SitePoint Sponsor

User Tag List

Results 1 to 4 of 4

Thread: Login Problem

  1. #1
    SitePoint Addict
    Join Date
    Apr 2001
    Location
    Michigan
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I have made a login screen from kevins tutorial. The sign up works fine, but when i login i get the access denied screen, even with a correct username and password. If someone could take a look at the code i used below and tell me what i did wrong i would greately appreciate it.

    accesscontrol.php

    <?php //accesscontrol.php

    include("common.php");
    include("db.php");

    session_start();

    if(!isset($uid)) {
    ?>

    <html>
    <head>
    <title>Please Log In For Access</title>
    </head>
    <body>
    <h1>Login Required</h1>
    <p>You must log in to access this area of the site. If you are not a registered
    user, <a href="signup.php">click here</a> to sign up for instant access!</p>
    <p><form method="post" action="<?=$php_self?>">
    User ID: <input type="text" name="uid" size="8"><br>
    Password: <input type="password" name="pwd" size="8"><br>
    <input type="submit" value="Log In">
    </form></p>
    </body>
    </html>
    <?php
    exit;
    }

    session_register("uid");
    session_register("pwd");

    dbconnect("sessions");
    $sql = "SELECT * FROM user WHERE
    userid = 'uid' AND password = 'pwd'";
    $result = mysql_query($sql);
    if(!$result) {
    error("A database error has occured while checking your ".
    "login details.\\nIf this error persists, please ".
    "contact trhynard@aol.com.");
    }
    if (mysql_num_rows($result) == 0) {
    session_unregister("uid");
    session_unregister("pwd");
    ?>
    <html>
    <head>
    <title>Access Denied</title>
    </head>
    <body>
    <h1>Access Denied</h1>
    <p>Your user ID or password were incorrect, or you are not a registered user on this site.
    To try logging in again please click <a href="<?=$php_self?>">here</a>.
    To register for instant access, please click <a href="signup.php">here</a>.</p>
    </body>
    </html>
    <?php
    exit;
    }
    $username = mysql_result($result,0,"fullname");
    ?>

  2. #2
    SitePoint Wizard johnn's Avatar
    Join Date
    Mar 2001
    Location
    Southern California, USA
    Posts
    1,181
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    $sql = "SELECT * FROM user WHERE
    userid = '$uid' AND password = PASSWORD('$pwd')";

    There are some pieces missing here and there. The whole application needs some modifications in order for it to work correctly.

  3. #3
    SitePoint Addict
    Join Date
    Apr 2001
    Location
    Michigan
    Posts
    284
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well can you tell me where and what needs fixed?

  4. #4
    SitePoint Addict
    Join Date
    Feb 2001
    Location
    Shanghai, China
    Posts
    214
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi trhynard, I'm using the same login-skript and it works fine. I couldn't find any mistakes in yours. You should doublecheck if the name for the db and the tables are correct, maybe check the sql-query alone without that session staff.
    Next you should check if sessions are working on your account ( I had this problem a view days ago ). Just type:
    print("$PHPSESSID");
    after you started the session. If you do not get a session ID ( "which is nothing else than a long number") ask your provider.

    By the way. If you include the "db.php" file in the login skript, you must not include it in the other skripts ( in the user-section) Otherwise you call it twice and will get an error message. (The same for "common.php")
    So far, smorb


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •