PHP Myinvoice Script...
Moderator: General Moderators
PHP Myinvoice Script...
Hello,
I am not the best at PHP yet... But I have done a bunch of things yet this one is driving me crazy. I am wondering if anyone can help me with this. I am looking for a simple invoice script and I found one. I tried to email the owner but I think they packed up shop.
I am using this script called myinvoice. I try to set it up (thinking it is basic which it seems). I changed some fields that I know would form to my site. (Meaning file paths etc) and tried to log into it and I am unable to... It just goes in this loop. Every time I use the login it will just loop back to the login page.
Any help would be great. I have battled this for about 2 weeks now and I have rebuilt it and use the original many times.
Please help me, this is my last outlet.
Thanks
Derek
I am not the best at PHP yet... But I have done a bunch of things yet this one is driving me crazy. I am wondering if anyone can help me with this. I am looking for a simple invoice script and I found one. I tried to email the owner but I think they packed up shop.
I am using this script called myinvoice. I try to set it up (thinking it is basic which it seems). I changed some fields that I know would form to my site. (Meaning file paths etc) and tried to log into it and I am unable to... It just goes in this loop. Every time I use the login it will just loop back to the login page.
Any help would be great. I have battled this for about 2 weeks now and I have rebuilt it and use the original many times.
Please help me, this is my last outlet.
Thanks
Derek
Burrito | Please use
This is the login.php code...
I have a username and password to login but it is not working... plus I am using MYSQL and PHP...
Thanks for the help and any help you can tell me is great.
Derek
Burrito | Please use
Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
It is a free script so I can post the code...
The index.htm isCode: Select all
<html>
<head>
<title>My Invoice - log in</title>
<link rel="stylesheet" href="inc/style.css" type="text/css">
<script language="">
<!--
function cursor(){document.login.name.focus();}
// -->
</script>
</head>
<body bgcolor="#FFFFFF" text="#000000" onLoad=cursor()>
<img src="inc/title.gif" width="308" height="82">
<blockquote>
<p><b>please login</b></p>
<table border="0" cellspacing="0" cellpadding="2">
<form action="login.php" method="post" name=login>
<tr>
<td>Username</td>
<td>
<input type="Text" name="name" size="15">
</td>
</tr>
<tr>
<td height="6">Password</td>
<td height="6">
<input type="password" name="password" size="15">
</td>
</tr>
<tr>
<td colspan="2">
<input type="Submit" name="submit" value="Enter">
</td>
</tr>
</form>
</table>
</blockquote>
</body>
</html>Code: Select all
<?
include("inc/config.php");
$connection = mysql_connect($hostname, $user, $pass) or die ("Unable to connect!");
$query = "SELECT * FROM clients WHERE name = '$name' AND password = PASSWORD('$password')";
$result = mysql_db_query($database, $query, $connection);
if (mysql_num_rows($result) == 1)
{
session_start();
session_register("client_id");
session_register("client_name");
session_register("client_email");
session_register("client_ref");
session_register("client_title");
list($clientid, $name, $pass, $email, $ref, $title) = mysql_fetch_row($result);
$client_id = $clientid;
$client_name = $name;
$client_email = $email;
$client_ref = $ref;
$client_title = $title;
header("Location: menu.php");
mysql_free_result ($result);
mysql_close($connection);
}
else
{
mysql_free_result ($result);
mysql_close($connection);
header("Location: index.htm");
exit;
}
?>Thanks for the help and any help you can tell me is great.
Derek
Burrito | Please use
Code: Select all
,Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]The username and or password is wrong so the query returns 0 rows or maybe there are multiple records with the same username password so the query returns > 1 rows.
Or you have disabled register_globals and you should change to
Or you have disabled register_globals and you should change to
Code: Select all
$query = "SELECT * FROM clients WHERE name = '{$_POST['name']}' AND password = PASSWORD('{$_POST['password']}')";- twigletmac
- Her Royal Site Adminness
- Posts: 5371
- Joined: Tue Apr 23, 2002 2:21 am
- Location: Essex, UK
L
The code looks a little old - mysql_db_query(), for example, has been deprecated for a number of years and session_register() is useless with register_globals off. So - if the code was written for MySQL 3.23 and you are using MySQL 4.x or 5.x then MySQL's PASSWORD() function is returning a different hash than it used to (it's longer for one) and thus an old table definition (based on the expectation of a shorter value) would be truncating the password when it's initially entered so it can't match the result from the function when you try and login.
What all of this means is that you probably need to keep looking for a script (written for PHP 4.2 or up and MySQL 4.1 or up) or give this one a fairly hefty rewrite to bring it up to date.
Mac
What all of this means is that you probably need to keep looking for a script (written for PHP 4.2 or up and MySQL 4.1 or up) or give this one a fairly hefty rewrite to bring it up to date.
Mac
with phpMyAdmin did you run it through the password() function?
just to narrow down the problem, I would insert it as plain text, then remove the password() function form your select statement. If that lets you through then you know where the issue lies. You can then deal with your password however you want, I'd recommend using sha256 and scrapping the mysql password() function all together.
just to narrow down the problem, I would insert it as plain text, then remove the password() function form your select statement. If that lets you through then you know where the issue lies. You can then deal with your password however you want, I'd recommend using sha256 and scrapping the mysql password() function all together.