...

View Full Version : Login system bugging.



simolokid
02-14-2010, 07:03 PM
Hi people,

I've been working on a site, which I'm now going to create a management system for, but I'm already stuck on the login-system lol.

It keeps itself at admin.php, haven't got a clue why since it doesn't give any errors.. ;<

Any help is appreciated.

Admin.php

<?php
session_start();
if($_SESSION['id']){
echo 'session';
}
if($_POST['inloggen']){
$link = mysqli_connect('localhost', 'dbname', 'pw',something');
if (!$link){
//Indien de connectie mislukt stop dan het script en laat een error zien.
die('<h1 style="color:red">Connectie naar de database is niet gelukt!</b>');
}
if(empty($_POST['naam'])){
$msg .= "U heeft geen gebruikersnaam ingevuld. <br />";
}
elseif(empty($_POST['wachtwoord'])){
$msg .= "U heeft geen wachtwoord ingevuld. <br />";
}
else{
$gebruikersnaam = $_POST['naam'];
$wachtwoord = $_POST['wachtwoord'];
$gebruikersnaam = mysqli_real_escape_string($link, $gebruikersnaam);
$wachtwoord = mysqli_real_escape_string($link, $wachtwoord);
$wachtwoord = sha1($wachtwoord);
$query = mysqli_query($link,"SELECT id,gebruikersnaam,wachtwoord
FROM AFGM_leden
WHERE gebruikersnaam = '$gebruikersnaam'
AND wachtwoord = '$wachtwoord'");
if($query)
$result = mysqli_num_rows($query);
else{
$msg .= "query mislukt<br />";
}
if($result > 0){
$_SESSION['id'] = $result['id'];
$_SESSION['gebruikersnaam'] = $result['gebruikersnaam'];
header("location: index.php");
}
else{
$msg .= "Onbekende combinatie van gebruikersnaam en wachtwoord, probeert u het later nog eens. <br />";
}
}
}
else{
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Inlogsysteem AFGM website</title>
<link href="style.css" rel="stylesheet" type="text/css" />

</head>

<body>
<div id="box">
<div id="titel">
Inlogsysteem AFGM Back-end Website
</div>
<div id="body">
<form method="post" action="" >
<table>
<tr><td><label for="naam">Naam: </label></td><td><input type="text" name="naam" value="" /></td></tr>
<tr><td><label for="wachtwoord">Wachtwoord: </label></td><td><input type="text" name="wachtwoord" value="" /></td></tr>
<tr><td>&nbsp;</td><td><input type="submit" name="inloggen" value="Log in" /></td></tr>
</table>
</form>
<?php
if(!empty($msg)){
echo "$msg <br />";
}
?>
</div>
<div id="footer">
Copyright (C) AFGM - 2010, Made by simolokid.
</div>
</div>
</body>
</html>
<?php }?>

index.php

<?php
if(!$_SESSION['id']){
header("location: admin.php");
}
else{
?>*html*

simolokid
02-14-2010, 07:39 PM
previous post
Ok, I have now achieved to do all kinds of controle structures, navigate to index.php and actually just gain acces without logging in....

Think it's time for a break xD

Blegh >.<

Any tips? :<

bdl
02-14-2010, 07:53 PM
if($query)
$result = mysqli_num_rows($query);
else{
$msg .= "query mislukt<br />";
}
if($result > 0){
$_SESSION['id'] = $result['id'];
$_SESSION['gebruikersnaam'] = $result['gebruikersnaam];
header("location: index.php");
}


Take a closer look at that. Where does $result come from? Is it an array containing the resultset data, e.g. the `id` field value, etc? You're missing a crucial step there.

iLochie
02-15-2010, 08:38 AM
Gah, I hate code in different languages. :P Anyways, you should be using mysql_fetch_array to get the info. For example, below the $result line, use this:

$info = mysql_fetch_array($query);

Then change the session variables to whatever = $info[whatever]

That should work, cheers. :)

simolokid
02-15-2010, 11:24 AM
Gah, I hate code in different languages. :P Anyways, you should be using mysql_fetch_array to get the info. For example, below the $result line, use this:

$info = mysql_fetch_array($query);

Then change the session variables to whatever = $info[whatever]

That should work, cheers. :)


<?php
session_start();
if($_POST['inloggen']){
$link = mysqli_connect('*craperdecrap*);
if (!$link){
//Indien de connectie mislukt stop dan het script en laat een error zien.
die('<h1 style="color:red">Connectie naar de database is niet gelukt!</b>');
}
if(empty($_POST['naam'])){
$msg .= "U heeft geen gebruikersnaam ingevuld. <br />";
}
elseif(empty($_POST['wachtwoord'])){
$msg .= "U heeft geen wachtwoord ingevuld. <br />";
}
if(!empty($msg)){
header("location: admin.php");
echo "$msg";
}
else{
$gebruikersnaam = $_POST['naam'];
$wachtwoord = $_POST['wachtwoord'];
$gebruikersnaam = mysqli_real_escape_string($link, $gebruikersnaam);
$wachtwoord = mysqli_real_escape_string($link, $wachtwoord);
$wachtwoord = sha1($wachtwoord);
$query = mysqli_query($link,"SELECT id,gebruikersnaam,wachtwoord
FROM AFGM_leden
WHERE gebruikersnaam = '$gebruikersnaam'
AND wachtwoord = '$wachtwoord'");
if($query)
$result = mysqli_fetch_array($query);
else{
$msg .= "query mislukt<br />";
}
if(!empty($result)){
$_SESSION['id'] = $result['id'];
$_SESSION['gebruikersnaam'] = $result['gebruikersnaam'];
header("location: index.php");
}
else{
$msg .= "Onbekende combinatie van gebruikersnaam en wachtwoord, probeert u het later nog eens. <br />";
}
}
}
else{
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Inlogsysteem AFGM website</title>
<link href="style.css" rel="stylesheet" type="text/css" />

</head>

<body>
<div id="box">
<div id="titel">
Inlogsysteem AFGM Back-end Website
</div>
<div id="body">
<form method="post" action="" >
<table>
<tr><td><label for="naam">Naam: </label></td><td><input type="text" name="naam" value="" /></td></tr>
<tr><td><label for="wachtwoord">Wachtwoord: </label></td><td><input type="text" name="wachtwoord" value="" /></td></tr>
<tr><td>&nbsp;</td><td><input type="submit" name="inloggen" value="Log in" /></td></tr>
</table>
</form>
<?php
if(!empty($msg)){
echo "$msg <br />";
}
?>
</div>
<div id="footer">
Copyright (C) AFGM - 2010, Made by simolokid.
</div>
</div>
</body>
</html>
<?php }?>

that's admin.php

index.php:

<?php
if(!$_SESSION['id']){
header("location: admin.php");
}
else{ *html*
?>

And it's still not working ! >.<



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum