SitePoint Sponsor

User Tag List

Results 1 to 6 of 6

Threaded View

  1. #1
    SitePoint Wizard lukeurtnowski's Avatar
    Join Date
    Mar 2003
    Location
    Coronado
    Posts
    1,645
    Mentioned
    3 Post(s)
    Tagged
    0 Thread(s)

    Login form not working

    I have a question for my login page,
    http://denverasp.com/php/login.php
    I created a test user
    Email: test@aol.com
    Pass: test
    (You can see that the user is in my database (sp0.png) its encrypted (sp1.png) in the database too)
    But when I try and login (which should forward me to members.php)
    It gives me the message telling me I have the wrong password, but isn't it test in the database?
    Thanks for your help...
    Here's the php code for login.php
    PHP Code:
    <?php
    // Connects to your Database
    include("db_conn_open.php");

    //Checks if there is a login cookie
    if(isset($_COOKIE['ID_my_site']))

    //if there is, it logs you in and directes you to the members page
    {
    $email $_COOKIE['ID_my_site'];
    $pass $_COOKIE['Key_my_site'];
    $check mysql_query("SELECT * FROM Providers WHERE Email = '$email'")or die(mysql_error());
    while(
    $info mysql_fetch_array$check ))
    {
    if (
    $pass != $info['password'])
    {
    }
    else
    {
    header("Location: members.php");

    }
    }
    }

    //if the login form is submitted
    if (isset($_POST['submit'])) { // if form has been submitted

    // makes sure they filled it in
    if(!$_POST['email'] | !$_POST['pass']) {
    die(
    'You did not fill in a required field.');
    }
    // checks it against the database

    if (!get_magic_quotes_gpc()) {
    $_POST['email'] = addslashes($_POST['email']);
    }
    $check mysql_query("SELECT * FROM Providers WHERE Email = '".$_POST['email']."'")or die(mysql_error());

    //Gives error if user dosen't exist
    $check2 mysql_num_rows($check);
    if (
    $check2 == 0) {
    die(
    'That user does not exist in our database. <a href=become_a_provider.php>Click Here to become a provider</a>');
    }
    while(
    $info mysql_fetch_array$check ))
    {
    $_POST['pass'] = stripslashes($_POST['pass']);
    $info['password'] = stripslashes($info['password']);
    $_POST['pass'] = md5($_POST['pass']);

    //gives error if the password is wrong
    if ($_POST['pass'] != $info['password']) {
    die(
    'Incorrect password, please try again.');
    }else
    {

    // if login is ok then we add a cookie
    $_POST['email'] = stripslashes($_POST['email']);
    $hour time() + 3600;
    setcookie(ID_my_site$_POST['email'], $hour);
    setcookie(Key_my_site$_POST['pass'], $hour);

    //then redirect them to the members area
    header("Location: members.php");
    }
    }
    }
    else
    {

    // if they are not logged in
    ?>
    <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
    <table border="0">
    <tr><td colspan=2><h1>Login</h1></td></tr>
    <tr><td>Email:</td><td>
    <input type="text" name="email" maxlength="40">
    </td></tr>
    <tr><td>Password:</td><td>
    <input type="password" name="pass" maxlength="50">
    </td></tr>
    <tr><td colspan="2" align="right">
    <input type="submit" name="submit" value="Login">
    </td></tr>
    </table>
    </form>
    <?php
    }
    ?>
    Attached Images Attached Images
    "Oh, and Jenkins--apparently your mother died this morning."


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •