Login script problem, after switching hosts

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
aspekt9
Forum Commoner
Posts: 43
Joined: Wed Dec 06, 2006 5:03 pm

Login script problem, after switching hosts

Post by aspekt9 »

We've had a problem migrating our site over to this new host. A specific login script we had created for some reason isn't quite working now. It has been unchanged since it was working on the other host. It seems like it's not returning any errors but I believe all error displaying is on. The specific line we see it occurring at is a line we call a function to prepare the login information. We've got an or die("didnt work"); line to test it out and thats the only error we get. Nothing else, no syntax or anything. It occurs in userClass.php in our _include/classes/ directory. And at this point we're completely lost:

userClass.php:

Code: Select all

<?php
error_reporting("E_ALL");
class UserClass {

    private $email;
    private $user;
    private $password;


    function __construct() {
		mysql_select_db("boozards_userinfo") or die("db select error");
    }

    function userLogin($iemail, $ipassword, $iuser) {
		self::prepareData($iemail, $ipassword, $iuser) or die("didnt work");
		if (get_magic_quotes_gpc()) {
		    $email = stripslashes($this->email);
		    $password = stripslashes($this->password);
		} else {
		    $email = $this->email;
		    $password = $this->password;
		}
		$hashedpass = md5($password);
		$stmt = sprintf("SELECT email,password,user FROM ".TABLE_USERMAIN." WHERE email='%s' AND password='%s'",
		    mysql_real_escape_string($email),
		    mysql_real_escape_string($hashedpass));
		$pstmt = mysql_query($stmt) or die(mysql_error());
		if (mysql_num_rows($pstmt) > 0) {
		    $get_username = mysql_fetch_row($pstmt) or die("error".mysql_error());
		    $_SESSION['username'] = $get_username[2];
		    $_SESSION['email'] = $email;
		    $_SESSION['hash'] = md5($email);
		    return true;
		} else {
		    return false;
		}
    }

    function createUser($iemail, $ipassword, $iuser, $displayname, $bday, $name,$city,$state) {
		self::prepareData($iemail, $ipassword, $iuser);
		if (get_magic_quotes_gpc()) {
		    $email = stripslashes($this->email);
		    $password = stripslashes($this->password);
		    $user = stripslashes($this->user);
		} else {
		    $email = $this->email;
		    $password = $this->password;
		    $user = $this->user;
		}

	    $hashedpass = md5($password);
	    $stmt = sprintf("INSERT INTO ".TABLE_USERMAIN."(email,password,user) VALUES('%s','%s','%s')",
			mysql_real_escape_string($email),
			mysql_real_escape_string($hashedpass),
			mysql_real_escape_string($user),
			mysql_real_escape_String($actiationcode));
	    $pstmt = mysql_query($stmt) or die("error: ".$stmt."<BR>".mysql_error());
	    $stmt_ui = sprintf("INSERT INTO userInfo(user,displayName,displayPicture,birthday,name,city,state) VALUES('%s','%s','http://www.boozards.com/_images/default.jpg','%s','%s','%s','%s')",
			mysql_real_escape_string($user),
			mysql_real_escape_string($displayname),
			mysql_real_escape_string($bday),
			mysql_real_escape_string($name),
			mysql_real_escape_string($city),
			mysql_real_escape_string($state));
	    mysql_query($stmt_ui);
	    $stmt_comment = sprintf("CREATE TABLE %s_comments(
			commentId INT(250) AUTO_INCREMENT PRIMARY KEY,
			comment VARCHAR(1000) NOT NULL,
			friend VARCHAR(250) NOT NULL, 
			dated VARCHAR(250) NOT NULL, 
			picture VARCHAR(250), 
			beenRead BOOL,
			board2Board bigint(250) NOT NULL)",
				mysql_real_escape_string($user));
	    $stmt_commentK = sprintf("CREATE INDEX ind_1 ON %s_comments(
			picture,
			beenRead)",
				mysql_real_escape_string($user));
	    $stmt_pinvites = sprintf("CREATE TABLE %s_invites(
			partyId INT(250) NOT NULL PRIMARY KEY, 
			type VARCHAR(250) NOT NULL, 
			beenRead BOOL)", 
				mysql_real_escape_string($user));
	    $stmt_pinvitesK = sprintf("CREATE INDEX ind_1 ON %s_invites(
			partyId,
			beenRead)",
				mysql_real_escape_string($user));
	    mysql_query($stmt_comment);
	    mysql_query($stmt_commentK);
	    mysql_query($stmt_pinvites);
	    mysql_query($stmt_pinitesK);
	    $stmt_friends = sprintf("CREATE TABLE %s_friends(
			friend VARCHAR(250)NOT NULL,
			position INTEGER,
			type INTEGER NOT NULL, beenRead BOOL, dated VARCHAR(250))",
				mysql_real_escape_string($user));
	    $stmt_friendsK = sprintf("CREATE INDEX ind_1 ON %s_friends(
			type,
			position,beenRead)",
				mysql_real_escape_string($user));
	    mysql_query($stmt_friends);
	    mysql_query($stmt_friendsK);
	    $stmt_pictures = sprintf("CREATE TABLE %s_pictures(
			picture VARCHAR(250) NOT NULL,
			caption VARCHAR(250))",
				mysql_real_escape_string($user));
	    $stmt_picturesK = sprintf("CREATE INDEX ind_1 ON %s_pictures(
			picture)",
			    mysql_real_escape_string($user));
	    mysql_query($stmt_pictures);
	    mysql_query($stmt_picturesK);
	    $picture_dir = $user."/pictures";
	    $picture_thumb_dir = $picture_dir."/tn";
	    mkdir($user, 0775);
	    mkdir($picture_dir, 0775);
	    mkdir($picture_thumb_dir, 0775);
	    copy("copyindex.php", $user."/index.php");
	    return "pass";
	}


    function prepareData($iemail, $ipassword, $iuser) {
		$this->email = trim(strtolower(htmlspecialchars($iemail)));
		$this->user = trim(strtolower(htmlspecialchars($iuser)));
		$this->password = trim(htmlspecialchars($ipassword));
    }

    function logoutUser() {
		$_SESSION = array();
    }
	
	function checkAvailability($var, $type) {
		$stmt_chk = sprintf("SELECT ".$type." FROM loginInfo WHERE ".$type."='%s'",
	    mysql_real_escape_string($var));
		if (mysql_num_rows(mysql_query($stmt_chk))>0) {
			return true;
		} else {
			return false;
		}
	}
}
?>
users.php:

