Jump to content

its not logging me in...


real_illusions
 Share

Recommended Posts

I have the following code that uses a mysql database to prevent unauthorised access to an admin page. I have entered the user and password (using md5) into the database manually using phpmyadmin.However, on filling out the form, i get a blank page, even with the error_reporting at the top.Nothing is in the source code, no errors...absolutely nothing.I cant figure out what could be wrong..any ideas?

<?phperror_reporting(E_ALL);?><?php// include the config and open database filesinclude 'config.php';include 'opendb.php';// Check if there is a cookie set alreadyif (isset($_COOKIE['CookieLogin']))// If the cookie exists, then redirect to the admin page{$username = $_COOKIE['CookieLogin'];$password - $_COOKIE['Key_CookieLogin'];$check = mysql_query ("SELECT * FROM users WHERE username = '$username'") or die (mysql_error());while ($info = mysql_fetch_array( $check )){if ($pass != $info['password']){}}{header ("Location: admin.php");}}//if the login form is submittedif (isset($_POST['submit'])) { // makes sure they filled it inif(!$_POST['username'] | !$_POST['pass']) {die('You did not fill in a required field.');}// checks it against the databaseif (!get_magic_quotes_gpc()) {$_POST['email'] = addslashes($_POST['email']);}$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'") ordie (mysql_error());// Gives error is user doesn't exist$check2 = mysql_num_rows($check);if ($check2 == 0) {die (mysql_error());}while ($info = mysql_fetch_array( $check )){$_POST['pass'] = stripslashes($_POST['pass']);$info['password'] =stripslashes($info['password']);$_POST['pass'] = md5($_POST['pass']);// Gives error if password is wrongif ($_POST['pass'] !=$info['password']) {die (mysql_error());}else{// if login is ok then we add a cookie$_POST['username'] = stripslashes($_POST['username']);$hour = time() + 3600;setcookie(CookieLogin, $_POST['username'], $hour);setcookie(Key_CookieLogin, $_POST['pass'], $hour);//then redirect them to the admin pageheader("Location: admin.php");}}}else{// if they are not logged in?><form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">Username:<br /><input type="text" name="username" maxlength="40"><br />Password:<br /><input type="password" name="pass" maxlength="50"><br /><input type="submit" name="submit" value="Login"></form><?php}?>

Link to comment
Share on other sites

I believe you're having an extra bracket, and are missing an echo at this point:

if ($pass != $info['password']){}}else{header ("Location: admin.php");}
You're probably not seeing errors because you also need to enable error displaying. You can do so with
ini_set('display_errors','On');

however, I'm not sure if this would work for when the error is a parsing error. I'm only sure it works on evaluation errors.

Link to comment
Share on other sites

if ($pass != $info['password']){}}echo{header ("Location: admin.php");}gives an error of, unexpected { on the line below 'echo'and else, as you've written it gives an error of unexpected T_ELSE on that line (echo is on that line in this post above). :)

Link to comment
Share on other sites

You need to get rid of that second closing brace before the }. And try else not echo

if ($pass != $info['password']){}else{header ("Location: admin.php");}

Link to comment
Share on other sites

your code is weird..
Well..some people say i'm a weird person :)
Or just do this:if ($pass == $info['password']){header ("Location: admin.php");}There's no point to having an empty block ({}) in the code.
Thanks..but its still not working..i get unexpected $end right at the bottom..sorted out the correct number of {}'s, but it says unexpected T_ELSE on line 71 -71 else72 {7374 // if they are not logged inetc etc..There is 2 else's in a row that i can see..surely that cant be right?? :)Maybe the answer will come to me when i haven't been up for over 14 hours and i get some sleep... :mellow:
Link to comment
Share on other sites

$password - $_COOKIE['Key_CookieLogin']; Change - to =if(!$_POST['username'] | !$_POST['pass']) { Make sure you have two |, ||You have pass and password as variables and field names, which I think may have been mess ups?setcookie(CookieLogin, $_POST['username'], $hour); Change CookieLogin to a string, PHP will think it's a constant.setcookie(Key_CookieLogin, $_POST['pass'], $hour); Same as above cookie setting.

Link to comment
Share on other sites

How is changing the password and cookie to a string any better compared to a variable? As its submitted from a form, surely it needs to be checked by making it a variable? Or can a string be used in the same way?I didn't write it myself..its a script that i found online that dealt with registration and the like..so i just stripped out the parts for just the login.:)

Link to comment
Share on other sites

You're probably going to want to open your code in a program like ConTEXT and track down all of the brackets you have in there. It's hard to read the un-indented code and see which brackets don't match up. If you open it in ConTEXT you can put the cursor next to a bracket and hit CTRL-M to jump to the matching bracket. It will help you track down which one is the problem. It would also help to indent your code.

Link to comment
Share on other sites

setcookie(CookieLogin, $_POST['username'], $hour);

How is changing the password and cookie to a string any better compared to a variable?
With the above setcookie call, the PHP interpreter will try to look for the constant CookieLogin and assign that as the cookie name. So if you had define("CookieLogin", "Login") before that your cookie will be named "Login". However, without a definition for CookieLogin that setcookie will fail. It should be
[code]setcookie("CookieLogin", $_POST['username'], $hour);

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...