Trusten
07-16-2002, 07:59 PM
i can now contact the database. for some reason i can't sign up however. so i skipped over it and tried to at least access it. because the original script i got to work, didn't have an access code along with it. so far, no go.
i think it's because it cannot compare the pwd since the pwd is encrypted with md5.
i know i've been a real pain but, any help?
this is the access control script
<?php // accesscontrol.php
include("common.php");
include("db.php");
session_start();
if(!isset($uid)) {
?>
<html>
<head>
<title> Please Log In for Access </title>
</head>
<body>
<h1> Login Required </h1>
<p>You must log in to access this area of the site. If you are
not a registered user, <a href="signup.php">click here</a>
to sign up for instant access!</p>
<p><form method="post" action="<?=$PHP_SELF?>">
User ID: <input type="text" name="uid" size="8"><br>
Password: <input type="password" name="pwd" SIZE="8"><br>
<input type="submit" value="Log in">
</form></p>
</body>
</html>
<?php
exit;
}
session_register("uid");
session_register("pwd");
dbConnect("meme_com");
$sql = "SELECT * FROM user WHERE
userid = '$uid' AND password = PASSWORD('$pwd')";
$result = mysql_query($sql);
if (!$result) {
error("A database error occurred while checking your ".
"login details.\\nIf this error persists, please ".
"contact someone@sitepoint.com.");
}
if (mysql_num_rows($result) == 0) {
session_unregister("uid");
session_unregister("pwd");
?>
<html>
<head>
<title> Access Denied </title>
</head>
<body>
<h1> Access Denied </h1>
<p>Your user ID or password is incorrect, or you are not a
registered user on this site. To try logging in again, click
<a href="<?=$PHP_SELF?>">here</a>. To register for instant
access, click <a href="signup.php">here</a>.</p>
</body>
</html>
<?php
exit;
}
$username = mysql_result($result,0,"fullname");
?>
after this, i'll leave you guys alone. i wanted to maybe combine it with the other login code but oh well. is there anyway to add to that script to make it look for the encrypted pwd and compare it?
i used a different sign up script and now i need this login access to work, that's all. in my database however the table is titled username not userid, i'd rather keep it username, but i can always change it to user id.
i think it's because it cannot compare the pwd since the pwd is encrypted with md5.
i know i've been a real pain but, any help?
this is the access control script
<?php // accesscontrol.php
include("common.php");
include("db.php");
session_start();
if(!isset($uid)) {
?>
<html>
<head>
<title> Please Log In for Access </title>
</head>
<body>
<h1> Login Required </h1>
<p>You must log in to access this area of the site. If you are
not a registered user, <a href="signup.php">click here</a>
to sign up for instant access!</p>
<p><form method="post" action="<?=$PHP_SELF?>">
User ID: <input type="text" name="uid" size="8"><br>
Password: <input type="password" name="pwd" SIZE="8"><br>
<input type="submit" value="Log in">
</form></p>
</body>
</html>
<?php
exit;
}
session_register("uid");
session_register("pwd");
dbConnect("meme_com");
$sql = "SELECT * FROM user WHERE
userid = '$uid' AND password = PASSWORD('$pwd')";
$result = mysql_query($sql);
if (!$result) {
error("A database error occurred while checking your ".
"login details.\\nIf this error persists, please ".
"contact someone@sitepoint.com.");
}
if (mysql_num_rows($result) == 0) {
session_unregister("uid");
session_unregister("pwd");
?>
<html>
<head>
<title> Access Denied </title>
</head>
<body>
<h1> Access Denied </h1>
<p>Your user ID or password is incorrect, or you are not a
registered user on this site. To try logging in again, click
<a href="<?=$PHP_SELF?>">here</a>. To register for instant
access, click <a href="signup.php">here</a>.</p>
</body>
</html>
<?php
exit;
}
$username = mysql_result($result,0,"fullname");
?>
after this, i'll leave you guys alone. i wanted to maybe combine it with the other login code but oh well. is there anyway to add to that script to make it look for the encrypted pwd and compare it?
i used a different sign up script and now i need this login access to work, that's all. in my database however the table is titled username not userid, i'd rather keep it username, but i can always change it to user id.