SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Zealot
    Join Date
    Jun 2006
    Posts
    166
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    what's the possible cause for cannot login

    hi everyone,

    i try to build a shopping cart following a tutorial from http://www.phpwebcommerce.com. I followed very step and when create user table "tbl_user", i added exactly the same name and password:
    Code:
    INSERT INTO `tbl_user` (`user_id`, `user_name`, `user_password`, `user_regdate`, `user_last_login`) VALUES (1, 'admin', '43e9a4ab75570f5b', '2005-02-20 17:35:44', '2005-03-02 21:00:14');
    When i try to login, it always says "Wrong username or password", but it works perfectly in the demo part of the tutorial(http://www.phpwebcommerce.com/plaincart/admin/login.php).

    can anyone please tell me where the problem is? thanks very much for your time!

    the relevant functions.php
    PHP Code:
    /*
        Check if a session user id exist or not. If not set redirect
        to login page. If the user session id exist and there's found
        $_GET['logout'] in the query string logout the user
    */
    function checkUser()
    {
        
    // if the session id is not set, redirect to login page
        
    if (!isset($_SESSION['plaincart_user_id'])) {
            
    header('Location: ' WEB_ROOT 'admin/login.php');
            exit;
        }
        
        
    // the user want to logout
        
    if (isset($_GET['logout'])) {
            
    doLogout();
        }
    }

    /*
        
    */
    function doLogin()
    {
        
    // if we found an error save the error message in this variable
        
    $errorMessage '';
        
        
    $userName $_POST['txtUserName'];
        
    $password $_POST['txtPassword'];
        
        
    // first, make sure the username & password are not empty
        
    if ($userName == '') {
            
    $errorMessage 'You must enter your username';
        } else if (
    $password == '') {
            
    $errorMessage 'You must enter the password';
        } else {
            
    // check the database and see if the username and password combo do match
            
    $sql "SELECT user_id
                    FROM tbl_user 
                    WHERE user_name = '
    $userName' AND user_password = PASSWORD('$password')";
            
    $result dbQuery($sql);
        
            if (
    dbNumRows($result) == 1) {
                
    $row dbFetchAssoc($result);
                
    $_SESSION['plaincart_user_id'] = $row['user_id'];
                
                
    // log the time when the user last login
                
    $sql "UPDATE tbl_user 
                        SET user_last_login = NOW() 
                        WHERE user_id = '
    {$row['user_id']}'";
                
    dbQuery($sql);

                
    // now that the user is verified we move on to the next page
                // if the user had been in the admin pages before we move to
                // the last page visited
                
    if (isset($_SESSION['login_return_url'])) {
                    
    header('Location: ' $_SESSION['login_return_url']);
                    exit;
                } else {
                    
    header('Location: index.php');
                    exit;
                }
            } else {
                
    $errorMessage 'Wrong username or password';
            }        
                
        }
        
        return 
    $errorMessage;


    and the login form
    PHP Code:
    <?php
    require_once '../library/config.php';
    require_once 
    './library/functions.php';

    $errorMessage '&nbsp;';

    if (isset(
    $_POST['txtUserName'])) {
        
    $result doLogin();
        
        if (
    $result != '') {
            
    $errorMessage $result;
        }
    }

    ?>
    <html>
    <head>
    <title>Shop Admin - Login</title>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    <link href="include/admin.css" rel="stylesheet" type="text/css">
    </head>
    <body>
    <table width="750" border="0" align="center" cellpadding="0" cellspacing="1" class="graybox">
     <tr> 
      <td><img src="include/banner-top.gif" width="750" height="75"></td>
     </tr>
     <tr> 
      <td valign="top"> <table width="100%" border="0" cellspacing="0" cellpadding="20">
        <tr> 
         <td class="contentArea"> <form method="post" name="frmLogin" id="frmLogin">
           <p>&nbsp;</p>
           <table width="350" border="0" align="center" cellpadding="5" cellspacing="1" bgcolor="#336699" class="entryTable">
            <tr id="entryTableHeader"> 
             <td>:: Admin Login ::</td>
            </tr>
            <tr> 
             <td class="contentArea"> 
             <div class="errorMessage" align="center"><?php echo $errorMessage?></div>
              <table width="100%" border="0" cellpadding="2" cellspacing="1" class="text">
               <tr align="center"> 
                <td colspan="3">&nbsp;</td>
               </tr>
               <tr class="text"> 
                <td width="100" align="right">User Name</td>
                <td width="10" align="center">:</td>
                <td><input name="txtUserName" type="text" class="box" id="txtUserName" value="admin" size="10" maxlength="20"></td>
               </tr>
               <tr> 
                <td width="100" align="right">Password</td>
                <td width="10" align="center">:</td>
                <td><input name="txtPassword" type="password" class="box" id="txtPassword" value="admin" size="10"></td>
               </tr>
               <tr> 
                <td colspan="2">&nbsp;</td>
                <td><input name="btnLogin" type="submit" class="box" id="btnLogin" value="Login"></td>
               </tr>
              </table></td>
            </tr>
           </table>
           <p>&nbsp;</p>
          </form></td>
        </tr>
       </table></td>
     </tr>
    </table>
    <p>&nbsp;</p>
    </body>
    </html>

  2. #2
    SitePoint Enthusiast
    Join Date
    Mar 2006
    Posts
    53
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    hi when you are inserting username and password, you are inserting the data without encrypt the password ... then when you are checking the data base you are making the password in PASSWORD(), i do not know what is this 'PASSWORD()' but i think it is encrypting the password for that:
    if you entering aaa as password and this is what is in database
    PASSWORD('aaa') may encrypt aaa to something like 7t6cshdubs8fd and you do not have this in your database.

    thanks

  3. #3
    SitePoint Zealot
    Join Date
    Jun 2006
    Posts
    166
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    thanks satrun77! you're right about the inserting data. i guess the password data inserted in the tutorial "43e9a4ab75570f5b" is the encrypted result for "admin" after PASSWORD() function(whatever encrypting method it is). so when type in password "admin" in the demo, it logged in. that's why i don't know why i cant loggin after i install the whole system on my local server.

  4. #4
    SitePoint Enthusiast
    Join Date
    Mar 2006
    Posts
    53
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    you welcome i had the same problem before but i use sha1()

    thanks


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •