Annoyance

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
CoolAsCarlito
Forum Contributor
Posts: 192
Joined: Sat May 31, 2008 3:27 pm
Contact:

Annoyance

Post by CoolAsCarlito »

Okay so I didn't change anything of the actual coding and when I go to click submit it doesn't do anything at all. Can someone tell me why. I figured out it has to do with it being inside of a table but can't get it to work.

Code: Select all

 
<?php 
// Connects to your Database 
 
//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))
 
//if there is, it logs you in and directes you to the members page
{ 
$username = $_COOKIE['ID_my_site']; 
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM Users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check )) 
{
if ($pass != $info['password']) 
{
}
else
{
header("Location: members.php");
 
}
}
}
 
//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted
 
// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database
 
if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM Users WHERE username = '".$_POST['username']."'")or die(mysql_error());
 
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check )) 
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);
 
//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
 
else 
{ 
 
// if login is ok then we add a cookie 
$_POST['username'] = stripslashes($_POST['username']); 
$hour = time() + 3600; 
setcookie(ID_my_site, $_POST['username'], $hour); 
setcookie(Key_my_site, $_POST['pass'], $hour); 
 
//then redirect them to the members area 
header("Location: admin.php"); 
} 
} 
} 
else 
{ 
 
// if they are not logged in 
?> 
<center><table border=1 cellpadding=5 cellspacing=0 width=350 > 
<tr><td><u><h2><center>
<font color="#CC0000">KOW Administration Login</font>
</center></h2></u>
<b>Username:</b><br>
<input type="text" name="username" maxlength="40" size="40"> <br><br>
<b>Password:</b><br>
<input type="password" name="pass" maxlength="50" size="40"> 
<br><br>
<center><input type="submit" name="submit" value="Login"><br><br></center>
</table> 
</form>
</center>
<?php 
} 
 
?> 
 
 
User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Re: Annoyance

Post by Mordred »

Tsk, no respect for SQL injection, eh :)
As for the question, I can't see the <form> tag, are you sure you haven't changed anything
Post Reply