Help With Registration/Login

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

InfinityMan
Forum Newbie
Posts: 15
Joined: Sat Jan 26, 2008 10:05 am

Help With Registration/Login

Post by InfinityMan »

Yesterday I put together a script that a user registers > they get emailed an activation link, with their new username and password, they they click the activation link > It takes them to the site and says, "Account Activated". Also there is a row in the table in the database that is called accesslevel. Upon clicking the activation link the accesslevel field changes from 0 to 1. There are 4 different access levels, but upon users clicking their activation link I only want them assigned level 1.
Thats why I have the accesslevel field, also the reason for having that field is so when a user logins if they have access to level 1 the script directs them to /members/index.php if they have access to level 2 the script directs them to /managers/index.php and so on. Now the error Im having is: When trying to login using the login it is saying

"Your Account is Not Activated" (when the account is activated)
I think its a problem with the login script, does anyone see any errors?

Code: Select all

<?php
$con = mysql_connect("*****","****","****") or die('Could not connect: ' . mysql_error());
mysql_select_db("login", $con);
 
session_start();
 
if(!$_POST['submit']){
    echo "<table border=\"0\" cellspacing=\"3\" cellpadding=\"3\">\n";
    echo "<form method=\"post\" action=\"login.php\">\n";
    echo "<tr><td>Username</td><td><input type=\"text\" name=\"username\"></td></tr>\n";
    echo "<tr><td>Password</td><td><input type=\"password\" name=\"password\"></td></tr>\n";
    echo "<tr><td colspan=\"2\" align=\"right\"><input type=\"submit\" value=\"Login\" name=\"submit\"></td></tr>\n";
    echo "</form></table>\n";
}else {
    $user = mysql_real_escape_string(trim($_POST['username']));
    $pass = mysql_real_escape_string(trim($_POST['password']));
    $errors = array();
    
    if(!$user){
        $errors[] = "You did not supply a username!";
    }else {
        if(!$pass){
            $errors[] = "You did not supply a password!";
        }else {
            $sql = "SELECT count(*) FROM `users` WHERE `uid`='".$uid."'";
            $res = mysql_query($sql) or die(mysql_error());
            if(mysql_num_rows($res) == 0){
                $errors[] = "Username does not exist!";
            }else {
                $sql2 = "SELECT uid,activated,accesslevel FROM `users` WHERE `uid`='".$user."' AND `pass`='".md5($pass)."'";
                $res2 = mysql_query($sql2) or die(mysql_error());
                if(mysql_num_rows($res) == 0){
                    $errors[] = "Incorrect username and password combination!";
                }else {
                    $row = mysql_fetch_assoc($res2);
                    if($row['activated'] == 0){
                        $errors[] = "Your account is not activated!";
                    }
                }
            }
        }
    }
    
    if(count($errors) > 0){
        foreach($errors AS $error){
            echo $error . "<br>\n";
        }
    }else {
        $_SESSION['uid'] = $row['id'];
        
        switch($row['accesslevel']){
            case 1:
                header("Location: /members/index.php");
            break;
            
            case 2:
                header("Location: /admin/index.php");
            break;
            
            case 3:
                header("Location: /manager/index.php");
            break;
            
            default:
                header("Location: /directors/index.php");
        }
    }
}
 
?>
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Re: Help With Registration/Login

Post by JAM »

Verified that the field really isn't 0 using phpMyadmin or similiar?
InfinityMan
Forum Newbie
Posts: 15
Joined: Sat Jan 26, 2008 10:05 am

Re: Help With Registration/Login

Post by InfinityMan »

Well in the default column in PHPMYADMIN for this table
it is set at 0, for both of those fields, accesslevel and activate

should I take that 0 out of there? Or?
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Re: Help With Registration/Login

Post by JAM »

I mean; the user is activating the account using link. Can you verify that the activated field in the database really is changed to 1 instead of 0?
InfinityMan
Forum Newbie
Posts: 15
Joined: Sat Jan 26, 2008 10:05 am

Re: Help With Registration/Login

Post by InfinityMan »

Yep, it is changing from 0 to 1
InfinityMan
Forum Newbie
Posts: 15
Joined: Sat Jan 26, 2008 10:05 am

Re: Help With Registration/Login

Post by InfinityMan »

Which would make it a problem with this part of that script that I posted:

Code: Select all

        $sql2 = "SELECT uid,activated,accesslevel FROM `users` WHERE `uid`='".$user."' AND `pass`='".md5($pass)."'";
                $res2 = mysql_query($sql2) or die(mysql_error());
                if(mysql_num_rows($res) == 0){
                    $errors[] = "Incorrect username and password combination!";
                }else {
                    $row = mysql_fetch_assoc($res2);
                    if($row['activated'] == 0){
                        $errors[] = "Your account is not activated!";
 
The problem is Im not seeing anything wrong...
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Re: Help With Registration/Login

Post by JAM »

I must be utterly blind to, cause I do neither...
Add a var_dump($row['activated']); somewhere to see what it sais.
InfinityMan
Forum Newbie
Posts: 15
Joined: Sat Jan 26, 2008 10:05 am

Re: Help With Registration/Login

Post by InfinityMan »

Im going to post the 'activation' script the one that changes the database upon clicking the link - Maybe there is something wrong with this, but Im not getting any errors anywhere - except when trying to login, its saying 'Account Not Activated'

But Ill post it you can take a look at this one too, to see if you can suggest anything

Code: Select all

<?php
/**
** Register script
**/
 
include "config.php";
 
$db = @mysql_connect($db_host, $db_user, $db_pass);
 
if( !$db )
    die(mysql_error());
 
$link = mysql_select_db($db_name, $db);
 
if( !$link ) 
    die(mysql_error());
 
$uid = (int)$_GET['uid'];
$sql = "UPDATE `users` SET `activated`=1,`accesslevel`=1 WHERE `uid`='".$uid."'";
 
$key = mysql_real_escape_string($_GET['key']);
//print "SELECT 1 FROM users WHERE uid = '$uid' AND `key` = '$key'";
$res = @mysql_query("SELECT 1 FROM users WHERE uid = '$uid' AND `key` = '$key'");
 
if( !$res ) 
    die(mysql_error());
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office"><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"><title>Untitled 5</title>
 
<style type="text/css">
h2 {font:1.48em verdana;color:#0084C9;margin:0px 0px 12px 0px;padding:0;}
.bluetop {border-top:2px solid #0084C9;padding:9px 0px 0px 0px;}
.box9 {padding:8px 17px 18px 17px;border-top:2px solid #0084C9;border-bottom:1px solid #0084C9;background:#efefea;}
.small {font-size:.925em;font-family:verdana;}
input {color:#666;}
 
.formwidth {width: 300px;}
 
select {color:#666;}
 
.button {background-color: #339E35; border:0; padding:2px; margin:10px 0 0; font-weight:700; color:#fff; font-size:.8em; font-family: "Tahoma", "Lucida Grande" , san-serif;}
.style9 {
    font-size: large;
    font-family: "Times New Roman", Times, serif;
}
.style10 {
    font-size: small;
    font-family: "Times New Roman", Times, serif;
}
.style11 {
    font-size: small;
    font-family: Verdana;
}
</style></head><body>
 
<table style="margin-left: 18px;" border="0" width="690">
    <!--WIDTH="590"--><!--  remove add icons  TR>
<TD align="right"><A href="javascript&#058;GotoAd();"><IMG name="Rotate" src="ENA.gif" width="325" height="52" border="0" align="right" ></a></TD></TR --><!--<TR><TD align="center"><A Href="http://interbiz.cai.com/Education/default.asp" class="minilinks">&nbsp;&nbsp;&nbsp;<U>interBiz Courses</U></A></TD></TR>-->
    <tbody><tr>
        <td align="left">
        <h2>Join</h2>
 
<table style="margin-left: 18px;" border="0" width="690">
    <tbody><tr>
        <td>
        <div class="bluetop">
            </div>
        </td>
    </tr>
</tbody></table>
        </td>
    </tr>
    </tbody></table>
<?php
if( mysql_num_rows($res) == 1 ) {
    print "Account activated!\n";
    @mysql_query("UPDATE users SET activated=1 WHERE uid = '$uid'");
} else {
    print "Account not found";
}
?>
</body></html>
InfinityMan
Forum Newbie
Posts: 15
Joined: Sat Jan 26, 2008 10:05 am

Re: Help With Registration/Login

Post by InfinityMan »

Ok, Ill try adding what you suggested and see what it says. - Stand by Ill post what it tells me
InfinityMan
Forum Newbie
Posts: 15
Joined: Sat Jan 26, 2008 10:05 am

Re: Help With Registration/Login

Post by InfinityMan »

Ok, I added it to the login.php which is the first script above ..
And now when visiting the url where login.php is located it shows me the login and under the login it says

And upon entering the userid and userpass word it says the same thing

Your Account is not activated then
NULL
InfinityMan
Forum Newbie
Posts: 15
Joined: Sat Jan 26, 2008 10:05 am

Re: Help With Registration/Login

Post by InfinityMan »

Just to give an update, Im going to try in the database changing it from NULL to NOT_NULL
and see if the makes a difference, any input is welcome as Ive hit a brick wall with this script :(


Im editing this post -

It was already on Not Null so that wasn't the problem :(
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Re: Help With Registration/Login

Post by JAM »

InfinityMan wrote:[...]
Your Account is not activated then
NULL
Interesting. My bet is in the sql somewhere... The NULL tells us that the variable is not set at all. If it'll be empty it wouldn't say that.
Try to keep investigating. echo out the mysql_num_rows aswell...

I also just noticed that the second...

Code: Select all

if(mysql_num_rows($res) == 0){
...probalby is wrong? Shouldn't that be $res2?
InfinityMan
Forum Newbie
Posts: 15
Joined: Sat Jan 26, 2008 10:05 am

Re: Help With Registration/Login

Post by InfinityMan »

Let me take a look, Ill re-post my results, stand by
InfinityMan
Forum Newbie
Posts: 15
Joined: Sat Jan 26, 2008 10:05 am

Re: Help With Registration/Login

Post by InfinityMan »

JAM wrote:
InfinityMan wrote:[...]
Your Account is not activated then
NULL
Interesting. My bet is in the sql somewhere... The NULL tells us that the variable is not set at all. If it'll be empty it wouldn't say that.
Try to keep investigating. echo out the mysql_num_rows aswell...

I also just noticed that the second...

Code: Select all

if(mysql_num_rows($res) == 0){
...probalby is wrong? Shouldn't that be $res2?

I changed it to res2 and now that error is gone (the above mentioned one) and Im getting a
"Incorrect Username/Password Combination)"
But the username/pw is correct

This is what the code looks like now (not all of it, but the part we're editing)

Code: Select all

           $sql = "SELECT count(*) FROM `users` WHERE `uid`='".$uid."'";
            $res = mysql_query($sql) or die(mysql_error());
            if(mysql_num_rows($res) == 0){
                $errors[] = "Username does not exist!";
            }else {
                $sql2 = "SELECT uid,activated,accesslevel FROM `users` WHERE `uid`='".$user."' AND `pass`='".md5($pass)."'";
                $res2 = mysql_query($sql2) or die(mysql_error());
                if(mysql_num_rows($res2) == 0){
                    $errors[] = "Incorrect username and password combination!";
                }else {
                    $row = mysql_fetch_assoc($res2);
                    if($row['activated'] == 0){
                        $errors[] = "Your account is not activated!";
 

Oh and it is still saying
'Null'
at the bottom of
Incorrect Username/Password
User avatar
JAM
DevNet Resident
Posts: 2101
Joined: Fri Aug 08, 2003 6:53 pm
Location: Sweden
Contact:

Re: Help With Registration/Login

Post by JAM »

Try to add and echo...

Code: Select all

$sql2 = "SELECT uid,activated,accesslevel FROM `users` WHERE `uid`='".$user."' AND `pass`='".md5($pass)."'";
A/The string should be visible on the page. Does it look correct? No obvious faults? If not, copy it and run it manually in phpMyadmin or similiar and see what that generates.

Second thought; I think that the query is bad.
`uid`='".$user."' should be `username`='".$user."' ?
Post Reply