login need help

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
carsky
Forum Commoner
Posts: 30
Joined: Sun Jul 08, 2007 3:26 am

login need help

Post by carsky »

hi need help on our login..please help us with our query and validation..this is the page where our login form is dispaly..if the login is ok the account menu will appear.

Code: Select all

<? 
/* Include Files **********************/
require_once 'library/config.php';
/*************************************/

$errorMessage = '';
?>
<body>
<?php
if(isset($_SESSION['login_user']) && $_SESSION['login_user'] == $userName){
?>
<table cellpadding="0" cellspacing="10" border="0" bgcolor="#6CFF9D" width="170" style="font-family:sans-serif">
					<tr>
						<td align="center" style="font-size:14px;background-color:#461B7E;color:#ffffff">MY ACCOUNT MENU</td>
					</tr>
					<tr>
						<td class="accountmenu"><a href="" class="accmenu">View/Edit Profile</a></td>
					</tr>
					<tr>
						<td class="accountmenu"><a href="cart.php?action=view" class="accmenu">View Shopping Cart</a></td>
					</tr>
					<tr>
						<td class="accountmenu"><a href="" class="accmenu">View Order History</a></td>
					</tr>
					<tr>
						<td class="accountmenu" ><a href="" class="accmenu">Login</a></td>
					</tr>
					<tr>
						<td class="accountmenu" ><a href="logout.php" class="accmenu">Logout</a></td>
					</tr><?php echo $_SESSION['login_user'];?>
				</table>

<?php
}else{
?>
<h4>Login</h4>
<form method="post"action="login2.php">
<div class="errorMessage" align="center"><?php echo $errorMessage; ?></div>
<table align="left" border="0" cellspacing="0" cellpadding="1">
<tr><td style="font-size:12px">Username:</td><td><input type="text" name="user" size="10" maxlength="30"></td></tr>
<tr><td style="font-size:12px">Password:</td><td><input type="password" name="pass" size="10" maxlength="30"></td></tr>
<tr><td colspan="2" align="left"><input type="checkbox" name="remember">
<font size="2">Remember me next time</td></tr>
<tr><td colspan="2" align="center">
<input type="submit" name="sublogin" value="Login"></td></tr>
<tr><td colspan="2" align="center"><a href="register.php" class="1">Join</a></td></tr>
</table>
</form>
<?php
}
?>
</body>
here the php file that processing the login..

Code: Select all

<?php
require_once 'library/config.php';


// if we found an error save the error message in this variable
	$errorMessage = '';
	
	$userName = $_POST['user'];
	$password = $_POST['pass'];
	
	// first, make sure the username & password are not empty
	if ($userName == '') {
		$errorMessage = 'You must enter your username';
	} else if ($password == '') {
		$errorMessage = 'You must enter the password';
	} else {
		// check the database and see if the username and password combo do match
		$sql = "SELECT *
		        FROM tbl_customer 
				WHERE Username = '$userName' AND Password = '$password'";
		$result = dbQuery($sql);
	
		if (dbNumRows($result) == 1) {
			$row = dbFetchAssoc($result);
			$_SESSION['thesis1_Customerno'] = $row['Customerno'];
			
			/*
			// log the time when the user last login
			$sql = "UPDATE tbl_admin 
			        SET admin_last_login = NOW() 
					WHERE admin_id = '{$row['admin_id']}'";
			dbQuery($sql);
			*/
			// now that the user is verified we move on to the next page
            // if the user had been in the admin pages before we move to
			// the last page visited
			 if(isset($_SESSION['login_user'])) {
				header('Location: index.php');
				exit;
			}
		} else {
			$errorMessage = 'Wrong username or password';
		}		
			
	}
	
	return $errorMessage;
?>
here the link of how our site looks like...its not yet fully functional just to give an idea of how it looks
http://jehlion.org/im_thesis/ieccTESTproj/index.php
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

You should never store passwords in plain text. Have a look at md5() or sha1() functions.

Also... what exactly is the question? Are you having problems with the login script?
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
carsky
Forum Commoner
Posts: 30
Joined: Sun Jul 08, 2007 3:26 am

Post by carsky »

we just set aside the encryption...we are using md5..but right now the problem is on the script..the login2.php is the problem..the moment we login we are redirected to a blank php page
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

Blank pages are generally the result of a parse or fatal error, and you have error reporting turned off.
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Post by s.dot »

Why are you returning $errorMessage.. is this inside of a function? Try echo error message and see if that gives you any output.
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
carsky
Forum Commoner
Posts: 30
Joined: Sun Jul 08, 2007 3:26 am

Post by carsky »

how will i turn on the errorr report?which part of the code will i include the error message?
User avatar
tecktalkcm0391
DevNet Resident
Posts: 1030
Joined: Fri May 26, 2006 9:25 am
Location: Florida

Post by tecktalkcm0391 »

Code: Select all

error_reporting(6143);
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

Post Reply