...

View Full Version : 2 login forms 1 sql DB



Mihai
03-14-2010, 11:52 PM
<?php

if($_SERVER[PHP_SELF]=="/include/loginbox.inc.php")

{

header("Location: /index.php");

exit;

}

?>

<form action="login.php" method="POST">

<table align="right" cellpadding="1" cellspacing="0">

<td id="login_tbl">

<table align="left" cellpadding="1" cellspacing="0">

<td id="login_cell">

<td id="login_cell">

<p><input type="text" name="login" maxlength="30" size="15" style="font-family:lucida grande,sans-serif; font-size:10px;"value=""></p>

<td id="login_cell">

<td id="login_cell">

<p><input type="password" name="password" maxlength="30" size="15" style="font-family:lucida grande,sans-serif; font-size:10px;"></p>

<td id="login_cell">

<td id="login_cell">

<p><input type="submit" value="Login!" style="font-family:Arial,sans-serif; font-size:10px;"></p>

</table>

</table>

</form>

<?
require('poker/includes/gen_inc.php');
$action = (($_GET['action'] != '')? addslashes($_GET['action']) : addslashes($_POST['action']));
$usr = addslashes($_POST['usr']);
$pwd = addslashes($_POST['pwd']);
$time = time();
$ip = $_SERVER['REMOTE_ADDR'];

if(($action == 'process') && ($usr != '') && ($pwd != '')){
$GUID = randomcode(32);
$pwdq = mysql_fetch_array(mysql_query("select password, banned, approve from ".DB_PLAYERS." where username = '".$usr."' "));
$orig = $pwdq['password'];
$banned = $pwdq['banned'];
$approve = $pwdq['approve'];
if($approve == 1){
$msg = LOGIN_MSG_APPROVAL;
}elseif($banned == 1){
$msg = LOGIN_MSG_BANNED;
}elseif(validate_password($pwd,$orig) == true){
session_start();
$_SESSION['playername'] = $usr;
$_SESSION['SGUID'] = $GUID;
$result = mysql_query("update ".DB_PLAYERS." set ipaddress = '".$ip."', lastlogin = '".$time."' , GUID = '".$GUID."' where username = '".$usr."' ");
header('Location: lobby.php');
}else{
$msg = LOGIN_MSG_INVALID;
}
}

?>
<html>
<head>
<title><? echo TITLE; ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" href="css/poker.css" type="text/css">
<script language="JavaScript" type="text/JavaScript" src="js/lobby.php"></script>
</head>



</table>
</td>
</tr>
</table>
</td>
<td width="650" class="fieldsethead" valign="top" height="100%">
<table width="100%" border="0" cellspacing="0" cellpadding="3">

</table>
<br>
<? if($msg != ''){ ?>
<table width="300" border="0" cellspacing="0" cellpadding="5" align="center">
<tr>
<td colspan="2" align="center" class="smllfont" bgcolor="#660000"> <b>
<? echo $msg; ?>
</b></td>
</tr>
</table>
<? } ?>
<table border="0" cellspacing="0" cellpadding="0" width="300" align="center">
<tr>
<td><fieldset class="yellowborder"> <legend>&nbsp;
<? echo BOX_LOGIN; ?>
&nbsp;</legend>
<form action="login.php" method="post" name="login">
<table width="300" border="0" cellspacing="0" cellpadding="5" align="center">
<tr>
<td width="200" align="right" class="fieldsetheadcontent">
<p>
<? echo LOGIN_USER; ?>
<input type="text" size="12" maxlength="10" name="usr" class="fieldsetheadinputs" />
</p>
<p>
<input type="hidden" name="action" value="process">
<? echo LOGIN_PWD; ?>
<input type="password" size="12" maxlength="10" name="pwd" class="fieldsetheadinputs" />
</p>
</td>
<td align="center" width="80" valign="bottom">
<input type="submit" name="Login" value="<? echo BUTTON_LOGIN; ?>" class="betbuttons">
<br>
&nbsp; </td>
</tr>
</table>
</form>
</fieldset></td>
</tr>
</table>
<table width="300" border="0" cellspacing="0" cellpadding="5" align="center">
<tr>

</table>
</td>
</tr>
</table>
<p>&nbsp; </p>
</body>
</html>

One updates <form action="poker/login.php" method="post" name="login"> and the other <form action="login.php" method="POST">
They both use the same sql DB and i can log in both separately , is ther a way to create just one form and sign in both ?:confused:
Can i use some
<?php echo $login; ?> <?php echo $pass; ?> <?php echo $_POST['login']; ?> ?
Thank you

masterofollies
03-15-2010, 12:59 AM
You should be able to break it down in a function. Have one form and create two sessions? Or else make the /poker one the same session entity.

Mihai
03-15-2010, 01:03 AM
<?php

if($_SERVER[PHP_SELF]=="/include/loginbox.inc.php")

{

header("Location: /index.php");

exit;

}

?>


<?
require('poker/includes/gen_inc.php');
$action = (($_GET['action'] != '')? addslashes($_GET['action']) : addslashes($_POST['action']));
$usr = addslashes($_POST['usr']);
$pwd = addslashes($_POST['pwd']);
$time = time();
$ip = $_SERVER['REMOTE_ADDR'];

if(($action == 'process') && ($usr != '') && ($pwd != '')){
$GUID = randomcode(32);
$pwdq = mysql_fetch_array(mysql_query("select password, banned, approve from ".DB_PLAYERS." where username = '".$usr."' "));
$orig = $pwdq['password'];
$banned = $pwdq['banned'];
$approve = $pwdq['approve'];
if($approve == 1){
$msg = LOGIN_MSG_APPROVAL;
}elseif($banned == 1){
$msg = LOGIN_MSG_BANNED;
}elseif(validate_password($pwd,$orig) == true){
session_start();
$_SESSION['playername'] = $usr;
$_SESSION['SGUID'] = $GUID;
$result = mysql_query("update ".DB_PLAYERS." set ipaddress = '".$ip."', lastlogin = '".$time."' , GUID = '".$GUID."' where username = '".$usr."' ");
header('Location: lobby.php');
}else{
$msg = LOGIN_MSG_INVALID;
}
}

?>
<html>
<head>
<title><? echo TITLE; ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" href="css/poker.css" type="text/css">
<script language="JavaScript" type="text/JavaScript" src="js/lobby.php"></script>
</head>



</table>
</td>
</tr>
</table>
</td>
<td width="650" class="fieldsethead" valign="top" height="100%">
<table width="100%" border="0" cellspacing="0" cellpadding="3">

</table>
<br>
<? if($msg != ''){ ?>
<table width="300" border="0" cellspacing="0" cellpadding="5" align="center">
<tr>
<td colspan="2" align="center" class="smllfont" bgcolor="#660000"> <b>
<? echo $msg; ?>
</b></td>
</tr>
</table>
<? } ?>
<table border="0" cellspacing="0" cellpadding="0" width="300" align="center">
<tr>
<td><fieldset class="yellowborder"> <legend>&nbsp;
<? echo BOX_LOGIN; ?>
&nbsp;</legend>
<form action="poker/login.php" method="post" name="login">
<table width="300" border="0" cellspacing="0" cellpadding="5" align="center">
<tr>
<td width="200" align="right" class="fieldsetheadcontent">
<p>
<? echo LOGIN_USER; ?>
<input type="text" size="12" maxlength="10" name="usr" class="fieldsetheadinputs" />
</p>
<p>
<input type="hidden" name="action" value="process">
<? echo LOGIN_PWD; ?>
<input type="password" size="12" maxlength="10" name="pwd" class="fieldsetheadinputs" />
</p>
</td>
<td align="center" width="80" valign="bottom">
<input type="submit" name="Login" value="<? echo BUTTON_LOGIN; ?>" class="betbuttons">
<br>
&nbsp; </td>
</tr>
</table>
</form>
</fieldset></td>
</tr>
</table>
<table width="300" border="0" cellspacing="0" cellpadding="5" align="center">
<tr>


<form action="login.php" method="POST" "value="$pwd";"value="$usr">



</table>
</td>
</tr>
</table>
<p>&nbsp; </p>
</body>
</html>

will this do ? <form action="login.php" method="POST" "value="$pwd";"value="$usr">?


<form action="login.php" method="POST" name="login2">

'<input type="text" name="<?php echo $_REQUEST["usr"]; ?>">
<input type="password" name="<?php echo $_REQUEST["pwd"]; ?>" ???

Mihai
03-15-2010, 03:14 AM
can someone please help me out ? :D

Mihai
03-15-2010, 09:15 PM
both log in scripts.

<?php

// File ID: login.php (user log in routine)
session_start();

include("require/config.php");
require("require/membership.php");
require("./require/functions.php");

$connection = @mysql_connect("$db_host", "$db_user", "$db_pass") or die("Couldn't connect.");
$db = @mysql_select_db($db_name, $connection) or die("Couldn't select database.");

$sql="SELECT * FROM $tbl_members
WHERE login = ".quote_smart($_POST[login])." AND password = ".quote_smart($_POST[password])."";

$result = @mysql_query($sql,$connection) or die("<b>A fatal MySQL error occured</b>.\n<br />Query: " . $query . "<br />\nError: (" . mysql_errno() . ") " . mysql_error());

$num=mysql_num_rows($result);
while ($row = mysql_fetch_array($result)) {
$enabled = $row['enabled'];
$member_id = $row['member_id'];
$password = $row['password'];
$email = $row['email'];
$displayname = $row['displayname'];
$newsletter = $row['newsletter'];
$ipaddr = $row['ipaddr'];
}
if($num >0) {

if($enabled == "yes") {

$valid_user = $_POST['login'];
session_register("valid_user");
session_register("enabled");
session_register("member_id");
session_register("password");
session_register("email");
session_register("displayname");
session_register("newsletter");
session_register("ipaddr");

if(isset($_SERVER['HTTP_REFERER'])) {
$ref = $_SERVER['HTTP_REFERER'];
if($ref == "$siteurl/login.php") {
$ref = "index.php";
}
} else {
$ref = "index.php";
}
include("redirect.php");
exit;
}
}
if($num ==0) {
$error = "Invalid username password combination.";
}

if($enabled == "no") {
$error = "Your account is not enabled.";
}
if(!$error) {
$error = "Unknown login error.";
}

$content = "./include/login.inc.php";
$menu="include/menu_u.inc.php";
$page_title="Login Form";

global $content, $menu, $page_title;

include("include/header.inc.php");
include("include/body.inc.php");
include("include/footer.inc.php");
?>
and

<?
require('includes/gen_inc.php');
$action = (($_GET['action'] != '')? addslashes($_GET['action']) : addslashes($_POST['action']));
$usr = addslashes($_POST['usr']);
$pwd = addslashes($_POST['pwd']);
$time = time();
$ip = $_SERVER['REMOTE_ADDR'];

if(($action == 'process') && ($usr != '') && ($pwd != '')){
$GUID = randomcode(32);
$pwdq = mysql_fetch_array(mysql_query("select password, banned, approve from ".DB_PLAYERS." where username = '".$usr."' "));
$orig = $pwdq['password'];
$banned = $pwdq['banned'];
$approve = $pwdq['approve'];
if($approve == 1){
$msg = LOGIN_MSG_APPROVAL;
}elseif($banned == 1){
$msg = LOGIN_MSG_BANNED;
}elseif(validate_password($pwd,$orig) == true){
session_start();
$_SESSION['playername'] = $usr;
$_SESSION['SGUID'] = $GUID;
$result = mysql_query("update ".DB_PLAYERS." set ipaddress = '".$ip."', lastlogin = '".$time."' , GUID = '".$GUID."' where username = '".$usr."' ");
header('Location: lobby.php');
}else{
$msg = LOGIN_MSG_INVALID;
}
}

?>
<html>
<head>
<title><? echo TITLE; ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" href="css/poker.css" type="text/css">
<script language="JavaScript" type="text/JavaScript" src="js/lobby.php"></script>
</head>

<body bgcolor="#000000" text="#CCCCCC" >
<table width="772" border="0" cellspacing="0" cellpadding="2" align="center" bgcolor="#1B1B1B">
<td width="650" class="fieldsethead" valign="top" height="100%">
<table width="100%" border="0" cellspacing="0" cellpadding="3">
<tr>
<td bgcolor="#333333"><b><font size="3"><i><? echo LOGIN; ?></i> </font></b></td>
</tr>
</table>
<br>
<? if($msg != ''){ ?>
<table width="300" border="0" cellspacing="0" cellpadding="5" align="center">
<tr>
<td colspan="2" align="center" class="smllfont" bgcolor="#660000"> <b>
<? echo $msg; ?>
</b></td>
</tr>
</table>
<? } ?>
<table border="0" cellspacing="0" cellpadding="0" width="300" align="center">
<tr>
<td><fieldset class="yellowborder"> <legend>&nbsp;
<? echo BOX_LOGIN; ?>
&nbsp;</legend>
<form action="login.php" method="post" name="login">
<table width="300" border="0" cellspacing="0" cellpadding="5" align="center">
<tr>
<td width="200" align="right" class="fieldsetheadcontent">
<p>
<? echo LOGIN_USER; ?>
<input type="text" size="12" maxlength="10" name="usr" class="fieldsetheadinputs" />
</p>
<p>
<input type="hidden" name="action" value="process">
<? echo LOGIN_PWD; ?>
<input type="password" size="12" maxlength="10" name="pwd" class="fieldsetheadinputs" />
</p>
</td>
<td align="center" width="80" valign="bottom">
<input type="submit" name="Login" value="<? echo BUTTON_LOGIN; ?>" class="betbuttons">
<br>
&nbsp; </td>
</tr>
</table>
</form>
</fieldset></td>
</tr>
</table>
<table width="300" border="0" cellspacing="0" cellpadding="5" align="center">
<tr>
<td colspan="2" align="right" class="fieldsetheadlink"><a href="create.php" target="_self" class="fieldsetheadlink"><i>
<? echo LOGIN_NEW_PLAYER; ?>
</i></a></td>
</tr>
</table>
</td>
</tr>
</table>
<p>&nbsp; </p>
</body>
</html>


