ckrudelux Posted February 21, 2009 Share Posted February 21, 2009 Okay I need help with understanding and making a login page using php and sql and how I tell my page witch user is on the page so it's loads the users information and not anyone else. Link to comment Share on other sites More sharing options...
mohammad_molana Posted February 21, 2009 Share Posted February 21, 2009 Okay I need help with understanding and making a login page using php and sql and how I tell my page witch user is on the page so it's loads the users information and not anyone else.look this:http://www.phpeasystep.com/phptu/6.html Link to comment Share on other sites More sharing options...
ckrudelux Posted February 21, 2009 Author Share Posted February 21, 2009 look this:http://www.phpeasystep.com/phptu/6.html <?phpob_start();// Connect to server and select databse.mysql_connect("localhost", "root", "")or die("cannot connect"); mysql_select_db("yournews")or die("cannot select DB");// Define $username and $password $username=$_POST['username']; $password=$_POST['password']; $encrypted_password=md5($password);// To protect MySQL injection$username = stripslashes($username);$encrypted_password = stripslashes($encrypted_password);$username = mysql_real_escape_string($username);$encrypted_password = mysql_real_escape_string($encrypted_password);$sql="SELECT * FROM user WHERE username='$username' and password='$encrypted_password'";$result=mysql_query($sql);// Mysql_num_row is counting table row$count=mysql_num_rows($result);// If result matched $myusername and $mypassword, table row must be 1 rowif($count==1){// Register $username, $password and update ip and date for login.. don't know if sql still takes the code becouse I don't know then it's ends reading code.session_register("username");session_register("password"); $ip = $_SERVER['REMOTE_ADDR']; $date = date("y-m-d H:i:s"); mysql_query("UPDATE user SET ip='$ip', login_date='$date' WHERE username='$username' and password='$encrypted_password'"); if ($_SERVER['HTTP_REFERER'] != '') { header('Location: ' . $_SERVER['HTTP_REFERER']); }}else {$errormassage = "<p>Wrong password or username</p>";}ob_end_flush();?> Well I put the code from the page into my page and filled in with my own information and code and I can't login I type my username and password and press enter and then my inputs filleds gets blank... and nothing happens"Notice: Use of undefined constant username - assumed 'username' in C:\wamp\www\yournews2.0\index.php on line 79"Get this error there I should get my menu witch loads if session 'username' is true Link to comment Share on other sites More sharing options...
ckrudelux Posted February 21, 2009 Author Share Posted February 21, 2009 Okay I have been testing with making a echo of $sqlAnd get the password but username is blankAnd if I write my username into my code and test the $count == 0if I write like this I get the username but I don't get the data from the database. $sql="SELECT * FROM user WHERE username=$username and password=$encrypted_password"; Link to comment Share on other sites More sharing options...
ColdEdge Posted February 21, 2009 Share Posted February 21, 2009 hmm it looks as you are missing some charecters and that you need a capital AND here try the code i provided $sql = "SELECT * FROM user WHERE usernaname='$username' AND password='$encrypted_password';"; hope it helps Link to comment Share on other sites More sharing options...
ckrudelux Posted February 21, 2009 Author Share Posted February 21, 2009 hmm it looks as you are missing some charecters and that you need a capital AND here try the code i provided$sql = "SELECT * FROM user WHERE usernaname='$username' AND password='$encrypted_password';"; hope it helps No didn't work out...I'm thinking if this has to do with how this works.1.You get to the page what has information and loginform2.then you write in your username/password and press login the page reloads and checks your user and pass and if they are correct and change the included loginform page to the menu page in the menu bar.This worked then I didn't have a sql login page.the whole page code:<?phpob_start();// Connect to server and select databse.mysql_connect("localhost", "root", "")or die("cannot connect"); mysql_select_db("yournews")or die("cannot select DB");// Define $myusername and $mypassword $username=$_POST['username']; $password=$_POST['password']; $encrypted_password=md5($password);// To protect MySQL injection$username = stripslashes($username);$encrypted_password = stripslashes($encrypted_password);$username = mysql_real_escape_string($username);$encrypted_password = mysql_real_escape_string($encrypted_password);$sql = "SELECT * FROM user WHERE username='$username' AND password='$encrypted_password'";$result=mysql_query($sql);// Mysql_num_row is counting table row$count=mysql_num_rows($result);// If result matched $myusername and $mypassword, table row must be 1 rowif($count==1){// Register $myusername, $mypassword and redirect to file "login_success.php"session_register("username");session_register("password"); $ip = $_SERVER['REMOTE_ADDR']; $date = date("y-m-d H:i:s"); mysql_query("UPDATE user SET ip='$ip' login_date='$date' WHERE username='$username' AND password='$encrypted_password'"); if ($_SERVER['HTTP_REFERER'] != '') { header('Location: ' . $_SERVER['HTTP_REFERER']); }}else {$errormassage = "<p>Wrong password or username</p>";}ob_end_flush();?><?phpif(!isset($_GET['country'])){ header("location: index.php?country=sweden");}?><!-- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> --><html><head> <meta name="description" content="YOUNEWS" /> <meta name="keywords" content="news, computer, sport, nature, games, buildings, web" /> <meta http-equiv="content-type" content="text/xml; charset=iso-8859-1" /> <!-- js menu buttons --> <script src="buttons.js" type="text/javascript"></script> <!-- end --> <title> YOUR NEWS.COM The e-News paper </title> <link rel="alternate" type="application/rss+xml" title="Latest" href="rss/rss.php" /> <link rel="stylesheet" type="text/css" href="style.css" /> </head><body> <div id="bgcolor"> <div id="bgcoloroff"> <div id="logo"> <img src="logo.jpg" /> </div> <div id="menu_1"> <?php if(!session_is_registered(username)){ include "login.php"; } else { include "lmenu.php"; } ?> </div> <div id="menu_2"> <form id="categoryform" method="get"> <select name="country"> <option value="<?php echo $_GET['country']; ?>"><?php if(!isset($_GET['country']) or $_GET['country'] == ''){ echo 'Country'; } else { echo $_GET['country']; }?></option> <option value="sweden">Sweden</option> <option value="england">England</option> </select> <select name="category"> <option><?php if(!isset($_GET['category']) or $_GET['category'] == ''){echo 'category';} else { echo $_GET['category']; }?></option> <option value="computers">computers</option> <option value="music">music</option> </select> <input type="submit" value="Go" /> </form> </div> <div id="context"> <?php if($_GET['category'] == 'category') { include 'start.php'; } else if(isset($_GET['category'])){ $category = $_GET['category']; $country = $_GET['country']; mysql_pconnect('localhost', 'root', '') or die("Can not connect"); mysql_select_db("yournews"); $query = mysql_query("SELECT * FROM articles WHERE category='$category' AND country='$country' AND type='article' ORDER BY article_id DESC"); while($row = mysql_fetch_assoc($query)) { ?> <div class="article_body"> <div class="article_context"> <div class="headline_top"> <p class="left_p"><?php echo $row['headline']; ?></p><p class="right_p"><?php echo $row['post_date']; ?> Posted At <?php echo $row['post_time']; ?></p> </div> <div class="article_text"> <p class="text"> <?php //this is something I need help with too.. it should check if it's image or not. //$file = $row['img']; //if( //($_FILES['$file']["type"] == "image/jpeg") //or($_FILES['$file']["type"] == "image/pjpeg") //or($_FILES['$file']["type"] == "image/gif") //or($_FILES['$file']["type"] == "image/png") //or($_FILES['$file']["type"] == "image/x-png") //or($_FILES['$file']["type"] == "image/pipeg")){ //?> <img align="right" class="img_article" src="<?php echo $row['img'];?>" /> <?php //} else { //echo ''; //} ?> <?php echo $row['article']; ?> </p> <p class="right_p"><a target="_blank" href="<?php echo $row['source']; ?>">Source</a> <?php echo $row['source']; ?></p> </div> <div class="article_bottom"> <p class="left_p">Posted by <?php echo $row['user']; ?></p> </div> </div> </div> <?php } } else if(isset($_GET['r34'])) { $r34 = $_GET['r34'] . ".php"; include "$r34"; } else { include "start.php"; } ?> </div> <div id="bottom"> <p> Copyright © 2009 <br /> Contact <?php echo $sql; //check?><br /> <?php echo $count; //check?><br /> <?php echo $result; //check?><br /> </p> </div> </div> </div></body></html> Link to comment Share on other sites More sharing options...
ckrudelux Posted February 21, 2009 Author Share Posted February 21, 2009 Okay have tested some more stuff and came out with this.Then I type in wrong username or username with wrong password I can see it in my echo but if I write a username from the database it disappears Link to comment Share on other sites More sharing options...
justsomeguy Posted February 23, 2009 Share Posted February 23, 2009 Read through this, it may answer your questions:http://w3schools.invisionzone.com/index.ph...ost&p=96608 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.