use authorized keys which works fine for me in putty and I'm trying to set that up because I keep getting prompted for user and password the "old" way.
I'm using ssh2_auth_pubkey_file and been reading the manual about it but I can't seem to get it to work
I make my connection as follows
$connection = ssh2_connect($serverHost, 22, array('hostkey'=>'ssh-rsa'));
Then setup the auth_pubkey. There is no passphrase or anything I use with putty so i left that part out
$result = ssh2_auth_pubkey_file($connection, 'username','/path/to/id_rsa.pub','/path/to/id_rsa');the information in my id_rsa.pub file matches what's in authorized_keys on the server in my username/.ssh dir I'm not 100% what else to check for? Anyone have any tips Thanks Hi Guys, This is my first post as part of the community. I am working on a personal project for myself and was trying to password protect some pages. Im newish to php and was wondering if HTTP AUTH headers work with MYSQL Databases for usernames and passwords. Any help or insight would be greatly appreciated! Thanks! Steve Hello,
I have been using cakePHP now for a couple projects now. My next projects involves creating a web service and the entire front-end be built in angularjs.
Now, I understand how 'Form' Authentication works, and have done some research and people tell me if I have an SSL to use Basic Auth, for a web service, which is what I am using. But I am having a problem hooking both up nicely. Now with angular, I have a call for a page and send over the username and password. If the credentials are correct, the server returns back the correct data. The problem is if the credentials are wrong, I get the normal 'Basic Auth' pop up, asking me for my username and password.
My question is, instead of the server trying to re access the same page, is there a way to return json data back?
Example : I have an angular call going to 'cakerest/projects.json' -> Credentials are ok -> Data is returned, and with javascript I console.log it and see it.
2nd time I send the incorrect user and password, and the server responds back with a popup asking for credentials.
How can I get rid of that popup and just return "{Error : 'Credential problem'};
I can post code if that would help as well.
Thank you
This topic has been moved to Application Frameworks. http://www.phpfreaks.com/forums/index.php?topic=353428.0 Hi, I made a login/register system and it was working fine, but now I seem to have broken it and I'm scratching my head as to why. I think it's something to do with the $_SESSION array, the error happens from going from the login.php page to members.php, I log in successfully, but when I get to the members page it says "you must be logged in". index.php has the form to login or a link to register.php to make an account Code: [Select] <?php session_start(); ?> <html> <head> <title>Lincs Crusade | Login page.</title> </head> <body> <form action="login.php" method="POST"> Username: <input type="text" name="username"><br /> Password: <input type="password" name="password"><br /> <input type="submit" value="Login"> </form> <a href="register.php">Click here to register!</a> </body> </html> The register.php page Code: [Select] <?php session_start(); echo "<h2>Register</h2>"; $submit = $_POST['submit']; $username = strip_tags($_POST['username']); $password = strip_tags($_POST['password']); $repeatpassword = strip_tags($_POST['repeatpassword']); $email = $_POST['email']; $date = date("Y-m-d"); if ($submit) { if ($username&&$password&&$repeatpassword&&$email) { if ($password==$repeatpassword) { if (strlen($username)>65) { echo "Length of username is too long!"; } elseif (strlen($email)>100) { echo "Length of email is too long!"; } elseif (strlen($password)>65||strlen($password)<8) { echo "Password must be between 8 and 65 characters long!"; } else { include('functions.php'); echo "All fields were accepted! "; $password = md5($password); $repeatpassword = ($repeatpassword); $email = md5($email); connect(); mysql_query(" INSERT INTO users VALUES ('','$username','$password','$email','$date') ") or die("Could not insert values into <em>users</em> table!"); mysql_query(" INSERT INTO stats VALUES ('$username',10,10,0,1) ") or die("Could not insert values into <em>stats</em> table!"); $_SESSION['username'] == $username; die("You have been registered! Please return to <a href=\"index.php\">homepage</a> and login."); } } else { echo "Your passwords do not match!"; } } else { echo "Please fill in <em>all</em> fields!"; } } ?> <html> <head> <title>Lincs Crusade | Register an Account.</title> </head> <body> <form action="register.php" method="POST"> <p>Your username:</p> <p>Note: Do not use your real name.</p> <input type="text" name="username" value="<?php echo $username ?>"/>= <p>Choose a password:</p> <input type="password" name="password" /> <p>Please repeat password:</p> <input type="password" name="repeatpassword" /> <p>Your student email:</p> <p>Note: This is only used for recovering a lost or forgotten password.</p> <input type="text" name="email" /><br /> <input type="submit" value="Register" name="submit" /> <p> Note: Your password and email are md5 encrypted. This means neither I (the author) or anyone else will be able to view your information<br /> in plain text. For example, your password or email will look something like this "534b44a19bf18d20b71ecc4eb77c572f" once it has been encrypted. </p> </form> </body> </html> The login.php page that process the form data to access members.php page Code: [Select] <?php session_start(); $username = $_POST['username']; $password = $_POST['password']; if ($username&&$password) { include('functions.php'); connect(); $query = mysql_query("SELECT * FROM users WHERE username='$username'"); $numrow = mysql_num_rows($query); if ($numrow!=0) { while ($row = mysql_fetch_assoc($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } if ($username==$dbusername&&md5($password)==$dbpassword) { echo "You're in! - <a href=\"members.php\">Proceed to the members page</a>"; $_SESSION['username'] == $username; } else { echo "Incorrect password!"; } } else { die ("That user doesn't exist,<a href=\"register.php\">please register an account</a>"); } } else { die("Please enter a username and password!"); } ?> The members.php page Code: [Select] <?php session_start(); ?> <html> <head> <title>Lincs Crusade | Members page.</title> </head> <body> <?php if ($_SESSION['username']) { echo "Welcome," .$_SESSION['username']. "!<br />"; echo "<a href=\"stats.php\">View your stats.</a>"; } else { die ("You must be logged in."); } ?> </body> </html> and this is what is in the functions.php file Code: [Select] <?php function connect() { mysql_connect("localhost","root","password") or die ("Unable to connect"); mysql_select_db("database") or die ("Unable to find database"); } ?> Thanks for your help. Hello all, I'm new to any kind of coding, but I recently graduated college with an English degree and decided to try to become a technical writer, but quickly realized I would need to learn some basic coding to publish stuff as many companies are moving away from paper. Anyway, that's the background to why I'm about to ask a really simple question: I wrote a login script, and it rejects people correctly who don't have the correct credentials, and it accepts the people that do, but while the failed attempts send the appropriate alert (the alert also pops up when u first open the page, which if you all can figure out why and stop it, that would be awesome, but its not the main problem), for those who do log in it does not send them to the link that I'm trying to send them to upon log in. Instead, they stay on the same page, but the login text boxes are gone. Any help would be appreciated, thanks. Here is the code: <html> <body style="background-color:rgb(240,230,200);font-family:Times;font-size:110%;"> <p style="text-align:center;font-family:Arial;font-size:250%"> ///text removed for privacy///</p> <p style="text-align:center;font-family:Arial;font-size:200%"> ////text removed for privacy </p> <CENTER><img src="////removed for privacy/////" width="700" height="500"/></Center> <p style="text-align:center;"> To access the site, please use enter your User ID and Password. </p> <center> <?php error_reporting (E_ALL ^ E_NOTICE); ?> <?php session_start(); include("passwords.php"); if ($_POST["ac"]=="log") { if ($USERS[$_POST["username"]]==$_POST["password"]) { $_SESSION["logged"]=$_POST["username"]; } else { echo 'Please enter a vaild Username and Password'; }; }; if (array_key_exists($_SESSION["logged"],$USERS)) header("index.html"); else { echo "<script>alert('Please enter valid Username and Password')</script>"; echo '<form action="login.php" method="post"><input type="hidden" name="ac" value="log"> '; echo 'Username: <input type="text" name="username" /><br />'; echo 'Password: <input type="password" name="password" /><br />'; echo '<input type="submit" value="Login" />'; echo '</form>'; } ?> </center> </body> </html> My Login Script is not working! Please someone help. I am typing in the correct email and password! Mysql Table Table - Users email varchar 100 password varchar 256 form Code: [Select] action/members.php Code: [Select] <?php session_start(); include("../config.inc.php"); include("../classes/class.action.php"); if ($_POST['login'] && $_POST['*****'] == '*****') { $info = array(); $info['email'] = $_POST['email']; $info['password'] = hash("sha256", $_POST['password']); if ($Action->Login($info)) { $_SESSION['CPLoggedIn'] = $_POST['email']; header("Location: ../index.php"); } else { $Error[] = '- Please check you email and password!'; $_SESSION['CPErrors'] = $Error; header("Location: ../index.php?action=LoginForm"); } } classes/class.actions.php Code: [Select] <?php class Action { var $Erros = array(); function Login($info) { foreach ($info as $key => $val) { if ($key = "password") { $$val = mysql_real_escape_string($val); $password = hash("sha256", $val); $values[$key] = $password; } else { $values[$key] = mysql_real_escape_string($val); } } $Sql = "SELECT * FROM Users WHERE email = '{$values['email']}' AND password = '{$values['password']}'"; $Query = mysql_query($Sql); $Num = mysql_num_rows($Query); if ($Num > 0) { return true; } else { return false; } } } $Action = new Action; I am totally new in PHP, can anyone help me with this problem:
Login Button is not working after clicking this button this should print a echo message.