Can some one please help me create same login form out of this with same session for both scripts ?

Thank you

Mihai
03-16-2010, 07:30 PM
Can someone please help me out here

auriaks
03-16-2010, 07:59 PM
Can you say in words what are you trying to do?? You want to use those 2 php login scripts, but choose which to execute from 2 buttons? Also you have to start same session otherwise..? And what about your databases? What information for which variables you are using?? :)

Mihai
03-16-2010, 08:18 PM
I'm new to php ;) , but i'm trying to add some more functionality to a script in to another one ;), the DB looks like this :

CREATE TABLE IF NOT EXISTS `members` (
`member_id` mediumint(8) unsigned zerofill NOT NULL auto_increment,
`login` varchar(20) NOT NULL default '',
`enabled` enum('yes','no') NOT NULL default 'yes',
`password` varchar(20) NOT NULL default '',
`email` varchar(150) NOT NULL default '',
`displayname` varchar(25) NOT NULL default '',
`newsletter` enum('yes','no') NOT NULL default 'yes',
`ipaddr` varchar(16) NOT NULL default '',
`avatar` varchar(80) default '',
`datecreated` int(35) default '0',
`lastlogin` int(35) default '0',
`sessname` varchar(32) default '',
`approve` tinyint(1) default '0',
`lastmove` int(35) default '0',
`waitimer` int(35) default '0',
`code` varchar(16) default '',
`GUID` varchar(32) default '',
`vID` int(15) default '0',
`gID` int(15) default '0',
`timetag` int(30) default '0',
PRIMARY KEY (`member_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=7 ;

For one script
And for second one :
CREATE TABLE IF NOT EXISTS `players` (
`ID` int(11) NOT NULL auto_increment,
`username` varchar(12) default '',
`email` varchar(70) default '',
`password` varchar(40) default '',
`avatar` varchar(80) default '',
`datecreated` int(35) default '0',
`lastlogin` int(35) default '0',
`ipaddress` varchar(20) default '',
`sessname` varchar(32) default '',
`banned` tinyint(1) default '0',
`approve` tinyint(1) default '0',
`lastmove` int(35) default '0',
`waitimer` int(35) default '0',
`code` varchar(16) default '',
`GUID` varchar(32) default '',
`vID` int(15) default '0',
`gID` int(15) default '0',
`timetag` int(30) default '0',
PRIMARY KEY (`ID`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=90 ;

My first log in script looks like :

<?php

// File ID: login.php (user log in routine)
session_start();

include("require/config.php");
require("require/membership.php");
require("./require/functions.php");

$connection = @mysql_connect("$db_host", "$db_user", "$db_pass") or die("Couldn't connect.");
$db = @mysql_select_db($db_name, $connection) or die("Couldn't select database.");

$sql="SELECT * FROM $tbl_members
WHERE login = ".quote_smart($_POST[login])." AND password = ".quote_smart($_POST[password])."";

$result = @mysql_query($sql,$connection) or die("<b>A fatal MySQL error occured</b>.\n<br />Query: " . $query . "<br />\nError: (" . mysql_errno() . ") " . mysql_error());

$num=mysql_num_rows($result);
while ($row = mysql_fetch_array($result)) {
$enabled = $row['enabled'];
$member_id = $row['member_id'];
$password = $row['password'];
$email = $row['email'];
$displayname = $row['displayname'];
$newsletter = $row['newsletter'];
$ipaddr = $row['ipaddr'];
}
if($num >0) {

if($enabled == "yes") {

$valid_user = $_POST['login'];
session_register("valid_user");
session_register("enabled");
session_register("member_id");
session_register("password");
session_register("email");
session_register("displayname");
session_register("newsletter");
session_register("ipaddr");

if(isset($_SERVER['HTTP_REFERER'])) {
$ref = $_SERVER['HTTP_REFERER'];
if($ref == "$siteurl/login.php") {
$ref = "index.php";
}
} else {
$ref = "index.php";
}
include("redirect.php");
exit;
}
}
if($num ==0) {
$error = "Invalid username password combination.";
}

if($enabled == "no") {
$error = "Your account is not enabled.";
}
if(!$error) {
$error = "Unknown login error.";
}

$content = "./include/login.inc.php";
$menu="include/menu_u.inc.php";
$page_title="Login Form";

global $content, $menu, $page_title;

include("include/header.inc.php");
include("include/body.inc.php");
include("include/footer.inc.php");
?>
and


And second one:


<?
require('includes/gen_inc.php');
$action = (($_GET['action'] != '')? addslashes($_GET['action']) : addslashes($_POST['action']));
$usr = addslashes($_POST['usr']);
$pwd = addslashes($_POST['pwd']);
$time = time();
$ip = $_SERVER['REMOTE_ADDR'];

if(($action == 'process') && ($usr != '') && ($pwd != '')){
$GUID = randomcode(32);
$pwdq = mysql_fetch_array(mysql_query("select password, banned, approve from ".DB_PLAYERS." where username = '".$usr."' "));
$orig = $pwdq['password'];
$banned = $pwdq['banned'];
$approve = $pwdq['approve'];
if($approve == 1){
$msg = LOGIN_MSG_APPROVAL;
}elseif($banned == 1){
$msg = LOGIN_MSG_BANNED;
}elseif(validate_password($pwd,$orig) == true){
session_start();
$_SESSION['playername'] = $usr;
$_SESSION['SGUID'] = $GUID;
$result = mysql_query("update ".DB_PLAYERS." set ipaddress = '".$ip."', lastlogin = '".$time."' , GUID = '".$GUID."' where username = '".$usr."' ");
header('Location: lobby.php');
}else{
$msg = LOGIN_MSG_INVALID;
}
}

?>
<html>
<head>
<title><? echo TITLE; ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" href="css/poker.css" type="text/css">
<script language="JavaScript" type="text/JavaScript" src="js/lobby.php"></script>
</head>

<body bgcolor="#000000" text="#CCCCCC" >
<table width="772" border="0" cellspacing="0" cellpadding="2" align="center" bgcolor="#1B1B1B">
<td width="650" class="fieldsethead" valign="top" height="100%">
<table width="100%" border="0" cellspacing="0" cellpadding="3">
<tr>
<td bgcolor="#333333"><b><font size="3"><i><? echo LOGIN; ?></i> </font></b></td>
</tr>
</table>
<br>
<? if($msg != ''){ ?>
<table width="300" border="0" cellspacing="0" cellpadding="5" align="center">
<tr>
<td colspan="2" align="center" class="smllfont" bgcolor="#660000"> <b>
<? echo $msg; ?>
</b></td>
</tr>
</table>
<? } ?>
<table border="0" cellspacing="0" cellpadding="0" width="300" align="center">
<tr>
<td><fieldset class="yellowborder"> <legend>&nbsp;
<? echo BOX_LOGIN; ?>
&nbsp;</legend>
<form action="login.php" method="post" name="login">
<table width="300" border="0" cellspacing="0" cellpadding="5" align="center">
<tr>
<td width="200" align="right" class="fieldsetheadcontent">
<p>
<? echo LOGIN_USER; ?>
<input type="text" size="12" maxlength="10" name="usr" class="fieldsetheadinputs" />
</p>
<p>
<input type="hidden" name="action" value="process">
<? echo LOGIN_PWD; ?>
<input type="password" size="12" maxlength="10" name="pwd" class="fieldsetheadinputs" />
</p>
</td>
<td align="center" width="80" valign="bottom">
<input type="submit" name="Login" value="<? echo BUTTON_LOGIN; ?>" class="betbuttons">
<br>
&nbsp; </td>
</tr>
</table>
</form>
</fieldset></td>
</tr>
</table>
<table width="300" border="0" cellspacing="0" cellpadding="5" align="center">
<tr>
<td colspan="2" align="right" class="fieldsetheadlink"><a href="create.php" target="_self" class="fieldsetheadlink"><i>
<? echo LOGIN_NEW_PLAYER; ?>
</i></a></td>
</tr>
</table>
</td>
</tr>
</table>
<p>&nbsp; </p>
</body>
</html>



So my question is :
Can i re-create one of the log in script to connect on both ? Something like if PRIMARY KEY (`member_id`) =1 and PRIMARY KEY (`ID`) =1 then it is the same user.
Like i just said i dont know a lot about php.
If i log in with 'credentials' from one part of the log in "members" and have the same username and pass on 'players" and the ID nr is the same does it 'recognize' the same user ? I know i will have to re-create the registration process to.
Thank you for your consideration.

Mihai

auriaks
03-16-2010, 08:42 PM
Ofcourse it is possible...

The easiest way to do this is to put everything in one page... :D
And do some changes...

Here's what I have got :D

<?php

// File ID: login.php (user log in routine)
session_start();

include("require/config.php");
require("require/membership.php");
require("./require/functions.php");

$connection = @mysql_connect("$db_host", "$db_user", "$db_pass") or die("Couldn't connect.");
$db = @mysql_select_db($db_name, $connection) or die("Couldn't select database.");

$sql="SELECT * FROM $tbl_members
WHERE login = ".quote_smart($_POST[login])." AND password = ".quote_smart($_POST[password])."";

$result = @mysql_query($sql,$connection) or die("<b>A fatal MySQL error occured</b>.\n<br />Query: " . $query . "<br />\nError: (" . mysql_errno() . ") " . mysql_error());

$num=mysql_num_rows($result);
while ($row = mysql_fetch_array($result)) {
$enabled = $row['enabled'];
$member_id = $row['member_id'];
$password = $row['password'];
$email = $row['email'];
$displayname = $row['displayname'];
$newsletter = $row['newsletter'];
$ipaddr = $row['ipaddr'];
}
if($num >0) {

require('includes/gen_inc.php');
$action = (($_GET['action'] != '')? addslashes($_GET['action']) : addslashes($_POST['action']));
$usr = addslashes($_POST['login']);
$pwd = addslashes($_POST['password']);
$time = time();
$ip = $_SERVER['REMOTE_ADDR'];

if(($action == 'process') && ($usr != '') && ($pwd != '')){
$GUID = randomcode(32);
$pwdq = mysql_fetch_array(mysql_query("select password, banned, approve from ".DB_PLAYERS." where username = '".$usr."' "));
$orig = $pwdq['password'];
$banned = $pwdq['banned'];
$approve = $pwdq['approve'];
if($approve == 1){
$msg = LOGIN_MSG_APPROVAL;
}elseif($banned == 1){
$msg = LOGIN_MSG_BANNED;
}elseif(validate_password($pwd,$orig) == true){
session_start();
$_SESSION['playername'] = $usr;
$_SESSION['SGUID'] = $GUID;
$result = mysql_query("update ".DB_PLAYERS." set ipaddress = '".$ip."', lastlogin = '".$time."' , GUID = '".$GUID."' where username = '".$usr."' ");
}else{
$msg = LOGIN_MSG_INVALID;
}
}

if($enabled == "yes") {

$valid_user = $_POST['login'];
session_register("valid_user");
session_register("enabled");
session_register("member_id");
session_register("password");
session_register("email");
session_register("displayname");
session_register("newsletter");
session_register("ipaddr");

if(isset($_SERVER['HTTP_REFERER'])) {
$ref = $_SERVER['HTTP_REFERER'];
if($ref == "$siteurl/login.php") {
$ref = "index.php";
}
} else {
$ref = "index.php";
}
include("redirect.php");
exit;
}
}
if($num ==0) {
$error = "Invalid username password combination.";
}

if($enabled == "no") {
$error = "Your account is not enabled.";
}
if(!$error) {
$error = "Unknown login error.";
}

$content = "./include/login.inc.php";
$menu="include/menu_u.inc.php";
$page_title="Login Form";

global $content, $menu, $page_title;

include("include/header.inc.php");
include("include/body.inc.php");
include("include/footer.inc.php");
?>

I am not sure if it is working :) Good luck

auriaks
03-16-2010, 08:43 PM
you created those scripts??

Mihai
03-16-2010, 09:11 PM
It only logs me in table players but i'm not sign in members.
Both script are not mine , one of them ( phpprofiles i got it 2 years ago for 25 $ and the second i got it as open source ).

auriaks
03-16-2010, 09:26 PM
hmm, what about $action variable? why do you use this? Because it GET's action from somewhere... I can't see from where :)

have you got any message like: LOGIN_MSG_APPROVAL; LOGIN_MSG_BANNED; OR LOGIN_MSG_INVALID; ???
}

Mihai
03-16-2010, 09:34 PM
no error message and i have same user and pass on both sql rows and i am only logged in one and if i want to navigate on second page ( second script ) i am not logged in.
:confused:
Can i verifie somehow if i am logged in both ? like SELECT * FROM $tbl_members
WHERE login = ...
from both rows to see if i am the same user on both ?

auriaks
03-16-2010, 09:39 PM
if you haven't seen message, that means that this IF:


if(($action == 'process') && ($usr != '') && ($pwd != '')){

isn't working at all.

Hmm, Can you explain what is this action? or you don't know?

auriaks
03-16-2010, 09:40 PM
try to leave just this:


if(($usr != '') && ($pwd != '')){

and try again :)

Mihai
03-17-2010, 01:28 AM
stil does not work .
Any way that i can "call" the login and see if i'm "ID" nr 1 on one table and olso "member_id" on the second ?
I have the same pass and Id for login and the same id 001 for id on both rows.

Thank you

auriaks
03-17-2010, 03:12 PM
Try this:



<?php

// File ID: login.php (user log in routine)
session_start();

include("require/config.php");
require("require/membership.php");
require("./require/functions.php");

$connection = @mysql_connect("$db_host", "$db_user", "$db_pass") or die("Couldn't connect.");
$db = @mysql_select_db($db_name, $connection) or die("Couldn't select database.");

$sql="SELECT * FROM $tbl_members
WHERE login = ".quote_smart($_POST[login])." AND password = ".quote_smart($_POST[password])."";
if (mysql_num_rows($sql) > 0) {
$check = mysql_fetch_array($sql);
$id = $check['member_id'];
$sql2= ("SELECT * FROM `players` WHERE ID='$id'");
if (mysql_num_rows($sql2) > 0) {
//CREATE SESSION

//YOUR COPIED SCRIPT NO1

$result = @mysql_query($sql,$connection) or die("<b>A fatal MySQL error occured</b>.\n<br />Query: " . $query . "<br />\nError: (" . mysql_errno() . ") " . mysql_error());

$num=mysql_num_rows($result);
while ($row = mysql_fetch_array($result)) {
$enabled = $row['enabled'];
$member_id = $row['member_id'];
$password = $row['password'];
$email = $row['email'];
$displayname = $row['displayname'];
$newsletter = $row['newsletter'];
$ipaddr = $row['ipaddr'];
}
if($num >0) {

if($enabled == "yes") {

$valid_user = $_POST['login'];
session_register("valid_user");
session_register("enabled");
session_register("member_id");
session_register("password");
session_register("email");
session_register("displayname");
session_register("newsletter");
session_register("ipaddr");

if(isset($_SERVER['HTTP_REFERER'])) {
$ref = $_SERVER['HTTP_REFERER'];
if($ref == "$siteurl/login.php") {
$ref = "index.php";
}
} else {
$ref = "index.php";
}
include("redirect.php");
exit;
}
}
if($num ==0) {
$error = "Invalid username password combination.";
}

if($enabled == "no") {
$error = "Your account is not enabled.";
}
if(!$error) {
$error = "Unknown login error.";
}

$content = "./include/login.inc.php";
$menu="include/menu_u.inc.php";
$page_title="Login Form";

global $content, $menu, $page_title;

//YOUR COPIED SCRIPT NO1
//YOUR COPIED SCRIPT NO2

require('includes/gen_inc.php');
$usr = addslashes($_POST['login']);
$pwd = addslashes($_POST['password']);
$time = time();
$ip = $_SERVER['REMOTE_ADDR'];

$GUID = randomcode(32);
$pwdq = mysql_fetch_array(mysql_query("select password, banned, approve from ".DB_PLAYERS." where username = '".$usr."' "));
$orig = $pwdq['password'];
$banned = $pwdq['banned'];
$approve = $pwdq['approve'];
if($approve == 1){
$msg = LOGIN_MSG_APPROVAL;
}elseif($banned == 1){
$msg = LOGIN_MSG_BANNED;
}elseif(validate_password($pwd,$orig) == true){
session_start();
$_SESSION['playername'] = $usr;
$_SESSION['SGUID'] = $GUID;
$result = mysql_query("update ".DB_PLAYERS." set ipaddress = '".$ip."', lastlogin = '".$time."' , GUID = '".$GUID."' where username = '".$usr."' ");
header('Location: lobby.php');
}else{
$msg = LOGIN_MSG_INVALID;
}

