Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.
Moderator: General Moderators
chrisso
Forum Newbie
Posts: 10 Joined: Sat May 06, 2006 6:50 am
Post
by chrisso » Sun May 07, 2006 11:47 am
feyd | Please use Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
Just another problem here...
What's the problem with this script?Code: Select all
<?
function adminForm(){
echo "<div align=\"right\" style=\"width:165px;\"><form action=\"?module=admin&file=admin&do=check\" method=\"post\">
Brukenavn: <input style=\"width:100px;\" type=\"text\" class=\"text\" name=\"uname\"><br>Passord: <input style=\"width:100px;\" type=\"password\" class=\"text\" name=\"passwd\"><br>
<input type=\"submit\" class=\"text\" value=\"Logg inn\">
</form></div>";
}
function checkAdmin($uname, $passwd){
$result = mysql_query("SELECT * FROM cw_user WHERE uname = '$username'");
$array = mysql_fetch_assoc($result) or die (mysql_error());
if($username == $array['uname'] and md5($password) == $array['passwd'] and $array['admin'] == 1){
$_SESSION["q6n4fk_logged_in"] = TRUE;
$_SESSION["q6n4fk_admin"] = TRUE;
$_SESSION["user"] = $uname;
echo "<meta content=\"3;URL=?module=admin&file=admin&do=menu\" http-equiv=\"refresh\">You've been logged in as $username.";
} else { echo "You've written a wrong combination of username and password!<br>a href=\"javascript:history.back(-1)\">Try again</a>"; }
}
function adminMenu(){
echo "Menu goes here!";
}
#################### Site starts here
$do = $_GET["do"];
$op = $_GET["op"];
switch ($do){
case "check":
$uname = $_POST["uname"];
$passwd = $_POST["passwd"];
checkAdmin($uname, $passwd);
break;
case "menu":
########### If not logged in, returns to admin login page
if(!$_SESSION["q6n4fk_admin"]){ echo "<meta content=\"0;URL=?module=admin&file=admin\" http-equiv=\"refresh\">"; } else {
adminMenu();
}
break;
default:
adminForm();
}
?>
The login form works, adminMenu() may work (haveb't tested it because can't log in.
The problem must be checkAdmin() / case "check".
Please help me
Thank you !
feyd | Please use Code: Select all
and [syntax="..."] tags where appropriate when posting code. Your post has been edited to reflect how we'd like it posted. Please read: [url=http://forums.devnetwork.net/viewtopic.php?t=21171]Posting Code in the Forums[/url] to learn how to do it too.[/color]
timvw
DevNet Master
Posts: 4897 Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium
Post
by timvw » Sun May 07, 2006 12:27 pm
How is this related to databases?
Anyway, to me it appears that you're testing if something exists in $_SESSION... But you haven't called
http://www.php.net/session_start so it will never exist...
chrisso
Forum Newbie
Posts: 10 Joined: Sat May 06, 2006 6:50 am
Post
by chrisso » Sun May 07, 2006 12:36 pm
The database connection and session_start() is exists in the index.php file. The login script/file is included to index.php.
chrisso
Forum Newbie
Posts: 10 Joined: Sat May 06, 2006 6:50 am
Post
by chrisso » Sun May 07, 2006 1:18 pm
I've fixed some problems.. so now I can log in.
But if I write wrong username and/or password the "wrong usernam and password"-message doesn't appear!
Code: Select all
<?
function adminForm(){
echo "<div align=\"right\" style=\"width:165px;\"><form action=\"?module=admin&file=admin&do=check\" method=\"post\">
Brukenavn: <input style=\"width:100px;\" type=\"text\" class=\"text\" name=\"uname\"><br>Passord: <input style=\"width:100px;\" type=\"password\" class=\"text\" name=\"passwd\"><br>
<input type=\"submit\" class=\"text\" value=\"Logg inn\">
</form></div>";
}
function checkAdmin($uname, $passwd){
$result = mysql_query("SELECT * FROM cw_user WHERE uname = '$uname'");
$array = mysql_fetch_assoc($result) or die (mysql_error());
if($uname == $array['uname'] and md5($passwd) == $array['passwd']){
if($array['admin'] == 1){
$_SESSION["q6n4fk_logged_in"] = TRUE;
$_SESSION["q6n4fk_admin"] = TRUE;
$_SESSION["user"] = $uname;
} else { echo "Du har ikke tilgang til administrasjons siden!"; }
echo "<meta content=\"3;URL=?module=admin&file=admin&do=menu\" http-equiv=\"refresh\">Du er logget inn som $uname.";
} else { echo "Du har skrevet en feil kombinasjon av brukernavn og passord!<br>a href=\"javascript:history.back(-1)\">Prøv igjen</a>"; }
}
function adminMenu(){
echo "Menu goes here!";
}
#################### Page starts here
$do = $_GET["do"];
$op = $_GET["op"];
switch ($do){
case "check":
$uname = $_POST["uname"];
$passwd = $_POST["passwd"];
checkAdmin($uname, $passwd);
break;
case "menu":
if(!$_SESSION["q6n4fk_admin"]){ echo "<meta content=\"0;URL=?module=admin&file=admin\" http-equiv=\"refresh\">"; } else {
adminMenu();
}
break;
default:
adminForm();
}
?>