Code: Select all
andCode: Select all
tags where appropriate when posting code. Read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]
Hi everybody,
I have this script (welcome.php):Code: Select all
<?
session_start();
if(isset($_REQUEST['Submit'])) {
if(isset($_REQUEST['checkbox'])) {
setcookie('login', $_REQUEST['login'], mktime()+(86400*30));
setcookie('pass', $_REQUEST['pass'], mktime()+(86400*30));
setcookie('remember', "checked", mktime()+(86400*30));
} else {
setcookie("login", NULL, mktime() - 3600);
setcookie("pass", NULL, mktime() - 3600);
setcookie('remember', NULL, mktime()+(86400*30));
}
}?>
<html>
<head></head>
blah blah
Log in </u></h2>
<form action="welcome.php" method="post">
<p><strong>E-mail</strong>:
<input type="text" name="login" value="<? echo $_COOKIE["login"]?>" >
<br><strong>Password</strong>:
<input type="password" size=21 name="pass" value="<? echo $_COOKIE["pass"]?>">
<br>
<span class="style3">Remember values</span>
<input name="checkbox" type="checkbox" value="checkbox" <? echo $_COOKIE["remember"]?>>
</p>
<p>
<input name="Submit" type="Submit" value="Log in">
<span style="" lang="EN-US"> <a href="forgot.php">Forgot</a> my password </span></p>
</form>
<?
include("../include/constants.php");
// only validate form when form is submitted
if(isset($_REQUEST['Submit'])){
$login=$_REQUEST['login'];
$pass=$_REQUEST['pass'];
$error_msg='';
$empty="";
if(trim($login)=='') {
$error_msg.="Write your e-mail address<br>";
} else {
// check if email is a valid address in this format username@domain.com
if(!ereg("[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]", $login)) $error_msg.="Write your e-mail address in format login@domain.com<br>";
}
if(ereg("[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]", $login)) {
mysql_connect(DB_SERVER,DB_USER,DB_PASS);
@mysql_select_db(DB_NAME) or die( "Unable to select database");
$q = "SELECT id FROM users WHERE email = '$login'";
$result = mysql_query($q);
if(mysql_numrows($result) < 1) {
$error_msg.="$login does not exist in the users database, please enter a registered e-mail address, or register one.";
}
}
if($error_msg==''){
mysql_connect(DB_SERVER,DB_USER,DB_PASS);
@mysql_select_db(DB_NAME) or die( "Unable to select database");
$q = "SELECT pass FROM users WHERE email = '$login'";
mysql_query($q);
$result = mysql_query($q);
if (md5($pass) == mysql_result($result,0,"pass")) {
$_SESSION['login'] = $login;
?> <META HTTP-EQUIV="Refresh" CONTENT="0; URL=login.php"> <?
} else {
?> <strong> <? echo "<font color=red>Wrong password!</font>"; ?> </strong> <?
}
} else {
?> <strong> <? echo "<font color=red>$error_msg</font>"; ?> </strong> <?
}
}?> </p>
</div>
<div align="right"><br>
</div>
</div>
</body>
</html>Everything works fine, the way i want it. If you select remember values, a cookie is created and every visit, values are filled automatically. When deselected, cookie is deleted and next time values must be entered manually. Also its fine that if by any chance refresh is pressed, or another page is visited and then going back to welcome page, values are preserved and entered if cookie exists.
The only problem is, that when cookie is created, on next visit,values are filled, but if user wants to change them, it will still login with old values. Even if i clear the login box, no mistake is detected, and login is made with original values from cookie.
Can anyone suggest me what am I doing wrong and how to fix it without loosing any of the features i described above?
Thanks in advance, and compliments to phpBB group by the newest member.
Icy.
Jcart | Please use
Code: Select all
andCode: Select all
tags where appropriate when posting code. Read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url][/color]