error in my login script

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
andreea115
Forum Newbie
Posts: 9
Joined: Tue Aug 23, 2011 6:18 am
Location: United Kingdom

error in my login script

Post by andreea115 »

hi everyone

i have written a login script that first confirms whether the Users eamil and password match those held in the database and also confirms whether the Users account has been activiated ( i.e if the account has been activate then the data in the 'active' column of the database should be equal to NULL.

Thereafter, it checks what kind of membership the user has (i.e membership 'A' or membership 'F'). It then redirects the member to the appropriate membership page: i.e login page A or login page F.


the problem that i have is that the script does not seem to work. the funny thing is that it worked for several days and then stopped working. i obviosuly have a bug somewhere but cannot find what the bug is. i have tripple checked my code and it seems fine.

i aprricate help from everyone. thank you very much.

Code: Select all






$dbc = @mysqli_connect (DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);



if (!$dbc) {

    trigger_error ('Could not connect to MySQL: ' . mysqli_connect_error() );

}

















    //variable for names     

        $e = '';

        $LN = '';

        







    if(isset($_POST['submit']))

      {

          

            require_once ('db_fns.php'); // Connect to the db.

    

        

            

            

            

            

        

    if(!empty($_POST['email'])){

        $e = mysqli_real_escape_string($dbc,trim($_POST['email']));

     

    echo $e;

    

    }

    else{

        $e = false;

         echo '<p class="error">You forgot to enter your email address!</p>';



    }

                

            

    if(isset($_POST['pass'])){

       $p = mysqli_real_escape_string($dbc,trim($_POST['pass']));

    }

      else

      {

        $p = false;        

       echo '<p class="error">You forgot to enter your password!</p>';

    

            

      }    

              

    

    

    

    

    if ($e && $p) { // If everything's OK.

        

         

        $select =  "  SELECT 

                            first_name , 

                            membership_type , 

                            user_id, 

                            user_level ";

        $from = "    FROM 

                 users    ";

                             

        $where = sprintf("  WHERE

                  email = '%s', 

                  AND pass='%s' ,

                  AND active = 'NULL'

                  

                  ", 

                   mysqli_real_escape_string(trim($e)),

                   mysqli_real_escape_string(trim(SHA1("$p") ))

                  

                                  );

                                     

                                          

        $order = "  ORDER BY  user_id DESC  LIMIT 1";

            

        $query = $select.$from.$where.$order;

        

    

        $result = mysqli_query($query);

        

        confirm_query ($result);



    

            

        

        if (mysqli_num_rows($result) == 1) { // A match was made.

    

                // Register the values & redirect:

                

                

                $_SESSION = mysqli_fetch_array ($result, MYSQL_ASSOC); 

                

                $returns=$_SESSION;

                         

                 

                $membership_type = $returns[ 'membership_type'  ];

                    

                

                

        }

                

    if ( $membership_type ==  'A' )  

        {

                           $A_id =  $_SESSION['user_id']; 

                

                mysqli_free_result($r);

                mysqli_close($dbc);

                $url = BASE_URL . 'index.php?view=loginA';// Define the URL:

    

                ob_end_clean(); // Delete the buffer.

                header("Location: $url");

                exit(); // Quit the script.

            

                

        }

        elseif  ( $membership_type ==  'F' )  

        

        {

             $f_id  =  $_SESSION['user_id']; 

            

            

                mysqli_free_result($r);

                mysqli_close($dbc);

                $url = BASE_URL . 'index.php?view=loginF';// Define the URL:

    

                ob_end_clean(); // Delete the buffer.

                header("Location: $url");

                exit(); // Quit the script.

            

            

        }

        

        else {

            

             $suspended_id  =  $_SESSION['user_id']; 

            

            

                mysqli_free_result($r);

                mysqli_close($dbc);

                $url = BASE_URL . 'index.php?view=login';// Define the URL:

    

                ob_end_clean(); // Delete the buffer.

                header("Location: $url");

                exit(); // Quit the script.

            

            

        }

                

                

                

            }// END of conditional for whether the correct data was submitted to database for login. 

            

            

            else { // No match was made.

                

                

                

                

                echo '<p class="error">Either the email address and password entered do not match those on 

                file or you have not yet activated your account.</p>';

            }

            

        

        

            }//} // End of SUBMIT conditional.

        ?>

        <br /><br />

        

         <h1 class="main_pageheading1">&nbsp;</h1>

         <h1 class="main_pageheading1">     Login Page for Aupair World Agency     </h1>



<p>&nbsp;</p>

<p>&nbsp; </p>

        

        

        

        

        

        <p   class="main_pageheading2" >Your browser must allow cookies in order to log in.</p>

        

        <br /><br /><br />

            

<p>&nbsp;</p>

<p>&nbsp; </p>

        

    





    <form action="index.php?view=login" method="post">

                

        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse"   align="center" 

        bordercolor="#FCF3E5" width="85%" id="AutoNumber6" height="200">

          

      

      

        <tr>

        <td width="50%" class="forms"  >

        

            

        <strong>Email Address:</strong> 

        

            </td>

            

                      

        <td width="50%" class="forms"   >    

            

      

         <?php echo '<input type="text" name="email" size="20" 

        maxlength="80"  style="font-family: Tahoma; width: 300px;  height: 30pt;     font-size: 16pt"

           value="' . $e . '"  />'; ?>     

       

        

          

          </td>

        </tr>

      

        



    <tr>

        <td width="50%" class="forms"   >

        

            

    <strong>Password:</strong> 

        

    </td>

            

                      

      <td width="50%" class="forms"   >    

            

    

        <input type="text"  name = 'pass'    size="10" 

        maxlength="20"  style="font-family: Tahoma; 

             width: 300px;  height: 30pt; font-size: 16pt"    />

             

       </td>

       </tr>

      

       

       

            

     <tr  style="margin-bottom:120px; height: 80px;"   >

   

        <td   align="center"colspan="2" class="forms"  style="margin-bottom:120px;"    >

                    

              <input type="submit"  name="submit"  size="20"  style="font-family: Tahoma; width: 150px; 

               height: 25pt;    font-size: 14pt"  value="login"  >

              

        <input type="hidden" name="submitted" value="TRUE" />

            

        

    </td>

    </tr>

                    

          </table>



                </form>








phphelpme
Forum Contributor
Posts: 261
Joined: Sun Nov 21, 2010 3:32 pm

Re: error in my login script

Post by phphelpme »

Are you getting any error codes when you run the script to start off with?

Best wishes
User avatar
social_experiment
DevNet Master
Posts: 2793
Joined: Sun Feb 15, 2009 11:08 am
Location: .za

Re: error in my login script

Post by social_experiment »

If it suddenly stopped working it might be recent changes to your webserver. Like phphelpme, i (and i think most others) require a bit more information about which errors you are receiving.
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
Post Reply