SitePoint Sponsor

User Tag List

Results 1 to 15 of 15
  1. #1
    SitePoint Enthusiast Stealth's Avatar
    Join Date
    Jul 2003
    Location
    My House
    Posts
    35
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Login Script Help

    Alright, it's pretty simple, I'm trying to make a login script that checks $_POST['username'] and $_POST['password'] and make sure they both correspond to what the DB has stored. So far I have:

    PHP Code:
    <?php
    require ('config.php');
    ?>
    <html>
    <table width="195" border="0" cellspacing="0" cellpadding="0">
      <tr>
        <td width="64" height="24">Username:</td>
        <td width="131"><form name="form1" method="post" action="">
            <input name="username" type="text" id="username">
          </form></td>
      </tr>
      <tr>
        <td>Password:</td>
        <td><form name="form2" method="post" action="">
            <input name="password" type="password" id="password">
          </td>
      </tr>
    </table>
    <br>

      <input type="submit" name="Submit" value="Submit">
      <input type="reset" name="Submit2" value="Reset">
    </form>
    <?php
    if ($submit) {
    $md5pass md5($_POST['password']);

    $connect mysql_connect("$server""$user""$pass");
        
    mysql_select_db("$db",$connect) or die('Connection Failed');
        
    $sql 'SELECT * FROM users';
        
    $result mysql_query($sql$connection) or die(mysql_error());
        
    $users=mysql_fetch_row($result);

    if ((
    $users[0]=$_POST['username']) AND ($users[1]=$md5pass))
        {
    echo 
    'Authentication Complete';
    } else {
    echo 
    'Authentication Incomplete';
        }
    }
    ?>
    Just trying to get it to work, so it doesn't do anything complicated if the script completes, it just says Authentication complete, or rather, supposed to say it.

    However, http://artofstealth.net/login.php is where the script is, and it does nothing. Anyone want to help me out?

  2. #2
    Free your mind Toly's Avatar
    Join Date
    Sep 2001
    Location
    Panama
    Posts
    2,181
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Just change the s to S in $submit...

    PHP Code:
    if ($Submit) { 


    Community Guidelines | Community FAQ

    "He that is kind is free, though he is a slave;
    he that is evil is a slave, though he be a king." - St. Augustine

  3. #3
    SitePoint Member Viper78's Avatar
    Join Date
    Oct 2003
    Location
    Canada
    Posts
    12
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    well you can try this
    PHP Code:
    $sql "SELECT * FROM users WHERE username='$_POST[username]' AND password='$md5pass'"
    $result mysql_query($sql$connection) or die(mysql_error()); 

    $num mysql_num_rows($result);

    if(
    $num 0) {
    echo 
    "You are logged in.";
    } else {
    echo 
    "Your username and password don't match.";

    you should use mysql_num_rows for checking if the username and pass are corect not mysql_fetch_array.

    Hope this helps

    Viper

    edited sorry had some parse errors in the code i provided fixed it now.
    Last edited by Viper78; Oct 11, 2003 at 17:32.

  4. #4
    SitePoint Enthusiast Stealth's Avatar
    Join Date
    Jul 2003
    Location
    My House
    Posts
    35
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks Viper, I'll try it out now.

    [Edit]

    Still doesn't work, I've probably messed something completely up, here's the new code:

    PHP Code:
    <?php
    if ($Submit) {
    $md5pass md5($_POST['password']);
    $user $_POST['username'];

    $connect mysql_connect("$server""$user""$pass");
        
    mysql_select_db("$db",$connect) or die('Connection Failed');
    $sql "SELECT * FROM users WHERE username='$user' AND password='$md5pass'"
    $result mysql_query($sql$connection) or die(mysql_error()); 

    $num mysql_num_rows($result); 

    if(
    $num 0) { 
        echo 
    "You are logged in."
        } else { 
        echo 
    "Your username and password don't match."
                } 

    }
    ?>
    [Edit Again]
    Got this Notice:
    Notice: Undefined variable: Submit in /home/virtual/site5/fst/var/www/html/login.php on line 26

  5. #5
    SitePoint Member Viper78's Avatar
    Join Date
    Oct 2003
    Location
    Canada
    Posts
    12
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    well i don't check to see if the submit button is pressed i do it different i check to make sure the input fields in the form have values if they don't returns an error.

    try that take away the if($Submit) statment and do it this way

    PHP Code:
    <?php 
    $pass 
    $_POST['password']; 
    $user $_POST['username']; 

    if((!
    $user) || (!$pass)) {
    echo 
    "You didnt fill in all the fields";
    exit();
    }

    $md5pass md5($pass);

    $connect mysql_connect("$server""$user""$pass); 
        
    mysql_select_db("$db",$connect) or die('Connection Failed'); 
    $sql "SELECT * FROM users WHERE username='$user' AND password='$md5pass'"
    $result mysql_query($sql$connection) or die(mysql_error()); 

    $num mysql_num_rows($result); 

    if(
    $num 0) { 
        echo 
    "You are logged in."
        } else { 
        echo 
    "Your username and password don't match."
                } 
    ?>
    Last edited by Viper78; Oct 11, 2003 at 21:53.

  6. #6
    SitePoint Enthusiast Stealth's Avatar
    Join Date
    Jul 2003
    Location
    My House
    Posts
    35
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Now I get these interesting Notices, and it still doesn't work:

    Notice: Undefined index: password in /home/virtual/site5/fst/var/www/html/login.php on line 26

    Notice: Undefined index: username in /home/virtual/site5/fst/var/www/html/login.php on line 27

  7. #7
    SitePoint Evangelist GeekSupport's Avatar
    Join Date
    May 2002
    Location
    Southern California
    Posts
    408
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    try putting this right after <?php

    PHP Code:
    <?php
    echo '<pre>';
    print_r($_POST);
    ...
    ?>
    it will tell you all the variables in the $_POST array

  8. #8
    SitePoint Enthusiast Stealth's Avatar
    Join Date
    Jul 2003
    Location
    My House
    Posts
    35
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Array
    (
    )

    Notice: Undefined index: password in /home/virtual/site5/fst/var/www/html/login.php on line 29

    Notice: Undefined index: username in /home/virtual/site5/fst/var/www/html/login.php on line 30
    You didnt fill in all the fields

    Strange, looks like it's not picking up the variables?

  9. #9
    SitePoint Evangelist GeekSupport's Avatar
    Join Date
    May 2002
    Location
    Southern California
    Posts
    408
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    yeah. it is strange. what version of PHP are you using?
    PHP Code:
    phpinfo() 
    php shouldn't give you an error even if a superglobal such as $_POST is missing $_POST['password']

  10. #10
    SitePoint Enthusiast Stealth's Avatar
    Join Date
    Jul 2003
    Location
    My House
    Posts
    35
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'm using 4.2.2

  11. #11
    SitePoint Evangelist GeekSupport's Avatar
    Join Date
    May 2002
    Location
    Southern California
    Posts
    408
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    testing your site again, it is now getting the $_POST info (type in stuff in both fields and hit submit). it isn't getting the username

  12. #12
    SitePoint Evangelist GeekSupport's Avatar
    Join Date
    May 2002
    Location
    Southern California
    Posts
    408
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ohhhh, i see. you have 2 forms. you only need 1 form for the username/pass/submit/reset. can you repost your login file. also, i would update to the latest stable 4.3.x

  13. #13
    SitePoint Enthusiast Stealth's Avatar
    Join Date
    Jul 2003
    Location
    My House
    Posts
    35
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yeah, dw made a stupid mistake and I missed it

    PHP Code:
    <?php
    error_reporting
    (E_ALL);
    require (
    'config.php');
    ?>
    <html>
    <table width="195" border="0" cellspacing="0" cellpadding="0">
      <tr>
        <td width="64" height="24">Username:</td>
        <td width="131"><form name="form1" method="post" action="">
            <input name="username" type="text" id="username">
          </td>
      </tr>
      <tr>
        <td>Password:</td>
        <td>
            <input name="password" type="password" id="password">
          </td>
      </tr>
    </table>
    <br>

      <input type="submit" name="Submit" value="Submit">
      <input type="reset" name="Reset" value="Reset">
    </form>
    <?php 
    echo '<pre>'
    print_r($_POST); 

    $password $_POST['password']; 
    $username $_POST['username']; 

    if((!
    $username) || (!$password)) { 
    echo 
    "You didnt fill in all the fields";
    exit();


    $md5pass md5($password); 

    $connect mysql_connect("$server""$user""$pass); 
        
    mysql_select_db("$db",$connect) or die('Connection Failed'); 
    $sql "SELECT * FROM users WHERE username='$username' AND password='$md5pass'"
    $result mysql_query($sql$connection) or die(mysql_error()); 

    $num mysql_num_rows($result); 

    if(
    $num 0) { 
        echo 
    "You are logged in."
        } else { 
        echo 
    "Your username and password don't match."
                } 
    ?>
    ?>
    That's what I have so far.

    I also get this after I submit:
    Array
    (
    [username] => Stealth
    [password] => -----
    [Submit] => Submit
    )

    Notice: Undefined variable: connection in /home/virtual/site5/fst/var/www/html/login.php on line 42

    Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in /home/virtual/site5/fst/var/www/html/login.php on line 42

    [Edit]
    Alright, it seems to work now. Now I just need it to actually log me into somewhere.

  14. #14
    SitePoint Evangelist GeekSupport's Avatar
    Join Date
    May 2002
    Location
    Southern California
    Posts
    408
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    error_reporting(E_ALL); is what is probably causing the index failures

    to be a little nitpicky, the <form name=...> should be outside the table since </form> ends after the </td>

    also, if you want to use a sql class, i suggest using SafeSQL in combination with ezSQL

    SafeSQL - properly formats your sql queries to help protect against sql injection
    ezSQL - a class that takes out all the
    PHP Code:
    $sql trim(addslashes($sql)); // or what other precautions needed
    $result=mysql_query($sql);
                        or die(
    'some error happened');
    while (
    $row mysql_fetch_assoc($result))
    {
        
    $return[] = $row;
    }
    //into 
    $sql_result $GLOBALS['db']->get_results(SafeSQL::query($sql),ARRAY_A); 
    just my 2 cents (i'm sure others have their favorites like eclipse, pear, other)
    Last edited by GeekSupport; Oct 11, 2003 at 22:44.

  15. #15
    SitePoint Enthusiast Stealth's Avatar
    Join Date
    Jul 2003
    Location
    My House
    Posts
    35
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yeah, like I said, it works now. Just need it to actually log me in somewhere.

    Thanks for the help guys.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •