Help needed with login coding - Please

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
advisual
Forum Newbie
Posts: 4
Joined: Wed Apr 19, 2006 3:56 pm

Help needed with login coding - Please

Post by advisual »

Jcart | Please use

Code: Select all

and

Code: Select all

tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]


Hi All,

On my login page, for some reason the login file will not recognize the correct login number as supplied by the admin file as it should. It continually says login failed, please try again.
Can anyone see where the code may be going awry. Any help would be appreciated.

login.php file reads;

Code: Select all

<?php
 
session_start();
$_SESSION["loggedin"] = false;
require("admin_1.php");

if ($_REQUEST["submit"]) {
	if ($_REQUEST["username"] == $adminUsername && md5($_REQUEST["password"]."phpCart") == $adminPassword){
		$loggedin = true;
		session_register("loggedin");
		$_SESSION["loggedin"] = true;
		header("Location: index.php");
		exit();
	}
	else
		$errormessage = "Login failed, please try again.<br>\n";
}
	require("hf.php");
	pageHeader();
	echo $errormessage;
	?>
	<form action='login.php' method='post'>
	<div align='center'>
	<center>
	<table border='0' cellpadding='0' cellspacing='8' width='55%'>
		<tr>
			<td width='59%'><font size='2' face='Verdana'>Login Username:</font></td>
			<td width='41%'><input type='text' name='username' size='20' value='<? echo $_REQUEST["username"]; ?>'></td>
		</tr>
		<tr>
			<td width='59%'><font size='2' face='Verdana'>Password:</font></td>
			<td width='41%'><input type='password' name='password' size='20'></td>
		</tr>
		<tr>
			<td width='100%' colspan='2'>
			<p align='center'><input type='submit' name='submit' value='Login'></p>
			</td>
		</tr>
	</table>
	</center>
	</div>
	</form>
<?
pageFooter();
?>

admin_1.php file which is called reads;

<?php
$adminUsername	= "admin";
$adminPassword	= "admin";
?>
Thanks


Jcart | Please use

Code: Select all

and

Code: Select all

tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read:  [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
User avatar
John Cartwright
Site Admin
Posts: 11470
Joined: Tue Dec 23, 2003 2:10 am
Location: Toronto
Contact:

Post by John Cartwright »

change your admin password to the result of

Code: Select all

echo md5('adminphpCart');
then it should work. You were trying to compare the raw password with an encrypted one, as well as you were appending a salt "phpCart".
advisual
Forum Newbie
Posts: 4
Joined: Wed Apr 19, 2006 3:56 pm

Post by advisual »

Thanks Jcart for the assist. But I'm not quite sure where you want me to place that code.

Thanks
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Code: Select all

<?php
if ($_REQUEST["username"] == $adminUsername && md5($_REQUEST["password"]."phpCart") == $adminPassword) {
    $loggedin = true;
    session_register("loggedin");
    $_SESSION["loggedin"] = true;
    header("Location: index.php");
    exit();
}
?>
There are a couple of things you should look to change in this snippet:

1. Use post instead of request.
2. Where is $adminUsername being set? If this fails you trigger the 'else'.
3. Where is $adminPassword set? Is it set to an md5 hash? If this fails you trigger the 'else'
4. Don't use session_register if you are using the $_SESSION array.
5. Use a full URL for the header loaction.

Try change these things and see what you get. Post the results if you are still having problems.
Post Reply