<from action="" method="POST">
<input type="text" placeholder="username"> <br>
<input type="password" placeholder="Password"><br>
<input type="submit" name="login" value="Login">
</from>
<?php if ( isset($_POST['login'])){
echo "hissssssssssssssssssss";
}
?>
Hi everyone, this is my first post. i am starting to learn flash and other programs and haven't started on PHP yet. I have purchased a template that i am modifying and the problem i am having is that my server is a windows one and doesn't like the code that i have attached. It is very simple and doesn't offer any protection with strip slashes etc but the real problem is that i need to add the smpt auth. I have tried several lines of code but it doesnt seem to work. I cant change the headers so i am hoping i can get a little help from this community. It is greatly appreciated Hi there, Any help is greatly appreciated. I've commented out the code giving me trouble. Error = <br /> <b>Warning</b>: curl_setopt(): supplied argument is not a valid cURL handle resource in <b>/###.php</b> on line <b>34</b><br /> <br /> <b>Warning</b>: curl_setopt(): supplied argument is not a valid cURL handle resource in <b>/###.php</b> on line <b>35</b><br /> <?php $ch = curl_init(); $timeout = 30; $userAgent = $_SERVER['HTTP_USER_AGENT']; if ($_REQUEST['update']) { curl_setopt($ch, CURLOPT_URL, $_REQUEST['url']); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_USERPWD, $_REQUEST['username'] . ':' . $_REQUEST['password']); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_USERAGENT, $userAgent); //curl_setopt($c, CURLOPT_POST, true); //curl_setopt($c, CURLOPT_POSTFIELDS, $_REQUEST['update']); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY); $response = curl_exec($ch); if (curl_errno($ch)) { echo curl_error($ch); } else { curl_close($ch); echo $response; } } I have a form on my website which actions login.php. The login.php code is below: <?php include('includes/classes.php.inc'); session_start(); $link = new BaseClass(); $data = $link->query("SELECT * FROM logins"); $pass_accepted = false; if($_REQUEST['username'] && $_REQUEST['password']){ $username = $_REQUEST['username']; $password = $_REQUEST['password']; while($row = mysql_fetch_array($data)){ if(($row['username']==$useranme)&&($row['password']==$password){ echo 'Password correct!'; $_SESSION['loggedin']=true; $pass_accepted = true; } } } else { echo 'You did not enter a username or password!'; } if(!$pass_accepted){ echo 'Your password is incorrect'; } echo '<br>Please <a href="index.php">click here</a> to return to page'; ?> I have checked that my references are all correct however even when I enter the correct password it returns saying the password is incorrect. Any idea on why this could be? I am happy to answer any follow up questions. Regards My code does not have any errors. However, when I test it, all it says is "you have entered an incorrect username and password. But I can't even see the username and password text boxes to enter a username or password. I am trying to create a remote login to one website using mine. The users will need to enter their username and password on my site, and if they are registered to my website, their login credentials will be sent to another website and a page will be retrieved.
I am stuck at sending the users' data to the original site. The original site's viewsource is this..
<form method=post> <input type="hidden" name="action" value="logon"> <table border=0> <tr> <td>Username:</td> <td><input name="username" type="text" size=30></td> </tr> <tr> <td>Password:</td> <td><input name="password" type="password" size=30></td> </tr> <td></td> <td align="left"><input type=submit value="Sign In"></td> </tr> <tr> <td align="center" colspan=2><font size=-1>Don't have an Account ?</font> <a href="?action=newuser"><font size=-1 color="#0000EE">Sign UP Now !</font></a></td> </tr> </table>I have tried this code, but not works.
<?php
$username="username";
$password="password";
$url="http://www.example.com/index.php";
$postdata = "username=".$username."&password=".$password;
$ch = curl_init();
curl_setopt ($ch, CURLOPT_URL, $url);
curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt ($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6");
curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_REFERER, $url);
curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);
curl_setopt ($ch, CURLOPT_POST, 1);
$result = curl_exec ($ch);
header('Location: track.html');
//echo $result;
curl_close($ch);
?>
Any help would be appreciated, Thanks in advance.
|
|||||||