Go Back   CodingForums.com > :: Server side development > PHP
Reload this Page Login script help!!

Before you post, read our: Rules & Posting Guidelines

Reply
 
Thread Tools Rate Thread
Enjoy an ad free experience by logging in. Not a member yet? Register.
Old 08-14-2008, 11:58 PM   PM User | #1
westes
New Coder

 
Join Date: Aug 2008
Posts: 64
Thanks: 11
Thanked 0 Times in 0 Posts
westes is an unknown quantity at this point
Login script help!!
I am having problems with this script. When I login correctly it says invalid username or password when it shoud say i have successfully logged in as $user
here is the script

PHP Code:
<?php
session_start();
include "./global.php";

echo "<title>Login</title>";
if($_SESSION['uid']) {
    echo "You are already logged in if you wish to log out, please <a href=\"./logout.php\">click here</a>!\n";
} else {

    if(!$_POST['submit']) {
            echo "<table border=\"0\" cellspacing=\"3\" cellpadding\=\"3\">\n";
            echo "<form method=\"post\" action=\"./login.php\">\n";
            echo "<tr><td>Username</td><td><input type=\"text\" name=\"username\"></td></tr>\n";
            echo "<tr><td>Password</td><td><input type=\"password\" name=\"password\"></td></tr>\n";
            echo "<tr><td colspan=\"2\" align=\"center\"<input type=\"submit\" name=\"submit\" value =\"Login\"></td></tr>\n";
            echo "</form></table>\n";
        } else {
            $user mss($_POST['username']);
            $pass $_POST['password'];
            
                if($user && $pass) {
                    $sql "SELECT id FROM `users` WHERE `username`='".$user."'";
                    $res mysql_query($sql) or die(mysql_error());
                    if(mysql_num_rows($res) > 0) {
                        $sql2 "SELECT id FROM `users` WHERE `username`='".$user."' AND `password`='".md5($pass)."'";
                        $res2 mysql_query($sql2) or die(mysql_error());
                        if(mysql_num_rows($res2) > 0) {
                            $row mysql_fetch_assoc($res2);
                            $_SESSION['uid'] = $row['id'];
                            
                            echo "You have succsessfully logged in as " $user//THIS DOES NOT WORK
                        } else {
                            echo "Username and/or password are not valid!"//THIS IS TAKING ITS PLACE!
                        }
                    } else {
                        echo "The username you supplied does not exist!";
                    }
                } else {
                    echo "Complete the form!";
                }
        }

}

?>
Last edited by westes; 08-15-2008 at 12:41 AM..
westes is offline   Reply With Quote
Old 08-15-2008, 02:30 AM   PM User | #2
ninnypants
Regular Coder

 
ninnypants's Avatar
 
Join Date: Apr 2008
Location: Utah
Posts: 504
Thanks: 10
Thanked 47 Times in 47 Posts
ninnypants is an unknown quantity at this point
What is "mss"
PHP Code:
$user mss($_POST['username']); 
I searched the PHP manual and as far as I know it doesn't exist
ninnypants is offline   Reply With Quote
Old 08-15-2008, 02:56 AM   PM User | #3
westes
New Coder

 
Join Date: Aug 2008
Posts: 64
Thanks: 11
Thanked 0 Times in 0 Posts
westes is an unknown quantity at this point
mss comes in line three
where it includes the file, global.php

here is global.php
PHP Code:
<?php

$con mysql_connect('localhost''root''root') or die (mysql_error());
$db mysql_select_db("users"$con);


function mss($value) {
    return mysql_real_escape_string(trim(strip_tags($value))); //mss function
}
?>
westes is offline   Reply With Quote
Reply

Bookmarks

Jump To Top of Thread


« Previous Thread | Next Thread »
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 07:11 PM.
Advertisement
Log in to turn off these ads.