PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
<?php
ob_start();
require_once("/home/nhforhealthcare/public_html/main.php");
if(isset($_POST['remember'])){
if($_POST['remember']!="checked"){
setcookie('RememberMe', '', time() - 3600);
unset($_COOKIE['RememberMe']);
} else {
$inTwoMonths = 60 * 60 * 24 * 60 + time();
setcookie('RememberMe', $_POST['username'], $inTwoMonths);
}
}
if(isset($_POST['destination'])){
$destination = $_POST['destination'];
}
if(isset($_POST['username'])){
if(!isset($_POST['password'])){
print('That username/password combination is invalid. Either click here to log in as a different user or sign up and get an account at our signup page.');
include 'login.php';
exit;
} elseif(empty($_POST['password']) || ""==$_POST['password']){
print('That username/password combination is invalid. Either click here to log in as a different user or sign up and get an account at our signup page.');
include 'login.php';
exit;
}
$username = $_POST['username'];
// Get Passwords (Submitted and In database)
$get_pass = mysql_query("SELECT * FROM userbase WHERE username = '{$username}' ");
if(!$get_pass){
print("Error in database connection.");
}
$get_pass = mysql_fetch_array($get_pass);
$database_pass = $get_pass['password'];
$pass = $_POST['password'];
//If password is not vaild display error message
if($pass != $database_pass){
print('That username/password combination is invalid. Either click here to log in as a different user or sign up and get an account at our signup page.');
include 'login.php';
exit;
} elseif($pass == $database_pass) {
//Sign-in
$date = date('m d, Y');
$time = time();
$_SESSION['username'] = $username;
$_SESSION['password'] = $_POST['password'];
$_SESSION['login_time'] = $time;
$_SESSION['login_date'] = $date;
$_SESSION['loggedin'] = 1;
// Send to locaton
if(!$destination){
header("Location: usermenu.php");
echo "<meta http-equiv=\"refresh\" content=\"0;url=usermenu.php\">";
} else {
$destination = base64_decode($destination);
header("Location: $destination");
echo "<meta http-equiv=\"refresh\" content=\"0;url=$destination\">";
}
}
} else {
// Otherwise just show login.php
include 'login.php';
header("Location: login");
}
ob_flush();
?>
Warning: main(/home/nhforhealthcare/public_html/main.php) [function.main]: failed to open stream: No such file or directory in /hermes/bosweb01/b141/sl.nhforhealthcare/public_html/process_login.php on line 6
Fatal error: main() [function.require]: Failed opening required '/home/nhforhealthcare/public_html/main.php' (include_path='.:/usr/local/lib/php-4.4.7/lib/php') in /hermes/bosweb01/b141/sl.nhforhealthcare/public_html/process_login.php on line 6
and on main it reported to an error opening my db.php file
<?php
//...
$username = $_POST['username'];
// Get Passwords (Submitted and In database)
$get_pass = mysql_query("SELECT * FROM userbase WHERE username = '{$username}' ");
if(!$get_pass){
print("Error in database connection.");
}
$get_pass = mysql_fetch_array($get_pass);
$database_pass = $get_pass['password'];
$pass = $_POST['password'];
//If password is not vaild display error message
if($pass != $database_pass){
print('That username/password combination is invalid. Either click here to log in as a different user or sign up and get an account at our signup page.');
include 'login.php';
exit;
} elseif($pass == $database_pass) {
//Sign-in
//...
?>
I have two issues with the above code snippet. First, it looks like you're not escaping the input before doing a mysql query. Check out mysql_real_escape_string(). Also, it looks like you're storing your passwords in your database in plaintext. It is a _much_ better idea to store them as a hash (I prefer feyd's sha256).
4Boredom wrote:Warning: main(/home/nhforhealthcare/public_html/main.php) [function.main]: failed to open stream: No such file or directory in /hermes/bosweb01/b141/sl.nhforhealthcare/public_html/process_login.php on line 6
Fatal error: main() [function.require]: Failed opening required '/home/nhforhealthcare/public_html/main.php' (include_path='.:/usr/local/lib/php-4.4.7/lib/php') in /hermes/bosweb01/b141/sl.nhforhealthcare/public_html/process_login.php on line 6
I _think_ that this means that you are looking in the wrong places for your include files. Double check the path.
Just a small suggestion... if you can, code things like this locally on your computer so you can test with all error reporting maxed out. Then, in the live server you can do some quick testing before making sure error_reporting is a lower level and display_errors is off.