Search the Community

yoyo w3s...im having a little trouble with my login page... here you can see the example: http://speed-scene.c...scene/login.php anyways, i allready knew about sessions and such, so i was thinking that it was time to expand my knowledge a little. so i was trying to make a login page that was using cookies to log me in, and while expanding, i was thinking that i could try it out on one of my projects on the following link i have allready given. but the trouble is that when im trying to login, then im just staying at the same page, and nofthing by then happends... here is all my login codes/pages im using: 1. bittorrent.php inside include folder from root (The functions im using to get the login thing to work...): function dbconn($autoclean = false){global $SS;if (!@mysql_connect($SS['mysql_host'], $SS['mysql_user'], $SS['mysql_pass'])){ switch (mysql_errno()) { case 1040: case 2002: if ($_SERVER['REQUEST_METHOD'] == "GET") die("<html><head><meta http-equiv='refresh' content=\"5 $_SERVER[REQUEST_URI]\"></head><body><table border='0' width='100%' height='100%'><tr><td><h3 align='center'>The server load is very high at the moment. Retrying, please wait...</h3></td></tr></table></body></html>"); else die("Too many users. Please press the Refresh button in your browser to retry."); default: die("[" . mysql_errno() . "] dbconn: mysql_connect: " . mysql_error()); }}mysql_select_db($SS['mysql_db']) or die('dbconn: mysql_select_db: ' . mysql_error());//mysql_query("SET NAMES utf8");mysql_set_charset('utf8');userlogin();if ($autoclean) register_shutdown_function("autoclean");} /*LOGIN FUNCTIONS*/function sqlesc($x) {return "'".mysql_real_escape_string($x)."'";}function mkglobal($vars) {if (!is_array($vars))$vars = explode(":", $vars);foreach ($vars as $v) {if (isset($_GET[$v])) $GLOBALS[$v] = unesc($_GET[$v]);elseif (isset($_POST[$v])) $GLOBALS[$v] = unesc($_POST[$v]);else return 0;}return 1;}function set_mycookie( $name, $value = "", $expires_in = 0, $sticky = 1 ){ global $SS; if ( $sticky == 1 ){ $expires = time() + 60*60*24*365;} else if ( $expires_in ) { $expires = time() + ( $expires_in * 86400 ); } else { $expires = FALSE; } $SS['cookie_domain'] = $SS['cookie_domain'] == "" ? "" : $SS['cookie_domain']; $SS['cookie_path'] = $SS['cookie_path'] == "" ? "/" : $SS['cookie_path']; if ( PHP_VERSION < 5.2 ) { if ( $SS['cookie_domain'] ) { @setcookie( $SS['cookie_prefix'].$name, $value, $expires, $SS['cookie_path'], $SS['cookie_domain'] . '; HttpOnly' ); } else { @setcookie( $SS['cookie_prefix'].$name, $value, $expires, $SS['cookie_path'] ); }}else{ @setcookie( $SS['cookie_prefix'].$name, $value, $expires, $SS['cookie_path'], $SS['cookie_domain'], NULL, TRUE );}}function logincookie($id, $passhash, $updatedb = 1, $expires = 0x7fffffff){set_mycookie( "uid", $id, $expires );set_mycookie( "pass", $passhash, $expires );if ($updatedb) @mysql_query("UPDATE users SET last_login = ".TIME_NOW." WHERE id = $id");}function logoutcookie() {set_mycookie('uid', '-1');set_mycookie('pass', '-1');}function loggedinorreturn() {global $CURUSER, $SS;if (!$CURUSER){ header("Location: {$SS['baseurl']}/login.php?returnto=" . urlencode($_SERVER["REQUEST_URI"])); exit();}}function get_mycookie($name){global $SS; if (isset($_COOKIE[$SS['cookie_prefix'].$name]) AND !empty($_COOKIE[$SS['cookie_prefix'].$name])) { return urldecode($_COOKIE[$SS['cookie_prefix'].$name]); } else { return FALSE; }}function userlogin() {global $SS;unset($GLOBALS["CURUSER"]);$ip = getip();$nip = ip2long($ip);require_once "cache/bans_cache.php";if(count($bans) > 0){foreach($bans as $k) { if($nip >= $k['first'] && $nip <= $k['last']) { header("HTTP/1.0 403 Forbidden"); print "<html><body><h1>403 Forbidden</h1>Unauthorized IP address. Please, piss off... you had your chance.</body></html>\n"; exit(); }}unset($bans);}if (!$SS['site_online'] || !get_mycookie('uid') || !get_mycookie('pass'))return;$id = 0 + get_mycookie('uid');if (!$id || strlen( get_mycookie('pass') ) != 32)return;$res = mysql_query("SELECT * FROM users WHERE id = $id AND enabled='yes' AND status = 'confirmed'");// or die(mysql_error());$row = mysql_fetch_assoc($res);if (!$row)return;if (get_mycookie('pass') !== $row["passhash"])return;mysql_query("UPDATE users SET last_access='" . TIME_NOW . "', ip=".sqlesc($ip)." WHERE id=" . $row["id"]);// or die(mysql_error());$row['ip'] = $ip;$GLOBALS["CURUSER"] = $row;}/*LOGIN FUNCTIONS*/ 2. this is my password_functions.php file inside include folder from root: <?phpfunction mksecret($len=5){ $salt = ''; for ( $i = 0; $i < $len; $i++ ) { $num = rand(33, 126); if ( $num == '92' ) { $num = 93; } $salt .= chr( $num ); } return $salt;} function make_passhash_login_key($len=60){ $pass = mksecret( $len ); return md5($pass);} function make_passhash($salt, $md5_once_password){ return md5( md5( $salt ) . $md5_once_password );} function make_password(){ $pass = ""; $unique_id = uniqid( mt_rand(), TRUE ); $prefix = mksecret(); $unique_id .= md5( $prefix ); usleep( mt_rand(15000,1000000) ); mt_srand( (double)microtime()*1000000 ); $new_uniqueid = uniqid( mt_rand(), TRUE ); $final_rand = md5( $unique_id.$new_uniqueid ); mt_srand(); for ($i = 0; $i < 15; $i++) { $pass .= $final_rand{ mt_rand(0, 31) }; } return $pass; }?> 3. this is my login.php file from root: <?phprequire_once("include/bittorrent.php");echo stdhead("Login");?> <form method="post" action="takelogin.php"><table class="login_table" align="center" border="1"><tr><td>Username</td><td><input type="text" name="username" id="username" size="35" /></td></tr><tr><td>Password</td><td><input type="password" name="password" id="password" size="35" /></td></tr><tr><td align="center" colspan="2"><input type="submit" name="login_submit" value="Login Now!" /></td></tr></table></form> <?phpecho stdfooter();?> 4. and at last, this is my takelogin.php file from root: <?phprequire_once 'include/bittorrent.php';require_once "include/password_functions.php";echo stdhead("Login");if (!mkglobal('username:password'))die();dbconn();$lang = array_merge(load_language('takelogin'));$res = mysql_query("SELECT id, passhash, secret, enabled FROM users WHERE username = " . sqlesc($username) . " AND status = 'confirmed'");$row = mysql_fetch_assoc($res);if (!$row)stderr($lang['tlogin_failed'], 'Username or password incorrect');if ($row['passhash'] != make_passhash($row['secret'], md5($password)))stderr($lang['tlogin_failed'], 'Username or password incorrect');if ($row['enabled'] == 'no')stderr($lang['tlogin_failed'], $lang['tlogin_disabled']);logincookie($row['id'], $row['passhash']);header("Location: {$SS['baseurl']}/index.php");echo stdfooter();?> and now to the big question, what the heck is wrong since i cannot login?... ideas where to check... it seems for my eye that i cannot see where to edit, since its all looking pretty well for both me and 1 other guys online i am coding with sometimes ... but the login does not work, so it is obviously that the codes does not either...but in anyways... i would be very much happy if anyone in here could tell me where to have my eyes on... thanks alot! ... PS: if wish to see the whole project, then you can use the following .FTP user to grand acces to the server and read the files, just in case you need more information.. HOST: blackbitt.comUSER: ftp_reader@blackbitt.comPASS: Reader1PORT: 21 bittorrent.php file is the main design to the whole site, and all my functions. in this way i have maked a Global Based design... Hoping you guys once more can guid me on to the right road again, thanks alot in advance! ...

I am trying to set up a mysql/php login and register system but whenever i try it fails. I was wondering if someone could write code that can do this with the following things: Database name = DBNAMEDatabase tabel = DBTABLEHost name = EXAHOST.COMHost username = HOSTUSERHost password = HOST PASSWebsite name = WEBNAME.ORG If anymore things are needed please tell me, and if someone could make one that works i would REALLY appreciate it Thanks

Hi. Wonder if anyone can help. I am trying to build a website where users can log in to their account, and then place an order for an item, edit their details etc. However, am using the following code upon loading the myAccount.cshtml page: if (WebSecurity.IsAuthenticated == false) { Response.Redirect("~/"); } So that if the user is not logged in it directs them to the home page to then login. However I am finding that even when the user has logged in, as soon as they come away from the My Account area - it logs them out and they then have to log back in. How could I make this so it persistently keeps the user logged in until they manually log out with the button I have created. Thanks. Kevin

I'm building this web site for a CS major career for a college. I'm working on the login part now, but I thought it would be really cool and efficient (I assume) if instead of redirecting the user to another html page to do all the login information, to just do like most websites do now, dim the background to a dark color and pop-up a form with the username and password.. I know that has something to do with ajax and some javascript.. But the problem is that I've been looking for resources or tutorials on how to do it, but I haven't found one yet. If someone has any tutorial link, or any information on how to do this I would be really grateful!