//YOUR COPIED SCRIPT NO2
} else {$msg = 'USER DOES NOT EXIST IN MEMBERS TABLE';}
} else {
$msg = 'USER DOES NOT EXIST IN PLAYERS TABLE';
}

include("include/header.inc.php");
include("include/body.inc.php");
include("include/footer.inc.php");
?>

<?
require('includes/gen_inc.php');
$action = (($_GET['action'] != '')? addslashes($_GET['action']) : addslashes($_POST['action']));
$usr = addslashes($_POST['usr']);
$pwd = addslashes($_POST['pwd']);
$time = time();
$ip = $_SERVER['REMOTE_ADDR'];

if(($action == 'process') && ($usr != '') && ($pwd != '')){
$GUID = randomcode(32);
$pwdq = mysql_fetch_array(mysql_query("select password, banned, approve from ".DB_PLAYERS." where username = '".$usr."' "));
$orig = $pwdq['password'];
$banned = $pwdq['banned'];
$approve = $pwdq['approve'];
if($approve == 1){
$msg = LOGIN_MSG_APPROVAL;
}elseif($banned == 1){
$msg = LOGIN_MSG_BANNED;
}elseif(validate_password($pwd,$orig) == true){
session_start();
$_SESSION['playername'] = $usr;
$_SESSION['SGUID'] = $GUID;
$result = mysql_query("update ".DB_PLAYERS." set ipaddress = '".$ip."', lastlogin = '".$time."' , GUID = '".$GUID."' where username = '".$usr."' ");
header('Location: lobby.php');
}else{
$msg = LOGIN_MSG_INVALID;
}
}

?>

I haven't test it, but if you will look at my code carefully, you could see what code I used... I don't know about the sessions you want to create, so I just copy pasted the code when the pass and login are correct.

Good Luck :)

Mihai
03-17-2010, 05:14 PM
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/public_html/login.php on line 27
22$connection = @mysql_connect("$db_host", "$db_user", "$db_pass") or die("Couldn't connect.");
23$db = @mysql_select_db($db_name, $connection) or die("Couldn't select database.");
24
25$sql="SELECT * FROM $tbl_members
26WHERE login = ".quote_smart($_POST[login])." AND password = ".quote_smart($_POST[password])."";
27if (mysql_num_rows($sql) > 0) {
28$check = mysql_fetch_array($sql);
29$id = $check['member_id'];
30$sql2= ("SELECT * FROM `players` WHERE ID='$id'");
31if (mysql_num_rows($sql2) > 0) {
32//CREATE SESSION

Mihai
03-17-2010, 08:37 PM
Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0

auriaks
03-18-2010, 04:39 PM
Change this:


$connection = @mysql_connect("$db_host", "$db_user", "$db_pass") or die("Couldn't connect.");
$db = @mysql_select_db($db_name, $connection) or die("Couldn't select database.");

$sql="SELECT * FROM $tbl_members
WHERE login = ".quote_smart($_POST[login])." AND password = ".quote_smart($_POST[password])."";
if (mysql_num_rows($sql) > 0) {
$check = mysql_fetch_array($sql);
$id = $check['member_id'];
$sql2= ("SELECT * FROM `players` WHERE ID='$id'");
if (mysql_num_rows($sql2) > 0) {
//CREATE SESSION

With this:

$connection = @mysql_connect("$db_host", "$db_user", "$db_pass") or die("Couldn't connect.");
$db = @mysql_select_db($db_name, $connection) or die("Couldn't select database.");
//getting posted variables
$login = $_POST['login'];
$pass = $_POST['password'];
// this will save script from quotes
$login = mysql_real_escape_string($login);
$pass = mysql_real_escape_string($pass);
//connecting
$sql= mysql_query("SELECT * FROM `members` WHERE login = ".$login." AND password = ".$pass."");
if (mysql_num_rows($sql) > 0) {
$check = mysql_fetch_array($sql);
$id = $check['member_id'];
$sql2= mysql_query("SELECT * FROM `players` WHERE ID=".$id."");
if (mysql_num_rows($sql2) > 0) {
//CREATE SESSION

If you will get error, write it here...

Mihai
03-18-2010, 09:00 PM
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/cetatea3/public_html/login.php:1) in /home/cetatea3/public_html/login.php on line 4

Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0

auriaks
03-20-2010, 04:43 PM
Put your:

$connection = @mysql_connect("$db_host", "$db_user", "$db_pass") or die("Couldn't connect.");
$db = @mysql_select_db($db_name, $connection) or die("Couldn't select database.");

before first session start(); in 3rd line :)



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum