login script using cookies - cant find my id10t errors

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
legaxy
Forum Newbie
Posts: 19
Joined: Thu Mar 20, 2003 3:26 am
Location: Auckland, New Zealand
Contact:

login script using cookies - cant find my id10t errors

Post by legaxy »

I'm trying to write a login script using cookies, and a database i've looked a quite a few of the tutorial login scripts on the net and cant seem to find what I am looking for. I pretty much know what I want and am pretty sure i'm doing it correctly, but its still giving me no result. :cry: If you could point out where i've gone wrong it would be cool.

Thanks,

Code: Select all

<?
require("mysql.php");
 if ($action == "login") {
 $query  = "SELECT password FROM users WHERE username='$username'";
$results = mysql_query($query);
while ($rows=mysql_fetch_assoc($results))
{ //open of mysql password retrieveal
//$encryptedpassword = md5($password);
 //sets the password to encrypted version so it match the db password
if ($password === $rows['password']){ //start if password
setcookie("admin", "loggedin", "3600");
header('Location: admin.php');
}//end if password
else {  //start else
$error = "incorrect password";
} //finish else
} //close of password retrieveal mysql
}//close of login.
elseif ($action == "logout") {
setcookie("admin", "loggedout", "-3600");
header('Location: http://www.google.com');
}
echo $error;
?>
<?
if ($admin == "loggedin") {
?>
your logged in!!
<?
}
?>
User avatar
Gianni_T
Forum Newbie
Posts: 8
Joined: Fri Aug 01, 2003 12:47 am
Location: Bari, Italy
Contact:

Post by Gianni_T »

perhaps "register global" is off in your server ad so $action and $admin are not set. If so, try to use $_POST['action'] if $action come from a post or $_GET['action'] if it come from the url. Instead of $admin use $_COOKIE['admin']
legaxy
Forum Newbie
Posts: 19
Joined: Thu Mar 20, 2003 3:26 am
Location: Auckland, New Zealand
Contact:

Post by legaxy »

sweet thanks, thought it was something minor :-P
m3rajk
DevNet Resident
Posts: 1191
Joined: Mon Jun 02, 2003 3:37 pm

Post by m3rajk »

that one is ... well.. maybe not minor, but something you should be aware of. any good hosting company will have it off because otherwise it's a security issue
Post Reply