Jump to content

Login/register script


RobberBaron
 Share

Recommended Posts

I'm writing a website wherein if the user is not logged in, they will be redirected to "login.php", which gives the option of logging in or registering; the issue is, when I submit the Login or Register form, all that happens is the page refreshes - I've checked the database, nothing is inserted. When the login is submitted, if there are no errors then it should redirect to "index.php"When the registration form is submitted, it should redirect to "login.php?r=1" - this is the login/register page only with a notification saying the registration worked.Any help? :/ Here's the code for "login.php":

 <?phpIf (isset($_POST['do_rblogin'])){Include('db.php');// Makes sure they filled it inIf (!$_POST['user_text']){Die('You need to enter a username to login.');}Elseif(!$_POST['user_pass']){Die('Please enter a password.');};//Checks it against the database, gives error if user doesn't exist$check=mysql_query('SELECT * FROM users WHERE username = "'.$_POST['user_text'].'"') or die(mysql_error());If (mysql_num_rows($check)==0){Die('That user does not exist, maybe try registering silly.');};While($info=mysql_fetch_array($check)){$_POST['pass']=stripslashes($_POST['pass']);$info['password'] = stripslashes($info['password']);$_POST['pass'] = md5($_POST['pass']);//Gives error if the password is wrongIf ($_POST['pass']!=$info['password']){Die('Incorrect password, please try again.');}Else{ //if login is ok then we add a cookie setcookie('rb_userid', $info['ID'], time()*10);Header("Location: index.php"); }}}Elseif (isset($_POST['do_rbreg'])){Include('db.php');//Register code// $_POST['user_text']// $_POST['user_pass']// $_POST['user_cr_pass']// $_POST['user_email'] //This makes sure they did not leave any fields blank If (!$_POST['user_text']){Die('Please enter a username.');}Elseif (!$_POST['user_pass']){Die('Please enter a password.');}Elseif (!$_POST['user_cr_pass']||$_POST['user_pass']!=$_POST['user_cr_pass']){Die('Please check your secondary password - this ensures you know the password that you\'ll be using to login.');}; //Check if username is in use$usercheck=$_POST['user_text'];$check=mysql_query('SELECT username FROM users WHERE username = "'.$usercheck.'"') or die(mysql_error());//If the name exists it gives an errorIf (mysql_num_rows($check)!= 0) {die('Sorry, the username '.$usercheck.' is already in use, please select another.');};//Encrypt the password and add slashes if needed$_POST['user_pass']=md5($_POST['user_pass']);If (!get_magic_quotes_gpc()){$_POST['user_text']=addslashes($_POST['user_text']);$_POST['user_pass']=addslashes($_POST['user_pass']);$_POST['user_email']=addslashes($_POST['user_email']);}; //Now we insert it into the databasemysql_query('INSERT INTO users (username, password, email) VALUES ("'.$_POST['user_text'].'", "'.$_POST['user_pass'].'", "'.$_POST['user_email'].'")') or die(mysql_error());Header('Location: login.php?r=1');}Else{?><html><head><title>RobberBaron</title></head><body><h1>RobberBaron Accounts</h1><hr /><h1><?php If (isset($_GET['r'])) { Echo('Registration complete  Now '); }; ?>Login</h1><form name="login" action="index.php?do=login" method="post"><input type="hidden" id="do_rblogin" value="1" /><table border="0"><tr><td>Username:</td><td><input type="text" id="user_text" /></td></tr><tr><td>Password:</td><td><input type="password" id="user_pass" /></td></tr></table><input type="submit" value="Submit" /><input type="reset" value="Clear" /></form><hr /><h1>...or register</h1><form name="register" action="index.php?do=register" method="post"><input type="hidden" id="do_rbreg" value="1" /><table border="0"><tr><td>Username:</td><td><input type="text" id="user_text" /></td></tr><tr><td>Password:</td><td><input type="password" id="user_pass" /></td></tr><tr><tr><td>Confirm Password:</td><td><input type="password" id="user_cr_pass" /></td></tr><tr><td>Email:</td><td><input type="text" id="user_email" /></td></tr></table><input type="submit" value="Submit" /><input type="reset" value="Clear" /></form><?php};?>

Thanks for any help

Edited by RobberBaron
  • Like 1
Link to comment
Share on other sites

For the forms, you have to have the name attribute for the input element in order for $_POST to work after submitting. Try this instead: <form name="login" action="index.php?do=login" method="post"><input type="hidden" id="do_rblogin" value="1" /><table border="0"><tr><td>Username:</td><td><input type="text" name="user_text" /></td></tr><tr><td>Password:</td><td><input type="password" name="user_pass" /></td></tr></table><input type="submit" value="Submit" /><input type="reset" value="Clear" /></form> .... instead of id. <form name="register" action="index.php?do=register" method="post"><input type="hidden" id="do_rbreg" value="1" /><table border="0"><tr><td>Username:</td><td><input type="text" name="user_text" /></td></tr><tr><td>Password:</td><td><input type="password" name="user_pass" /></td></tr><tr><tr><td>Confirm Password:</td><td><input type="password" name="user_cr_pass" /></td></tr><tr><td>Email:</td><td><input type="text" name="user_email" /></td></tr></table><input type="submit" value="Submit" /><input type="reset" value="Clear" /></form> Then if you want once the form(s) is submitted, you can assign variables like so:$username = $_POST['user_text'];$user_email = $_POST['user_email']; etc...

Edited by Don E
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...