Page 1 of 1

Simplest of simple... login/logout

Posted: Tue Nov 23, 2004 1:26 am
by Steveo31
Weirdest things happening here. The login script(stripped down as to pinpoint the error):

Code: Select all

<?php
session_start();
header("Cache-control:private");
mysql_connect('localhost', '***', '*****');
mysql_select_db('*********');

if(isset($_POST['rememberme'])){
    $realname = mysql_query("SELECT username AS `name` FROM users WHERE username = '{$_POST['username']}'") or die(mysql_error());
    $real = mysql_fetch_assoc($realname);
    setcookie("log", $real['name'], time()+2342342);
}
?>
<head>
    <title>Login: The Obvious Reasons</title>
    <link rel="stylesheet" type="text/css" href="style.css">
</head>
<?php
$name = $_POST['username'];
$password = $_POST['password'];
$q = mysql_query("SELECT username, password, firstname 
                  FROM users WHERE LOWER(username)=LOWER('$name') 
                  AND LOWER(password)=LOWER('$password') AND valid=1") or die(mysql_error());

if(mysql_num_rows($q) > 0){
    $row = mysql_fetch_assoc($q);
    echo "Logging you in...";
    echo "<META http-equiv='refresh' content='0;index.php'>";
    $_SESSION['firstname'] = ucfirst($row['firstname']);
	$_SESSION['username'] = $row['username'];
}else{
    echo "Error:  ".mysql_error();
    echo "<p>Couldn't log you in.</p>";
}
?>
Every now and again it will throw an error about undefined index on the lines

Code: Select all

$name = $_POST['username'];
$password = $_POST['password'];
Which is not right at all as the form is posting to this page... maybe there is an enctype I need or somethin, I'm totally lost on that one. It's basic beginner stuff. :(

The logout is also throwing me...

Code: Select all

<?php
session_start();

if(isset($_COOKIE['log'])){
    setcookie("log", '', time()-3999);
}
?>
<head>
    <title>Logout...</title>
    <link rel="stylesheet" type="text/css" href="style.css">
</head>
<?php
$_SESSION = array();

if(!isset($_COOKIE['log'])){
    echo "Logging you out...";
    echo "<META http-equiv='refresh' content='2;http://****.com>";
}else{
    echo "Error...";
    print_r($_COOKIE);
}

?>
I don't really understand it. This one, when the cookie is set, has to be refreshed to actually delete the code, and it prints the cookie info, which it shouldn't as it sets the cookie time to the past, hence deleting it.

Any ideas? I'm pretty flabbergasted on this one.

Thanks :)

Posted: Tue Nov 23, 2004 3:10 am
by phpScott
with the login script is that any that you are doing that throughs the error like not filling out a form field or the like, can you reproduce consitantly?

do a if(isset() AND != '' ) around your username and password before doing your sumbit if false return to say that they are missing a field or the like.

Posted: Tue Nov 23, 2004 1:38 pm
by Steveo31
Na, the error seems pretty random... which is why it's throwing me. I'll debug some more.