Code: Select all

<?php   
error_reporting("E_ALL");
require("_include/classes/UserClass.php");  
include 'header.php'; 
require("_include/english.php");  
require_once("_include/classes/TemplateClass.php"); 

$users = new UserClass();  
global $LANG01;    

/*  
** Creates a user and inserts them into mysql
*/
if (isset($_GET['do']) && (($_GET['do']) == 'create')) {
      $regform = new Page("_layout/register.thtml");
      $dispname = (isset($_POST['dispname'])) ? $_POST['dispname'] : '';
      $password = (isset($_POST['password'])) ? $_POST['password'] : '';
      $confpassword = (isset($_POST['confpassword'])) ? $_POST['confpassword'] : '';
      $name = (isset($_POST['name'])) ? $_POST['name'] : '';
      $city = (isset($_POST['city'])) ? $_POST['city'] : '';
      $state = (isset($_POST['state'])) ? $_POST['state'] : '';
      $email = (isset($_POST['email'])) ? $_POST['email'] : '';
      $user = (isset($_POST['user'])) ? $_POST['user'] : '';
	  $month = (isset($_POST['month'])) ? $_POST['month'] : '';
	  $day = (isset($_POST['day'])) ? $_POST['day'] : '';
	  $year = (isset($_POST['year'])) ? $_POST['year'] : '';
	  $bday = $month.'-'.$day.'-'.$year;
      $msg = '';
		if (!empty($dispname)) {
			if (strlen($dispname) > 20) {
				$msg .= $LANG01[1] . '<br />';
			}
		} else {
			$msg .= $LANG01[2] . '<br />';
		}
		if (!empty($password)) {
			if (strlen($password) < 6)            {
				$msg .= $LANG01[3] . '<br />';
			}
		} else {
			$msg .= $LANG01[4] . '<br />'; 
		}
		if (!empty($confpassword)) {
			if (($password) != ($confpassword)) {
				$msg .= $LANG01[5] . '<br />';
			}
		} else {
			$msg .= $LANG01[6] . '<br />';
		}
		if (empty($name)) {
			$msg .= $LANG01[8] . '<br />';
		}
		if (empty($city)) {
			$msg .= $LANG01[9] . '<br />';
		}
		if (empty($state)) {
			$msg .= $LANG01[10] . '<br />';
		}
		if (!empty($email)) {
			if (!preg_match('/[a-zA-Z0-9_.]/i', $email)) {
				$msg .= $LANG01[19] . '<br />';
			} 
		} else {
			$msg .= $LANG01[7] . '<br />';
		} 
		if (!empty($user)) { 
			if (!preg_match('/[a-zA-Z0-9_]/i', $user)) {
				$msg .= $LANG01[13] . '<br />';
			}
			if (is_numeric($user[0]))	{
				$msg .= $LANG01[15] . '<br />';
			}
		} else {
			$msg .= $LANG01[14] . '<br />';
		}

		if ($users->checkAvailability($user, "user")) {  
				$msg .= $LANG01[17] . '<br />';       
		}
		
		if ($users->checkAvailability($email, "email")) {
				$msg .= $LANG01[18] . '<br />';
		}
		if (empty($msg)) {
			$users->createUser($email,$password,$user,$dispname,$bday,$name,$city,$state);
			$msg .= $LANG01[16] . '<br />'; 
		}      
		
		$regform->replace_tags(array("errormsg" => "$msg", "profile" => "$dispname", "name" => "$name", "city" => "$city")); 
		$regform->output();
}      if (isset($_REQUEST['mode']))    { 
	$mode = $_REQUEST['mode'];  
 }  else    {  
	$mode = '';    
}   
 switch ($mode)    {
	case 'new':   $regform = new Page("_layout/register.thtml"); 
	$regform->replace_tags(array("errormsg" => "$msg", "profile" => "", "name" => "", "city" => ""));  
	$regform->output(); 
	break;   
} 

/*  
** Logs-in a user to their account and creates login session
*/
if (isset($_GET['do']) && (($_GET['do']) == 'login')) {  
	if ($users->userLogin($email, $password, $user))  { 
		$forward_address = "network.php";
		if (isset($_SESSION['url']))  {  
			$forward_address = $_SESSION['url']; 
			unset($_SESSION['url']);  
		}  
		echo '<meta http-equiv="refresh" content="0;URL='.$forward_address.'">';  
	}  else  {  
		//echo '<meta http-equiv="refresh" content="0;URL=pleaselogin.php?error=failedlogin&saveusername=".$username">';
	}  
} 

/*  
**Logs a user out of their account and clears session
*/
if (isset($_GET['do']) && (($_GET['do']) == 'logout')) {  
	UserClass::logoutUser();  
	echo "successfully logged you out. <a href='/'>Home</a>";  
} 
//same thing as in index.php
//include 'blocks.php';
?>
Everytime, we just receive the didnt work error.
Post Reply