SitePoint Sponsor

User Tag List

Results 1 to 5 of 5

Thread: Problems

  1. #1
    SitePoint Evangelist ucahg's Avatar
    Join Date
    Apr 2001
    Location
    Sarnia, Ontario, Canada
    Posts
    434
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Problems

    I always seem to have many problems with my scripts, even where it seems there should not be any. I was changing my script around to try to get the cookies to work, but I have no idea what is wrong now. Can anybody help me? Thanks in advance.

    PHP Code:
    <?php
    // admin_access.php

    /*
      quick logout function until a full logout function
      is created.
    */

    if ($logout == "yes") {
      
    setcookie("sgf_logged_in[0]");
      
    setcookie("sgf_logged_in[1]");
      echo 
    "you have been logged out";
      exit;
    }

    /* Include the files needed for the script */
    //include("db.php");
    // not needed now

    /*
       set secret variable here, which
       is combined with other variables
       to make a hash.
    */
    $secret_hash_variable "###########";

    /*
       if the login cookie doesn't exist,
       display the login page;  if the login
       page has been already submitted, verify
       the values and set the cookie, then
       proceed with the page.
    */
    if (!$HTTP_COOKIE_VARS['sgf_logged_in[0]']) {
      if (
    $form != "Site Admin Login") {
        
    $maindatafile "login";
        include(
    "blue.template");
        exit;
      }
      else {
        
    mysql_connect('localhost');
        
    $verify_query "SELECT * FROM sgf.users WHERE username='$username' AND password=PASSWORD('$password');";
        
    $verify_result mysql_query($verify_query);
        if (
    mysql_num_rows($verify_result) == 0) {
          
    $maindatafile "login";
          
    $feedback "Invalid username/password combination. Please try again:";
          include(
    "blue.template");
          exit;
        }
        else {
          while (
    $query_results mysql_fetch_array($verify_result)) {
            
    $db1_user_id $query_results['user_id'];
            
    $db1_number_of_sessions $query_results['number_of_sessions'];
          }
          
    $db1_number_of_sessions++;
          
    $sessions_update_query "UPDATE sgf.users SET last_login = NULL, number_of_sessions = '$db1_number_of_sessions' WHERE user_id = '$db1_user_id';";
          
    mysql_query($sessions_update_query);
          
    $verify_query "SELECT * FROM sgf.users WHERE user_id='$login_cookie[0]';";
          
    $verify_result mysql_query($verify_query);
          while (
    $query_results mysql_fetch_array($verify_result)) {
            
    $db2_first_name $query_results['first_name'];
            
    $db2_last_name $query_results['last_name'];
            
    $db2_email $query_results['email'];
            
    $db2_username $query_results['usernane'];
            
    $db2_password $query_results['password'];
            
    $db2_last_login $query_results['last_login'];
            
    $db2_number_of_sessions $query_results['number_of_sessions'];
          }
          
    setcookie("sgf_logged_in[0]",$db1_user_id);
          
    setcookie("sgf_logged_in[1]",md5($db2_user_id.$db2_first_name.$db2_last_name.$db2_email.$db2_username.$db2_password.$db2_last_login.$db2_number_of_sessions.$secret_hash_variable));
    // refresh for the cookie to work
          
    header("Location: $PHP_SELF");
        }
      }
    }
    else {
    //  add the cookie array to a variable
      
    $login_cookie $HTTP_COOKIE_VARS[sgf_logged_in];
      
    $verify_query "SELECT * FROM sgf.users WHERE user_id='$login_cookie[0]';";
      
    $verify_result mysql_query($verify_query);
      while (
    $query_results mysql_fetch_array($verify_result)) {
        
    $db_user_id $query_results['user_id'];
        
    $db_first_name $query_results['first_name'];
        
    $db_last_name $query_results['last_name'];
        
    $db_email $query_results['email'];
        
    $db_username $query_results['usernane'];
        
    $db_password $query_results['password'];
        
    $db_last_login $query_results['last_login'];
        
    $db_number_of_sessions $query_results['number_of_sessions'];
      }
      
    $hash md5($db_user_id.$db_first_name.$db_last_name.$db_email.$db_username.$db_password.$db_last_login.$db_number_of_sessions.$secret_hash_variable);
      if (
    $login_cookie[1] != $hash) {
        echo 
    "AAAUGH IT DID NOT WORK!<br>$login_cookie[0]$login_cookie[1]<br><br>$login_cookie[1]<br>$hash";
        exit;
      }
      else {
        
    //the page will continue.
      
    }
    }
    ?>

    It just keeps returning to the login page, with no special feedback.


    blue.template includes the header, the footer and $maindatafile.sgf, in this case, login.

    login.sgf includes <input type="hidden" name="form" value="Site Admin Form"> and also includes:
    PHP Code:
    echo $feedback
    Any help would be greatly appreciated, and sorry for the long post, but I don't quite know where in the script the error lies. Again, thanks.
    Last edited by ucahg; Jul 5, 2001 at 15:42.

  2. #2
    SitePoint Evangelist ucahg's Avatar
    Join Date
    Apr 2001
    Location
    Sarnia, Ontario, Canada
    Posts
    434
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I've fixed one problem, with the if statement to check if the cookie exists, I took out the array. Now it checks for sgf_logged_in, not sgf_logged_in[0].
    Last edited by ucahg; Jul 6, 2001 at 06:00.

  3. #3
    SitePoint Evangelist ucahg's Avatar
    Join Date
    Apr 2001
    Location
    Sarnia, Ontario, Canada
    Posts
    434
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Now if I enter my username and password again (after I already entered it and I get back to the login page), I recieve this:

    AAAUGH IT DID NOT WORK!
    0; 027b64bc7c2f54117dd365e6594de948

    027b64bc7c2f54117dd365e6594de948
    5fbf5ada45b017bc0987061fd004c7ff
    I put the two hashes directly over top of each other.
    They should be the same. Can anyone see why they would be different? Thanks!

  4. #4
    SitePoint Evangelist ucahg's Avatar
    Join Date
    Apr 2001
    Location
    Sarnia, Ontario, Canada
    Posts
    434
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Anybody???

  5. #5
    SitePoint Evangelist ucahg's Avatar
    Join Date
    Apr 2001
    Location
    Sarnia, Ontario, Canada
    Posts
    434
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    For the most part I have it figured out.
    Thanks anyway.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •