I need help w/ my login script

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

That entire segment of code has problems all over it. Try this one...

Code: Select all

<?php
if ( isset($_POST['submit']) ) { // Fixed the writing of the POST array var
        if ( empty($userid) ) { // Removed the '] from the end of user id and added a closing )
                header("Location: http://www.mysite.com/memberok.php"); // Always ue a full URL for header redirects
        } else {
                echo 'Login incorrect.';
        }
} 
?>
Try looking over the code and see what was done.
4Boredom
Forum Contributor
Posts: 176
Joined: Tue Nov 08, 2005 4:29 pm

Post by 4Boredom »

this stuff is still messed up..

Search coming soon...
Parse error: parse error, unexpected '?', expecting ',' or ')' in /home/i4boredo/public_html/login_success.php on line 3

Code: Select all

<?php 

if ( isset($_POST?['submit']) ) { 
        if ( empty($userid']) { 
                header("Location: memberok.php"); 
        } else { 
                echo 'Login incorrect.'; 
        } 
} 
?>
<form method="post" action="formTest.php">
Enter an Email: <input type="text" name="emailAddress" />
<input type="submit" name="submit" value="Submit Email Address" />
</form>
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

OK, look at your code, then look at my code. There is one key diffrence in the second if. Find it and fix it and you will be golden. I have done this for you twice already so I am leaving it up to you to find it this time. :wink:
User avatar
nickman013
Forum Regular
Posts: 764
Joined: Sun Aug 14, 2005 12:02 am
Location: Long Island, New York

Post by nickman013 »

I see a few errors, but the reason for the error your getting is this. (BTW, it is easy to spot errors when the color is different).
$_POST?['submit'])
No need for a question mark, and
if ( empty($userid'])
in between the () you are missing a quotation mark before $userid, there is no need for it also.
4Boredom
Forum Contributor
Posts: 176
Joined: Tue Nov 08, 2005 4:29 pm

Post by 4Boredom »

awesome.. it was the userid part that was messed.... i hadent posted my fix on the other...

IT WORKS NOW THOUGH!

There is still a slight problem though... I have it set to say Hi, [first_name], welcome to the members section..... It just says Welcome, . and does not load my first name. Is the $session tag done wrong?

echo "Welcome, ". $_SESSION['first_name'] .". You are now in our exclusive 'Members Only' section.<br>";

heres the whole thing if u want it

Code: Select all

<?php 
/* start the session */ 
session_start(); 
require("header.php"); 
include 'login_success.php';

/* this prints at the top of the page. */ 
echo "Welcome, ". $_SESSION['first_name'] .". You are now in our exclusive 'Members Only' section.<br>"; 
 
/* always prints the logout page, just in case the user is done */ 
echo "<br><br><b><a href=logout.php>Logout</a><br>"; 
?>
User avatar
nickman013
Forum Regular
Posts: 764
Joined: Sun Aug 14, 2005 12:02 am
Location: Long Island, New York

Post by nickman013 »

You need to store the first_name variable into a session.
4Boredom
Forum Contributor
Posts: 176
Joined: Tue Nov 08, 2005 4:29 pm

Post by 4Boredom »

it is stored in my users database though...

so is there a different script other than session that I need to use to pull it up?

(sorry im a newb... im slowly catching on though)
4Boredom
Forum Contributor
Posts: 176
Joined: Tue Nov 08, 2005 4:29 pm

Post by 4Boredom »

ok nevermind its not that code thats messed...

I have been testing stuff, and I typed in a wrong password and it still went thru to same screen..

therefore the problem must be in my authentification script?... I probably have this all effed up but atleast I know the messed is in here??? the memberok.php doesnt even matter cuz I know its not reading right.

http://www.4boredom.com/login.php is the page.... I type in a wrong PW and it still doesnt post the login incorrect?

login.php

Code: Select all

<?php 
session_start(); 
require("header.php"); ?>

<center>
<br><b>User Login</b><br>
<FORM ACTION="search.php" METHOD="post" name="loginform"> 
  <DIV ALIGN="justify"> 
    <TABLE WIDTH="50%" BORDER="0" ALIGN="center" CELLPADDING="4" CELLSPACING="0" align="center"> 
      <TR>  
        <TD WIDTH="22%">E-Mail Address</TD> 
        <TD WIDTH="78%"><INPUT name="email_address" TYPE="email_address" id="email_address"></TD> 
      </TR> 
      <TR>  
        <TD>Password</TD> 
        <TD><INPUT name="password" TYPE="password" id="password"></TD> 
      </TR> 
      <TR>  
        <TD> </TD> 
        <TD><INPUT TYPE="submit" name="Submit" VALUE="Submit"></TD> 
      </TR> 
    </TABLE> 
	</center>
  </DIV> 
</FORM> 
</BODY> 
</HTML>
search.php

Code: Select all

<?php 
session_start(); 

require("header.php"); 
include ("login_success.php");
include("db.php");
$_SESSION['first_name'] = $first_name; 


/* this prints at the top of the page. */ 
echo "Welcome, ". $first_name .". You are now in our exclusive 'Members Only' section.<br>"; 
 
/* always prints the logout page, just in case the user is done */ 
echo "<br><br><b><a href=logout.php>Logout</a><br>"; 
?>
</td></tr>
</table>



</center>
</body>

</html>
login_success.php

Code: Select all

<?php 
session_start(); 

if ( isset($_POST['submit']) ) { 
        if ( empty($userid)) { 
                header("Location: memberok.php"); 
        } else { 
                echo 'Login incorrect.'; 
        } 
} 
?>
[/url]
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Where are you setting $first_name? It appears that you are either relying on register_globals setting it for you or you are assuming that the $_POST['first_name'] var will automatically read into the $first_name var? Unless you give the var $first_name a value, it will return an undefined variable notice and evaluate to false in your script.
4Boredom
Forum Contributor
Posts: 176
Joined: Tue Nov 08, 2005 4:29 pm

Post by 4Boredom »

I dont think I set it.... I really have no clue what im doing... I did this from a tutorial and am learning as I go

So what should I do? I tried to somewhat do this with the following?

$_SESSION['first_name'] = $first_name;

Its probably wrong though as most of my initial codes are lol
User avatar
dull1554
Forum Regular
Posts: 680
Joined: Sat Nov 22, 2003 11:26 am
Location: 42:21:35.359N, 76:02:20.688W

Post by dull1554 »

Code: Select all

<?php
//try this
if ( isset($_POST['submit']) ) {
        if ( empty($userid) {
                header("Location: memberok.php");
        } else {
                echo 'Login incorrect.';
        }
}
?>
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

I don't think that code is going to do it, dull1554. The code you posted checks for a form field called submit to see if it is set, the checks to see if the var $userid is empty and if it is, sends them to memberok.php (incorrectly, I should add... Use a full URL).

What I think is happening here is that you are using an old tutorial that is relying on register_globals being on. What you want to do is check to see if there is a form submitted, and if it is, use the fields in $_POST array to set your session vars (after checking them for validity).

I think Maugrim_the_Reaper created a Challenge/Response snippet in the code snippets forum in this community. Try looking that up and if it doesn't give you a point inthe right direction, post back. It is fairly simple to do, but there is some coding involved.
4Boredom
Forum Contributor
Posts: 176
Joined: Tue Nov 08, 2005 4:29 pm

Post by 4Boredom »

No... I am trying to read from a MySQL database not a form.

Also, what dull1554 posted, isnt what im looking for... I think I misportrayed it.

I am just looking to post variables in the database really. It will read their userid from their login info and I will be able to post whatever I want from their profile..

Ill look more in code snippets, but its probably something simple that I am missing and am just too inexperienced to be able to pick up.

I will look though and post back if I cant
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

4Boredom wrote:No... I am trying to read from a MySQL database not a form.
How does MySQL know what select?
4Boredom wrote:I am just looking to post variables in the database really. It will read their userid from their login info and I will be able to post whatever I want from their profile..
At some point, in order to do this, you will need to interact with a form. When the form is submitted you will need to capture the data sent by the form. Hence the need for the $_POST array. Once you read the $_POST array vars into regular vars, then you can do what you want with them. But you are going to be interacting with a form at some point because MySQL will not know what person's data you want unless the script tells it which person. That is usually done through a login script of some sort.
4Boredom
Forum Contributor
Posts: 176
Joined: Tue Nov 08, 2005 4:29 pm

Post by 4Boredom »

ok i get the post thing to show... but its not even registering the login.... I can type a wrong pw and it goes thru (to same screen with no name given like as if i can typed right pw).....

So yea... with that code I gave, why isnt it registering my login?? ANyone know?
Post Reply