Login Script - Help Needed
Posted: Tue Jul 29, 2003 3:04 am
Hey, uh, I'm having some issues with a simple login script. I've written a login script no problem at all, hell, I've written a whole simple text-based sim game. I don't know what the problem is with this, though.
Login.php:
Log.php
news.php
logout.php
Those are roughly all my codes. So what happens is:
You start at login.php and you login, which brings you to log.php
Log.php brings you to logout.php, though it doesn't log you out, it just brings you to that page. It doesnt set anything to 0 or anything, and it doesn't delete the cookie. The url is then log.php, so its being included. I've looked at this for a really long time, I even tried using sessions, but I still can't figure it out. Any ideas what could be causing this problem? The cookie sets properly, because, at the bottom of logout.php
, it has that snip of code, and it does not return anything empty. Now, if I logged in, and got to logout.php, i can just type the url 'news.php' and it doesn't log me out.
Thanks in advance for looking at this.
-Dani
Login.php:
Code: Select all
<form method="post" action="log.php">
<b>Play:<BR>
<table border="0">
<tr><td><td><td>
<font color="#002346">Login:<td><input type="text" size="10" name="mlogin"><BR><tr>
<td><td><td><font color="#002346">Password:<td><input type="password" size="10" name="mpass"></table>
<input type="Submit" name="login" value="Login!"><BR></form>Code: Select all
<?php
include ('dbconnect.php');
$mlogin = $_POST['mlogin'];
$mpass = $_POST['mpass'];
if ($mlogin != "" and $mpass != "")
{
$result = mysql_query("SELECT * FROM members WHERE mlogin='$mlogin' and mpass='$mpass'") or die('cannot select members');
$row = mysql_fetch_array($result);
$pid = $row['pid'];
$mname = $row['mname'];
if ($pid != "") {
setcookie("pid",$pid,time()+3600,"/",".site.com",0);
$timenow = time();
$sql = ("UPDATE members SET atime='$timenow' WHERE pid='$pid'")
or die ("cannot select updae active time");
$result = mysql_query($sql);
$sql = ("UPDATE members SET logged_on='1' WHERE pid='$pid'")
or die ("cannot select updae active time");
$result = mysql_query($sql);
include("news.php");
exit;
}
else
{
include("index.php");
}
}
?>Code: Select all
<?php
$pid = $_COOKIE['pid'];
if ($pid == "")
{
echo "$pid this is pid <BR>";
include('logout.php');
exit;
}
include ('dbconnect.php');
$result = mysql_query("SELECT pid from members") or die ('error on selecting horses');
$numplayers = mysql_num_rows($result);
$result = mysql_query("SELECT mname, pid from members where logged_on='1'") or die ('error on selecting horses');
$numon = mysql_num_rows($result);
echo "There are $numon out of $numplayers members logged on!<BR>";
if ($numon = 0)
{
echo "No Members On!";
}
else
{
while ($row = mysql_fetch_array($result))
{
$onmname = $row['mname'];
$onpid = $row['pid'];
echo "<a href='pid.php?pid=$onpid'>$onmname</a> - ";
}
}
$result = mysql_query("SELECT mname from members where pid='$pid'") or die ('error on selecting member');
$row = mysql_fetch_array($result);
$mname = $row['mname'];
echo "<BR><BR>You are logged in as $mname, #$pid.";
echo "<BR>You have (#) new messages!";
?>Code: Select all
<?php
$mid = $_COOKIE['mid'];
include('dbconnect.php');
//get the current time
$timenow = time();
//while loop that selects members who have active time
$result = mysql_query("SELECT pid, atime FROM members WHERE logged_on='1'")
or die ("cannot select last logged in time");
while ($row = mysql_fetch_array($result))
{
$pid = $row["pid"];
$atime = $row["atime"];
$timediff = $timenow - $atime;
if ( $timediff >= 30) //kicks off members who have been on for an hour
{
$sql = mysql_query("UPDATE members SET logged_on='0' where pid='$pid'") or die ('cannot log off membrers');
$sql = mysql_query("UPDATE members SET atime='0' where pid='$pid'") or die ('cannot reset members last active time on the site');
} //end if
} //end while
?>
<font color="white"><center>
<form name="login" method="post" action="log.php" target="_parent">
Login Name:<input type="text" name="login"><br>
password:<input type="password" name="pass"><br>
<input type="submit" value="submit">
</form>
Logged out! <? echo"$pid = pid."; ?>
?>You start at login.php and you login, which brings you to log.php
Log.php brings you to logout.php, though it doesn't log you out, it just brings you to that page. It doesnt set anything to 0 or anything, and it doesn't delete the cookie. The url is then log.php, so its being included. I've looked at this for a really long time, I even tried using sessions, but I still can't figure it out. Any ideas what could be causing this problem? The cookie sets properly, because, at the bottom of logout.php
Code: Select all
<?php
Logged out! <? echo"$pid = pid."; ?>
?>Thanks in advance for looking at this.
-Dani