PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
Moderator: General Moderators
Russ
Forum Newbie
Posts: 21 Joined: Tue Jun 25, 2002 3:33 pm
Post
by Russ » Tue Jul 30, 2002 12:35 pm
for some reason my code seems to be checking the username when nothing has been submitted. heres my code
Code: Select all
<?php
if('$submit'){
switch ($action) {
case login:
process_login();
die();
case logout:
}
global $username;
global $password;
$db = @mysql_connect("$dbhost", "$dbuname", "$dbpage");
if (!$db) {
echo( "<p>Unable to connect to the " .
"database server at this time.</p>" );
exit();
}
mysql_select_db("$dbname", $db);
if (! @mysql_select_db("$dbname") ) {
echo( "<p>Unable to locate the members " .
"database at this time.</p>" );
exit();
}
$query3 = "SELECT id FROM membersdb WHERE "
. "username='$username'";
$result3 = mysql_query($query3)
or die("Query failed at userid retrieval stage.");
$num_rows = mysql_num_rows($result3);
$myrow = mysql_fetch_array($result3);
$user_id = $myrowї0];
if ($id == "") {
print ("<font color=red> Sorry, but the username you submitted was wrong. Sort it out.</font>");
print "<form method=post action="$PHP_SELF">";
print " <b>User Name</b>:<input type=text name=username size=15 maxlength=10 class=textbox>";
print " <b>Password</b>:<input type=password size=15 maxlength=10 name=password class=textbox>";
print " <input type=submit value=Login class=button>";
print "</form>";
print ("<p>");
print ("<font class=rm>Not a member? <a href=join.php class=rm>Click Here</a></font>");
} elseif ($password == "") {
$query3 = "SELECT password "
. " FROM membersdb "
. " WHERE username='$username'";
$result3 = mysql_query($query3)
or die("Query failed at userid retrieval stage.");
$encryptedpassword = md5($password);
$myrow = mysql_fetch_array($result3);
$password = $myrowї0];
if ($encryptedpassword == $password) {
setcookie ("ck_username", $username);
setcookie("ck_password", $password);
setcookie("ck_id", $id);
print ("Welcome $username: ї<a href=members?action=edit&id=".$myrowї'id'].">Settings</a>|Logout]");
} else {
print ("<font color=red> Sorry, but the password you submitted was wrong. Sort it out.</font>");
print ("<form method=post action="$PHP_SELF">");
print (" <b>User Name</b>:<input type=text name=username size=15 maxlength=10 class=textbox>");
print (" <b>Password</b>:<input type=password size=15 maxlength=10 name=password class=textbox>");
print (" <input type=submit value=Login class=button>");
print ("</form>");
print ("<p>");
print ("<font class=rm>Not a member? <a href=join.php class=rm>Click Here</a></font>");
}
}
} else {
print ("<form method=post action="$PHP_SELF">");
print (" <b>User Name</b>:<input type=text name=username size=15 maxlength=10 class=textbox>");
print (" <b>Password</b>:<input type=password size=15 maxlength=10 name=password class=textbox>");
print (" <input type=submit value=Login class=button>");
print ("</form>");
print ("<p>");
print ("<font class=rm>Not a member? <a href=join.php class=rm>Click Here</a></font>");
}
?>
gotDNS
Forum Contributor
Posts: 217 Joined: Tue May 07, 2002 5:53 pm
Location: West Chester, PA
Post
by gotDNS » Tue Jul 30, 2002 1:07 pm
i dont have time to read that all, so i'll just paste what I use...
Main portion of the page you login from:
Code: Select all
<?php
session_start();
mysql_connect("localhost:3306", "techy") && mysql_select_db("forum")
or $failed = "Could not connect to database.";
$loginform = "<form method="post" action="login.php">
<img src="forumtop.gif" /><br /> <b><u>Login</u></b><br />
Username: <input type="text" size="16" maxlength="16" name="username" />
Password: <input type="password" size="16" maxlength="16" name="password" />
<input type="hidden" name="login" value="true" />
<input type="submit" value="Login" />
</form>";
echo "<html><head>
<title>Techy Board</title>
<link rel="stylesheet" type="text/css" href="forum.css" />
</head>
<body marginheight="0" marginwith="0" topmargin="0" leftmargin="0">";
if(session_is_registered("loggedin"))
{
echo "<img src="forumtop.gif" /><br /> <b>You are logged in as $loggedin</b> : <a href="logout.php" class="NLINK">Logout</a><br /><br />";
}
else
{
echo $loginform;
}
?>
<br />
<table cellpadding="0" cellspacing="0" width="92%" border="0" align="center">
<tr>
<td colspan="2"><a href="index.php" class="NLINK">Techy Home</a></td>
</tr>
<tr>
<td width="20"></td>
<td>
<?php
if(session_is_registered("loggedin"))
{
echo "<a href="editup.php" class="NLINK">Edit User Profile</a><br />";
}
else
{
echo "<a href="signup.php" class="NLINK">Sign-Up to post</a> (free)<br />";
}
?>
<br /><b>NOTE: Remember, keep the language clean. Please no spamming. The cleaner the forum, the less the restrictions. Thanks. -Admin</b>
</td>
</tr>
</table>
The page that does the loggin in:
Code: Select all
<?php
session_start();
mysql_connect("localhost:3306", "techy") && mysql_select_db("forum")
or $failed = "Could not connect to database.";
$result = mysql_query("select * from usrinfo where username="$username"");
$loginform = "<form method="post" action="login.php">
<img src="forumtop.gif" /><br /> <b><u>Login</u></b><br />
Username: <input type="text" size="16" maxlength="16" name="username" />
Password: <input type="password" size="16" maxlength="16" name="password" />
<input type="hidden" name="login" value="true" />
<input type="submit" value="submit" />
</form>";
$loginform2 = "<form method="post" action="login.php">
<img src="forumtop.gif" /><br /> <b>ERROR: Username or password incorrect.</b><br /><br /> <b><u>Login</u></b><br />
Username: <input type="text" size="16" maxlength="16" name="username" />
Password: <input type="password" size="16" maxlength="16" name="password" />
<input type="hidden" name="login" value="true" />
<input type="submit" value="submit" />
</form>";
echo "<html><head>
<title>Techy Board</title>
<link rel="stylesheet" type="text/css" href="forum.css" />
</head>
<body marginheight="0" marginwith="0" topmargin="0" leftmargin="0">";
$row = mysql_fetch_assoc($result);
if($rowї"password"]==md5($password))
{
$loggedin=$username;
session_register("loggedin");
if($paramsї"prevurl"])
header("Location: $prevurl");
else
echo "<img src="forumtop.gif" /><br /> <b>You are logged in as $loggedin</b> : <a href="logout.php" class="NLINK">Logout</a><br /><br />";
}
else
{
echo $loginform2;
}
?>
<br />
<table cellpadding="0" cellspacing="0" width="92%" border="0" align="center">
<tr>
<td colspan="2"><a href="index.php" class="NLINK">Techy Home</a></td>
</tr>
<tr>
<td width="20"></td>
<td>
<?php
if(session_is_registered("loggedin"))
{
echo "<a href="editup.php" class="NLINK">Edit User Profile</a><br />";
}
?>
<br /><b>NOTE: Remember, keep the language clean. Please no spamming. The cleaner the forum, the less the restrictions. Thanks. -Admin</b>
</td>
</tr>
</table>
Hope i helped...
cheatboy00
Forum Contributor
Posts: 151 Joined: Sat Jun 29, 2002 10:36 am
Location: canada
Contact:
Post
by cheatboy00 » Tue Jul 30, 2002 1:12 pm
Russ wrote: Code: Select all
$query3 = "SELECT id FROM membersdb WHERE "
. "username='$username'";
I believe is wrong.. though i might be.... it should be
Code: Select all
$query3 = "SELECT id FROM membersdb WHERE username = '$username'";
llimllib
Moderator
Posts: 466 Joined: Mon Jul 01, 2002 2:19 pm
Location: Baltimore, MD
Post
by llimllib » Tue Jul 30, 2002 1:13 pm
The . concatenates the two lines, cheat. That line should work fine, looks like to me
cheatboy00
Forum Contributor
Posts: 151 Joined: Sat Jun 29, 2002 10:36 am
Location: canada
Contact:
Post
by cheatboy00 » Tue Jul 30, 2002 1:15 pm
oh... well i didn't know that thanks...
Russ
Forum Newbie
Posts: 21 Joined: Tue Jun 25, 2002 3:33 pm
Post
by Russ » Tue Jul 30, 2002 1:20 pm
it just seems abit wierd that it submits without me submitting, and when I do try and submit, it still acts as if the username is wrong or there is no username
Russ
Forum Newbie
Posts: 21 Joined: Tue Jun 25, 2002 3:33 pm
Post
by Russ » Tue Jul 30, 2002 1:34 pm
this is just crazy now, when I take the ' off the if('$submit'), it looks fine, but doesn't submit when I click submit, and when I add the ' to the if('$submit'), it submits without submitting, and when I do submit, it acts as if nothing was submitted
llimllib
Moderator
Posts: 466 Joined: Mon Jul 01, 2002 2:19 pm
Location: Baltimore, MD
Post
by llimllib » Tue Jul 30, 2002 1:45 pm
alright russ, chill out. Breathe, 1, 2, easy, there we go.
First off, if('$submit') is flawed in a couple of ways. If you wanted to check for the existence of a $submit variable, your should do it like if(isset($_POST['submit'])). However, you shouldn't do that. instead, you should do something like if(isset($_POST['username'])) because sometimes broswers don't submit the submit button (funny as that sounds).
I haven't looked over the rest of your script, but that's a good start. Let me know what happens once you do that.
Russ
Forum Newbie
Posts: 21 Joined: Tue Jun 25, 2002 3:33 pm
Post
by Russ » Tue Jul 30, 2002 2:51 pm
okay, thank you, that actually works, but now when I check the username in the database it doesn't seem to work
Russ
Forum Newbie
Posts: 21 Joined: Tue Jun 25, 2002 3:33 pm
Post
by Russ » Tue Jul 30, 2002 2:58 pm
opps, sorry, common spelling error didn't make that work
, but when I submit, it doesn't show the welcome message.
llimllib
Moderator
Posts: 466 Joined: Mon Jul 01, 2002 2:19 pm
Location: Baltimore, MD
Post
by llimllib » Tue Jul 30, 2002 2:59 pm
why are you declaring username and password as global? in other programming languages, global makes something available to all functions, but in PHP, global accesses a variable out of local scope that *already* exists, so it doesn't seem that your variables need to be global, and that may in fact handicap you. Also, you should use the $_POST array:
Code: Select all
$username = $_POSTї'username'];
$password = $_POSTї'password'];Then, if you want to access those variables from inside a function, you could declare "global $username" and you would be set.
Russ
Forum Newbie
Posts: 21 Joined: Tue Jun 25, 2002 3:33 pm
Post
by Russ » Tue Jul 30, 2002 3:03 pm
arrggghh, and also my cookies don't work, this site will be the death of me, taken me 6 months to make, I'll be glad when its done
cheatboy00
Forum Contributor
Posts: 151 Joined: Sat Jun 29, 2002 10:36 am
Location: canada
Contact:
Post
by cheatboy00 » Tue Jul 30, 2002 3:06 pm
cookies suck....
my opinion is to use sessions.... damn eaiser ...
Russ
Forum Newbie
Posts: 21 Joined: Tue Jun 25, 2002 3:33 pm
Post
by Russ » Tue Jul 30, 2002 3:10 pm
cheatboy00 wrote: cookies suck....
my opinion is to use sessions.... damn eaiser ...
I dunno which is better to be honest, I just read a tutorial on how to make a login script, and they said they will use cookies. Basicly my site will be like a big forum, where ppl can login and comment on reviews/news/atricles etc
cheatboy00
Forum Contributor
Posts: 151 Joined: Sat Jun 29, 2002 10:36 am
Location: canada
Contact:
Post
by cheatboy00 » Tue Jul 30, 2002 3:20 pm
yeah sessions would be eaiser....
becasue if oyu use cookies your going to have to keep calling them.. $_COOKIE['suff'], or however you do it.
note: this is asuming global varibals is on.
but sessions all you have to do is session_start() at the top of every page...
when they login just do this:
$info_you_want_stored ="stuff";
session_register('info_ou_want_stored');
so when you want to call upon the variable for use just do it like you would for any other variable (so.. $info....)
well that is kinda the basics of it... go check out php.net search for session... they give you more info on it...