gilgalbiblewhee
03-28-2010, 11:57 PM
For some reason, the page doesn't load as I wrote intentionally the wrong password (to bring up the sentence refusing to log in.) I'm going to upload this as a txt file for privacy.
|
||||
login questionstomws 03-29-2010, 04:51 AM For privacy? Search engines can index text files just the same as html. Your problem description isn't clear. What's happening? Where is the form tag in your code? gilgalbiblewhee 03-31-2010, 06:35 PM Ok I tested by changing the method from post to get and I got a result. There are two usernames and 2 passwords which one of them is the correct answer while the other one is blank. The reason for that is that I have one login for the average user and the other one is for the administrator. What do you recommend in this occasion? Should I combine the login somehow or leave it as 2 logins or what? tomws 03-31-2010, 07:53 PM Again, where is the form tag in your code? This is not an OR operation: if(!$_POST['username'] | !$_POST['pass']){ This is an OR operation: if(!$_POST['username'] || !$_POST['pass']){ gilgalbiblewhee 03-31-2010, 09:20 PM Again, where is the form tag in your code? This is not an OR operation: if(!$_POST['username'] | !$_POST['pass']){ This is an OR operation: if(!$_POST['username'] || !$_POST['pass']){ Oh the form tag... sorry I missed that part. The txt file is actually an include file. The form tag is in the index: <?php // action=" echo $_SERVER['PHP_SELF']; "?> <form name="login" method="get" onSubmit="adminLogin(); userLogin();" target="_self"> The 2 functions are empty but I left it there for now. (At first I was thinking of using AJAX for the login but couldn't figure it out because I didn't understand how the post method would work with AJAX). I doubted that I needed an action attribute so I left it out. As for the | and || I know the 2nd is OR but I got this code from this tutorial: http://php.about.com/od/finishedphp1/ss/php_login_code_2.htm The code worked until now. I see the problem now. It's because I put 2 usernames: <div style="float: left; width: 100%; margin: 0px 0px 0px 0px; background-color: #7C7C7C; border: 1px solid #A5A498; border-width: 1px 1px 0px 1px;"> <span style="float: left; padding: 2px 10px 0px 12px; color: #FFFFFF; font-family: arial; font-weight:bold; font-size: 13px">Login</span> </div> <div style="float: left; width: 100%; height: 120px; background: #B4B3A9; border: 1px solid #A5A498; margin: 0px 0px 0px 0px; overflow-x: hidden; overflow-y: auto;"> <h1 style="float: left; color: red; margin: 5px 5px 0px 5px; height: 30px; font: 12px verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; padding: 0px 0px 0px 10px; height: 20px; width: 100%; text-align: left;">User Login</h1> <table id="user_login_table" style="float: left; margin: 5px 5px 0px 5px; padding: 0px 0px 0px 0px; width: 100%; overflow: hidden; display: block;"> <tr> <td style="float: left; text-align: left; width: 80px; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif;"> <label for="navbar_username">User Name:</label> </td> <td style="float: left; width: 50px; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif;"> <input type="text" name="username" id="username" style="float: left; border: 1px solid #7C7C7C; font: 9px verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 100px;" value="User Name" onBlur="if (this.value == '') this.value = 'User Name';" onFocus="if (this.value == 'User Name') this.value = '';" /> </td> </tr> <tr> <td style="float: left; text-align: left; width: 80px; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif;"> <label for="navbar_password">Password:</label> </td> <td style="float: left; width: 50px;"> <input type="password" style="float: left; border: 1px solid #7C7C7C; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 100px;" name="pass" id="pass" /> </td> </tr> <tr> <td style="float: left; text-align: left; width: 80px; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif;"> <a id="a_wgad" href="wheelofgodUsers/registration.php?user=register" style="text-decoration: none;" onMouseOver="document.getElementById('a_wgad').style.textDecoration='underline';" onMouseOut="document.getElementById('a_wgad').style.textDecoration='none';">Register</a> </td> <td style="float: left; width: 50px;"> <input type="submit" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C; color: #ffffff; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-weight: bold;" name="submit" value="Login" /> </td> </tr> </table> <h1 style="float: left; color: red; margin: 5px 5px 0px 5px; height: 30px; font: 12px verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; padding: 0px 0px 0px 10px; height: 20px; width: 100%; text-align: left;">Admin Login</h1> <table id="admin_login_table" style="float: left; margin: 5px 5px 0px 5px; padding: 0px 0px 0px 0px; width: 100%; overflow: hidden; display: block;"> <tr> <td style="float: left; text-align: left; width: 80px; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif;"> <label for="navbar_username"> User Name: </label> </td> <td style="float: left; width: 50px; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif;"> <input type="text" name="username" id="username" style="float: left; border: 1px solid #7C7C7C; font: 9px verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 100px;" value="User Name" onBlur="if (this.value == '') this.value = 'User Name';" onFocus="if (this.value == 'User Name') this.value = '';" /> </td> </tr> <tr> <td style="float: left; text-align: left; width: 80px; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif;"> <label for="navbar_password">Password:</label> </td> <td style="float: left; width: 50px;"> <input type="password" style="float: left; border: 1px solid #7C7C7C; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 100px;" name="pass" id="pass" /> </td> </tr> <tr> <td style="float: left; text-align: left; width: 80px; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif;"> <a id="a_wgad" href="wheelofgodAdmin/registration.php?admin=register" style="text-decoration: none;" onMouseOver="document.getElementById('a_wgad').style.textDecoration='underline';" onMouseOut="document.getElementById('a_wgad').style.textDecoration='none';">Register</a> </td> <td style="float: left; width: 50px;"> <input type="submit" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C; color: #ffffff; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-weight: bold;" name="submit" value="Login" /> </td> </tr> </table> The string shows: username=******&pass=**********&submit=Login&username=User+Name&pass= gilgalbiblewhee 04-01-2010, 12:39 AM To make things simpler I took the tutorial: http://php.about.com/od/finishedphp1/ss/php_login_code_2.htm again. The same error is occurring. After the die in the login page the hello doesn't appear(when I type in the wrong username. This means whatever code is underneath it will not print): if ($check2 == 0) { login(); die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>'); echo "hello!!!!"; } login page: index.php <?php ob_start(); include("dbconnection.php"); function login(){ ?> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td><td><input type="text" name="username" maxlength="40"></td></tr> <tr><td>Password:</td><td><input type="password" name="pass" maxlength="50"></td></tr> <tr><td colspan="2" align="right"><input type="submit" name="submit" value="Login"></td></tr> </table> </form> <?php } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Login</title> </head> <body> <?php // Connects to your Database //mysql_connect("your.hostaddress.com", "username", "password") or die(mysql_error()); //mysql_select_db("Database_Name") or die(mysql_error()); //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])) //if there is, it logs you in and directes you to the members page { $username = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM ".$dbTable." WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { if ($pass != $info['password']) { } else { header("Location: members.php"); } } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['username'] | !$_POST['pass']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = mysql_query("SELECT * FROM ".$dbTable." WHERE username = '".$_POST['username']."'")or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { login(); die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>'); echo "hello!!!!"; } while($info = mysql_fetch_array( $check )) { $_POST['pass'] = stripslashes($_POST['pass']); $info['password'] = stripslashes($info['password']); $_POST['pass'] = md5($_POST['pass']); //gives error if the password is wrong if ($_POST['pass'] != $info['password']) { die('Incorrect password, please try again.'); } else { // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['pass'], $hour); //then redirect them to the members area header("Location: members.php"); } } } else { // if they are not logged in login(); } ?> </body> </html> logout.php <?php ob_start(); include("dbconnection.php"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Logout</title> </head> <body> <?php $past = time() - 100; //this makes the time in the past to destroy the cookie setcookie(ID_my_site, gone, $past); setcookie(Key_my_site, gone, $past); header("Location: index.php"); ?> </body> </html> members.php <?php include("dbconnection.php"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Members Page</title> </head> <body> <?php // Connects to your Database //mysql_connect("your.hostaddress.com", "username", "password") or die(mysql_error()); //mysql_select_db("Database_Name") or die(mysql_error()); //checks cookies to make sure they are logged in if(isset($_COOKIE['ID_my_site'])) { $username = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM ".$dbTable." WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check )) { //if the cookie has the wrong password, they are taken to the login page if ($pass != $info['password']) { header("Location: login.php"); } //otherwise they are shown the admin area else { echo "Admin Area<p>"; echo "Your Content<p>"; echo "<a href=logout.php>Logout</a>"; } } } else //if the cookie does not exist, they are taken to the login screen { header("Location: login.php"); } ?> </body> </html> register.php <?php include("dbconnection.php"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Register</title> </head> <body> <?php // Connects to your Database //mysql_connect("your.hostaddress.com", "username", "password") or die(mysql_error()); //mysql_select_db("Database_Name") or die(mysql_error()); //This code runs if the form has been submitted if (isset($_POST['submit'])) { //This makes sure they did not leave any fields blank if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2'] ) { die('You did not complete all of the required fields'); } // checks if the username is in use if (!get_magic_quotes_gpc()) { $_POST['username'] = addslashes($_POST['username']); } $usercheck = $_POST['username']; $check = mysql_query("SELECT username FROM ".$dbTable." WHERE username = '$usercheck'") or die(mysql_error()); $check2 = mysql_num_rows($check); //if the name exists it gives an error if ($check2 != 0) { die('Sorry, the username '.$_POST['username'].' is already in use.'); } // this makes sure both passwords entered match if ($_POST['pass'] != $_POST['pass2']) { die('Your passwords did not match. '); } // here we encrypt the password and add slashes if needed $_POST['pass'] = md5($_POST['pass']); if (!get_magic_quotes_gpc()) { $_POST['pass'] = addslashes($_POST['pass']); $_POST['username'] = addslashes($_POST['username']); } // now we insert it into the database $insert = "INSERT INTO ".$dbTable." (username, password) VALUES ('".$_POST['username']."', '".$_POST['pass']."')"; $add_member = mysql_query($insert); ?> <h1>Registered</h1> <p>Thank you, you have registered - you may now login</a>.</p> <?php } else { ?> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <table border="0"> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="60"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="pass" maxlength="10"> </td></tr> <tr><td>Confirm Password:</td><td> <input type="password" name="pass2" maxlength="10"> </td></tr> <tr><th colspan=2><input type="submit" name="submit" value="Register"></th></tr> </table> </form> <?php } ?> </body> </html> gilgalbiblewhee 04-01-2010, 02:10 AM Ok I was wondering why if I typed in the wrong username or password the die(""); would cause the code to stop printing whatever was left. So instead I used print(""); and the problem is solved. Now I wonder if I really need two (one for the administrator and the other for the average user) to login or just one because in the string, since it's in one <form> it's showing 2 usernames and 2 passwords and it's giving an error. tomws 04-01-2010, 03:24 AM I don't know what you mean by "2 usernames and 2 passwords". A well-designed system will most likely have a single login section. Once the user is authenticated, then permission settings or access control lists handle what he/she is allowed to do. gilgalbiblewhee 04-01-2010, 03:57 AM I don't know what you mean by "2 usernames and 2 passwords". A well-designed system will most likely have a single login section. Once the user is authenticated, then permission settings or access control lists handle what he/she is allowed to do. Ok I put a checkbox to determine whether it's a user or the admin. But I don't understand how the members page is going to pick up the checked or unchecked? gilgalbiblewhee 04-04-2010, 03:56 AM Ok I put a checkbox to determine whether it's a user or the admin. But I don't understand how the members page is going to pick up the checked or unchecked? The problem above is dealt with by adding a checkbox of whether the one who logs in is the user or administrator. But I'm still have logging problems. It keeps logging out when I click on the url and entering. login page: index.php <?php ob_start(); include("dbconnection.php"); ?> <div style="float: left; width: 100%; margin: 0px 0px 0px 0px; background-color: #7C7C7C; border: 1px solid #A5A498; border-width: 1px 1px 0px 1px;"> <span style="float: left; padding: 2px 10px 0px 12px; color: #FFFFFF; font-family: arial; font-weight:bold; font-size: 13px;">Login</span> </div> <div style="float: left; width: 100%; height: 120px; background-color: #B4B3A9; border: 1px solid #A5A498; margin: 0px 0px 0px 0px; overflow-x: hidden; overflow-y: auto;"> <?php function login(){ ?> <table border="0"> <tr> <td>Administrator:</td><td><input type="checkbox" id="adminid" name="admin" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C;" value="no" onClick="if(this.value=='no'){this.value='yes'; document.getElementById('register').style.display = 'none';} else{this.value='no';document.getElementById('register').style.display = 'block';};" /></td> </tr> <tr> <td>Username:</td> <td><input type="text" name="<?php //vb_login_username?>username" id="username" style="float: left; border: 1px solid #7C7C7C; font: 9px verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 100px; height: 15px;" value="User Name" onBlur="if (this.value == '') this.value = 'User Name';" onFocus="if (this.value == 'User Name') this.value = '';" /></td> </tr> <tr> <td>Password:</td><td><input type="password" style="float: left; border: 1px solid #7C7C7C; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 100px; height: 15px;" <?php //name="pass"?> name="<?php //vb_login_username?>pass" id="pass" /></td></tr> <tr> <td><a id="register" href="login/register.php" style="float: left; display: block; background-color: #7C7C7C; text-align: left; padding: 0px 0px 0px 5px; width: 80px; height: 20px; text-decoration: none; color: #ffffff; border: 1px solid #7C7C7C; font-weight: bold;" onMouseOver="this.style.backgroundColor='#B4B3A9'" onMouseOut="this.style.backgroundColor='#7C7C7C'">Register</a></td><td align="right"><input type="submit" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C; color: #ffffff; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-weight: bold; width: 100px; height: 20px;" name="submit" onMouseOver="this.style.backgroundColor='#B4B3A9'" onMouseOut="this.style.backgroundColor='#7C7C7C'" value="Login" /></td> </tr> </table> <?php } //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])){ //if there is, it logs you in and directs you to the members page $myusername = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $admin = $_COOKIE['Admin_my_site']; $user = $_COOKIE['User_my_site']; $sql = "SELECT * FROM "; if($admin=="yes"){ $sql .= $dbTable2; }else{ $sql .= $dbTable; } $sql .= " WHERE username = '".mysql_real_escape_string($myusername)."'"; $check = mysql_query($sql)or die(mysql_error()); while($info = mysql_fetch_array( $check )){ if ($pass != $info['password']){ }else{ //print("Welcome ".$myusername."! <br />Visit your <a href=\"login/member.php\">member's stat</a> <br /><a href=\"login/logout.php\">Logout</a>"); //header("Location: login/member.php"); //header("Location: "); } } } //if the login form is submitted if (isset($_POST['submit'])){ // if form has been submitted if(!$_POST['username'] | !$_POST['pass']) {// makes sure they filled it in //die('You did not fill in a required field.'); print('You did not fill in a required field.'); }// checks it against the database if (!get_magic_quotes_gpc()){ $_POST['email'] = addslashes($_POST['email']); } $sql = "SELECT * FROM "; if($admin=="yes"){ $sql .= $dbTable2; }else{ $sql .= $dbTable; } $sql .= " WHERE username = '".$_POST['username']."'"; $check = mysql_query($sql)or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { //die('That user does not exist in our database. <a href=login/register.php>Click Here to Register</a>'); print('That user does not exist in our database.'); login(); } while($info = mysql_fetch_array( $check )){ $_POST['pass'] = stripslashes($_POST['pass']); $info['password'] = stripslashes($info['password']); $_POST['pass'] = md5($_POST['pass']); //gives error if the password is wrong if ($_POST['pass'] != $info['password']){ //die('Incorrect password, please try again.'); print('Incorrect password, please try again.'); login(); }else{ // if login is ok then we add a cookie $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['pass'], $hour); if($_POST["admin"]=="yes"){ setcookie(Admin_my_site, $_POST['admin'], $hour); print("<span style=\"float: left; text-align: left; padding: 5px 5px 5px 5px;\">Welcome ".$myusername."! <br />Visit your <a style=\"text-decoration: none;\" onmouseover=\"this.style.textDecoration='underline';\" onmouseout=\"this.style.textDecoration='none';\" href=\"login/member.php\">member's stat</a> <br /><a style=\"text-decoration: none;\" href=\"login/logout.php\" onmouseover=\"this.style.textDecoration='underline';\" onmouseout=\"this.style.textDecoration='none';\" >Logout</a></span>"); }else{ setcookie(User_my_site, $_POST['admin'], $hour); print("<span style=\"float: left; text-align: left; padding: 5px 5px 5px 5px;\">Welcome <span id=\"myusername\">".$myusername."</span>! <br />Visit your <a style=\"text-decoration: none;\" href=\"login/member.php\" onmouseover=\"this.style.textDecoration='underline';\" onmouseout=\"this.style.textDecoration='none';\" >member's stat</a> <br /><a style=\"text-decoration: none;\" href=\"login/logout.php\" onmouseover=\"this.style.textDecoration='underline';\" onmouseout=\"this.style.textDecoration='none';\" >Logout</a></span>"); } //then redirect them to the members area //header("Location: login/member.php"); //print("Welcome".$username); //header("Location: login/member.php"); //header("Location: "); } } }else{ // if they are not logged in login(); } ?> </div> logout.php <?php ob_start(); include("dbconnection.php"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Logout</title> </head> <body> <?php $past = time() - 100; //this makes the time in the past to destroy the cookie setcookie(ID_my_site, gone, $past); setcookie(Key_my_site, gone, $past); setcookie(Admin_my_site, gone, $past); header("Location: ../index.php"); ?> </body> </html> member.php <?php ob_start(); include("dbconnection.php"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Members Page</title> </head> <body bgcolor="#505050" text="#000000" link="#363636" vlink="#363636" alink="#d5ae83"> <div id="master" style="width: 1240px; height: 780px; margin: 0px auto; overflow: hidden; text-align: center;"> <div id="logo" style="float: left; margin: 0px; border: none; background-color: #ECECEC; width: 100%; height: 120px; padding: 0px 5px 0px 0px;"> <object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,0,0" width="655" height="120" id="wheelofgod2" align="middle"> <param name="allowScriptAccess" value="sameDomain" /> <param name="movie" value="flashclips/wheelofgod2.swf" /> <param name="quality" value="high" /> <param name="bgcolor" value="#ECECEC" /> <embed src="../../flashclips/wheelofgod2.swf" quality="high" bgcolor="#ECECEC" width="655" height="120" name="wheelofgod" align="middle" allowScriptAccess="sameDomain" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer" /> </object> </div> <div id="leftbar" style="float: left; width: 200px; height: 1200px; margin: 5px 0px 0px 0px; background-color: #505050;"> <?php //$Colors = Array("FF0000", "0000FF", "009900", "FF9900", "660099", "00FFFF"); include("../../getFiles/links.php"); ?> </div> <div id="main" style="float: left; margin: 5px 5px 5px 5px; background-color: #D2C5A0; border: 1px solid #B5A26F; width: 810px; height: 640px; padding: 5px 5px 5px 5px; overflow-y: auto;"> <?php //checks cookies to make sure they are logged in if(isset($_COOKIE['ID_my_site'])){ $myusername = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $admin = $_COOKIE['Admin_my_site']; $user = $_COOKIE['User_my_site']; $sql = "SELECT * FROM "; if($admin=="yes"){ $sql .= $dbTable2; }else{ $sql .= $dbTable; } $sql .= " WHERE username = '".mysql_real_escape_string($myusername)."'"; //echo $sql; $check = mysql_query($sql)or die(mysql_error()); while($info = mysql_fetch_array( $check )){//if the cookie has the wrong password, they are taken to the login page if ($pass != $info['password']){ header("Location: ../index.php"); }else{//otherwise they are shown the admin area ?> <div style="float: left; width: 100%; margin: 5px 0px 0px 0px; background: #7C7C7C; border: 1px solid #A5A498; border-width: 1px 1px 0px 1px;"> <span style="float: left; padding: 2px 10px 0px 12px; color: #FFFFFF; font-family: arial; font-weight:bold; font-style: italic; font-size: 13px"><?php echo mysql_real_escape_string(strtoupper($myusername)); ?>'s Member Stat.</span> </div> <?php include("memberStat.php"); echo "<a href=\"logout.php\">Logout</a>"; } } }else{//if the cookie does not exist, they are taken to the login screen header("Location: ../index.php"); } ?> </div> <div id="rightbar" style="float: left; width: 200px; height: 1200px; margin: 5px 0px 0px 5px; background-color: #505050;"> <?php include("index.php"); //include("../../getFiles/whattodo.php"); include("../../getFiles/updates.php"); include("../../getFiles/posts.php"); ?> </div> </div> </body> </html> register.php <?php include("dbconnection.php"); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Register</title> </head> <body bgcolor="#505050" text="#000000" link="#363636" vlink="#363636" alink="#d5ae83"> <div id="master" style="width: 1240px; height: 780px; margin: 0px auto; overflow: hidden; text-align: center;"> <div id="logo" style="float: left; margin: 0px; border: none; background-color: #ECECEC; width: 100%; height: 120px; padding: 0px 5px 0px 0px;"> <object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,0,0" width="655" height="120" id="wheelofgod2" align="middle"> <param name="allowScriptAccess" value="sameDomain" /> <param name="movie" value="flashclips/wheelofgod2.swf" /> <param name="quality" value="high" /> <param name="bgcolor" value="#ECECEC" /> <embed src="../../flashclips/wheelofgod2.swf" quality="high" bgcolor="#ECECEC" width="655" height="120" name="wheelofgod" align="middle" allowScriptAccess="sameDomain" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer" /> </object> </div> <div id="leftbar" style="float: left; width: 200px; height: 1200px; margin: 5px 0px 0px 0px; background-color: #505050;"> <?php //$Colors = Array("FF0000", "0000FF", "009900", "FF9900", "660099", "00FFFF"); include("../../getFiles/links.php"); include("../../getFiles/updates.php");?> </div> <div id="main" style="float: left; margin: 5px 5px 5px 5px; background-color: #D2C5A0; border: 1px solid #B5A26F; width: 810px; height: 640px; padding: 5px 5px 5px 5px; overflow-y: auto;"> <?php //This code runs if the form has been submitted if (isset($_POST['submit'])){//This makes sure they did not leave any fields blank if (!$_POST['username'] | !$_POST['pass'] | !$_POST['pass2']){ //die('You did not complete all of the required fields'); print('You did not complete all of the required fields'); } // checks if the username is in use if (!get_magic_quotes_gpc()){ $_POST['username'] = addslashes($_POST['username']); } $usercheck = $_POST['username']; $check = mysql_query("SELECT username FROM ".$dbTable." WHERE username = '$usercheck'") or die(mysql_error()); $check2 = mysql_num_rows($check); //if the name exists it gives an error if ($check2 != 0) { //die('Sorry, the username '.$_POST['username'].' is already in use.'); print('Sorry, the username '.$_POST['username'].' is already in use.'); } // this makes sure both passwords entered match if ($_POST['pass'] != $_POST['pass2']) { //die('Your passwords did not match. '); print('Your passwords did not match. '); } // here we encrypt the password and add slashes if needed $_POST['pass'] = md5($_POST['pass']); if (!get_magic_quotes_gpc()) { $_POST['pass'] = addslashes($_POST['pass']); $_POST['username'] = addslashes($_POST['username']); } // now we insert it into the database $insert = "INSERT INTO ".$dbTable." ( ...// ... )"; //echo $insert; //$add_member = mysql_query($insert); ?> <div style="float: left; width: 100%; margin: 5px 0px 0px 0px; background: #7C7C7C; border: 1px solid #A5A498; border-width: 1px 1px 0px 1px;"> <span style="float: left; padding: 2px 10px 0px 12px; color: #FFFFFF; font-family: arial; font-weight:bold; font-size: 13px">Registered</span> </div> <p>Thank you <?php echo "<span style=\"font-weight: bold; font-style: italic;\">".$_POST['username']."</span>"; ?>, you have registered - you may now <a href="../index.php">login</a>.</p> <?php }else{ ?> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST"> <table border="0"> <tr><td>*Username:</td><td><input type="text" name="username" style="float: left; border: 1px solid #7C7C7C; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 200px; height: 15px;" maxlength="60" /></td></tr> <tr><td>*Password (10 characters):</td><td><input type="password" name="pass" style="float: left; border: 1px solid #7C7C7C; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 200px; height: 15px;" maxlength="10" /></td></tr> <tr><td>*Confirm Password (10 characters):</td><td><input type="password" name="pass2" style="float: left; border: 1px solid #7C7C7C; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 200px; height: 15px;" maxlength="10" /></td></tr> <tr> <td>*First Name:</td> <td><input name="fname" size="29" maxlength="30" style="float: left; border: 1px solid #7C7C7C; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 200px; height: 15px;" /></td> </tr> <tr> <td>*Last Name:</td> <td><input name="lname" size="29" maxlength="40" style="float: left; border: 1px solid #7C7C7C; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 200px; height: 15px;" /></td> </tr> <tr> <td>*Your e-mail:</td> <td><input name="email" size="29" maxlength="40" style="float: left; border: 1px solid #7C7C7C; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 200px; height: 15px;" /></td> </tr> <tr> <td>Your URL:</td> <td><input name="url" size="29" maxlength="100" style="float: left; border: 1px solid #7C7C7C; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 200px; height: 15px;" /></td> </tr> <tr> <td>Additional URL:</td> <td><input name="addnlurl" size="29" maxlength="100" style="float: left; border: 1px solid #7C7C7C; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 200px; height: 15px;" /></td> </tr> <tr> <td> <input type="submit" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C; color: #ffffff; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-weight: bold; width: 200px; height: 20px; margin: 5px 5px 5px 5px;" onMouseOver="this.style.backgroundColor='#B4B3A9'" onMouseOut="this.style.backgroundColor='#7C7C7C'" name="submit" value="Register" /> </td> <td> <input type="reset" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C; color: #ffffff; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-weight: bold; width: 200px; height: 20px; margin: 5px 5px 5px 5px;" onMouseOver="this.style.backgroundColor='#B4B3A9'" onMouseOut="this.style.backgroundColor='#7C7C7C'" value="Reset" name="reset" /> </td> </tr> </table> </form> <?php } ?> </div> <div id="rightbar" style="float: left; width: 200px; height: 1200px; margin: 5px 0px 0px 5px; background-color: #505050;"> <?php include("index.php"); //include("../../getFiles/whattodo.php"); include("../../getFiles/posts.php"); ?> </div> </div> </div> </body> </html> gilgalbiblewhee 04-04-2010, 05:49 AM Again, where is the form tag in your code? This is not an OR operation: if(!$_POST['username'] | !$_POST['pass']){ This is an OR operation: if(!$_POST['username'] || !$_POST['pass']){ Ok I changed them. login/index.php if(!$_POST['username'] || !$_POST['pass']) {// makes sure they filled it in register.php repeated twice if (!$_POST['username'] || !$_POST['pass'] || !$_POST['pass2']){ But it's still giving the same problem. That is on the first attempt to log in it doesn't show the $myusername next to "welcome". if(isset($_COOKIE['ID_my_site'])){ //if there is, it logs you in and directs you to the members page $myusername = $_COOKIE['ID_my_site']; But on the 2nd attempt $myusername shows. And the 2nd problem is when I click on the url address bar and enter it logs out. gilgalbiblewhee 04-25-2010, 12:54 AM I used 3 php files: login.php, logout.php and index.php. I think the checking the $_POST[] should be in the login.php. But then I'm guessing that the index.php page needs to read cookies which the login.php has set right? <?php # index.php session_start(); $logged_in = isset($_SESSION['logged_in']); include("../dbconnection.php"); //say goodbye to magic_quotes_gpc! no false security. $errors = array(); if($_SERVER['REQUEST_METHOD'] == "POST"){ if(empty($_POST['username'])){ $errors[] = "username was empty"; } if(empty($_POST['password'])){ $errors[] = "password was empty"; } if(empty($_POST['email'])){ $errors[] = "e-mail was empty"; } if(count($errors) == 0){ //fix magic_quotes_gpc() being on if(get_magic_quotes_gpc()){ foreach($_GET as $k => $v){ $_GET[$k] = stripslashes($v); } foreach($_POST as $k => $v){ $_POST[$k] = stripslashes($v); } foreach($_COOKIE as $k => $v){ $_COOKIE[$k] = stripslashes($v); } } //Checks if there is a login cookie if(isset($_COOKIE['ID_my_site'])){ //if there is, it logs you in and directs you to the members page $myusername = $_COOKIE['ID_my_site']; $pass = $_COOKIE['Key_my_site']; $admin = $_COOKIE['Admin_my_site']; $user = $_COOKIE['User_my_site']; $sql = "SELECT * FROM "; if($admin=="yes"){ $sql .= $dbTable2; }else{ $sql .= $dbTable; } $sql .= " WHERE username = '".mysql_real_escape_string($myusername)."'"; $check = mysql_query($sql)or die(mysql_error()); while($info = mysql_fetch_array( $check )){ if($pass == $info['password']){ $writeusername = "Welcome ".$myusername."! <br />Visit your <a href=\"member.php\">member's stat</a> <br /><a href=\"login/logout.php\">Logout</a>"; } } } //variable to keep track of whether to show the user the login form or not $showlogin = true; //we show the form by default, -unless- we know they have logged in //if the login form is submitted if (isset($_POST['submit'])){ // if form has been submitted if(!$_POST['username'] || !$_POST['pass']) {// makes sure they filled it in $writeemptyfield = "<tr><td colspan=\"2\" style=\"text-align: left; color: red;\">You did not fill in a required field.</td></tr>"; }// checks it against the database $_POST['email'] = mysql_real_escape_string($_POST['email']); $db['username'] = mysql_real_escape_string($_POST['username']); $sql = "SELECT * FROM "; if($admin=="yes"){ $sql .= $dbTable2; }else{ $sql .= $dbTable; } $sql .= " WHERE username = '".$db['username']."'"; $check = mysql_query($sql) or die(mysql_error()); //Gives error if user dosen't exist $check2 = mysql_num_rows($check); if ($check2 == 0) { $writeusernoexist = "<tr><td colspan=\"2\" style=\"text-align: left; color: red;\">That user does not exist in our database.</td></tr>"; } while($info = mysql_fetch_array( $check )){ $_POST['pass'] = md5($_POST['pass']); //gives error if the password is wrong if ($_POST['pass'] != $info['password']){ $writewrongpassword = "<tr><td colspan=\"2\" style=\"text-align: left; color: red;\">Incorrect password, please try again.</td></tr>"; }else{ // if login is ok then we add a cookie $hour = time() + 3600; setcookie("ID_my_site", $_POST['username'], $hour); setcookie("Key_my_site", $_POST['pass'], $hour); //they are logged in. no need to show the login form $showlogin = false; if($_POST["admin"]=="yes"){ setcookie("Admin_my_site", $_POST['admin'], $hour); }else{ setcookie("User_my_site", $_POST['admin'], $hour); } header("Location: login.php"); } } } } } //$_SESSION['logged_in'] = 1; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Login</title> </head> <body> <?php if ($logged_in): ?> <form action="<?php echo "logout.php";//$_SERVER['PHP_SELF'];?>" method="POST"> <span style="float: left; text-align: left; padding: 5px 5px 5px 5px;"> Welcome <span id="myusername"><?php echo $myusername; ?> </span>!<br /> Visit your <a style="text-decoration: none;" href="member.php" onmouseover="this.style.textDecoration='underline';" onmouseout="this.style.textDecoration='none';" >member's stat</a><br /> <input type="submit" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C; color: #ffffff; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-weight: bold; width: 100px; height: 20px;" name="submit" onMouseOver="this.style.backgroundColor='#B4B3A9'" onMouseOut="this.style.backgroundColor='#7C7C7C'" value="Logout" /> </span> </form> <?php else: ?> <form action="<?php echo "login.php";//$_SERVER['PHP_SELF'];?>" method="POST"> <table border="0"> <tr> <td>Administrator:</td><td><input type="checkbox" id="adminid" name="admin" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C;" value="no" onClick="if(this.value=='no'){this.value='yes'; document.getElementById('register').style.display = 'none';} else{this.value='no';document.getElementById('register').style.display = 'block';};" /></td> </tr> <?php echo $writeemptyfield; ?> <?php echo $writeusernoexist; ?> <tr> <td>Username:</td> <td><input type="text" name="username" id="username" style="float: left; border: 1px solid #7C7C7C; font: 9px verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 100px; height: 15px;" value="User Name" onBlur="if (this.value == '') this.value = 'User Name';" onFocus="if (this.value == 'User Name') this.value = '';" /></td> </tr> <?php echo $writewrongpassword; ?> <tr> <td>Password:</td><td><input type="password" style="float: left; border: 1px solid #7C7C7C; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 100px; height: 15px;" name="pass" id="pass" /></td></tr> <tr> <td><a id="register" href="login/register.php" style="float: left; display: block; background-color: #7C7C7C; text-align: left; padding: 0px 0px 0px 5px; width: 80px; height: 20px; text-decoration: none; color: #ffffff; border: 1px solid #7C7C7C; font-weight: bold;" onMouseOver="this.style.backgroundColor='#B4B3A9'" onMouseOut="this.style.backgroundColor='#7C7C7C'">Register</a></td><td align="right"><input type="submit" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C; color: #ffffff; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-weight: bold; width: 100px; height: 20px;" name="submit" onMouseOver="this.style.backgroundColor='#B4B3A9'" onMouseOut="this.style.backgroundColor='#7C7C7C'" value="Login" /></td> </tr> </table> </form> <?php endif; ?> </body> </html> <?php # login.php if ($_SERVER['REQUEST_METHOD'] == 'POST'){ session_start(); $_SESSION['logged_in'] = true; header('HTTP/1.1 303 See Other'); } header('Location: index.php'); ?> <?php # logout.php if ($_SERVER['REQUEST_METHOD'] == 'POST'){ session_start(); session_destroy(); header('HTTP/1.1 303 See Other'); } header('Location: index.php'); ?> |
| |||
EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum
vBulletin® v3.8.2, Copyright ©2000-2013, Jelsoft Enterprises Ltd.