FRIHOST • FORUMS • SEARCH • FAQ • TOS • BLOGS • COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Login system doesn't work





milleja46
With this info
Run this SQL command in your MySQL database (you must have one):
Code:
CREATE TABLE `users` (
`id` int(3) NOT NULL auto_increment,
`login` varchar(8) default NULL,
`password` varchar(8) default NULL,
PRIMARY KEY (`id`)
) TYPE=MyISAM AUTO_INCREMENT=3 ;


This will create the table that will record the usernames and passwords.

Then, create the LOGIN.PHP file. This page will contain the form that will submit the user΄s data.

Code:

<?
session_name("MyLogin");
session_start();
session_destroy();

if($_GET['login'] == "failed") {
print $_GET['cause'];
}
?>
<form name="login_form" method="post" action="log.php?action=login">
Login: <input type="text" name="user"><BR>
Password: <input type="password" name="pwd"><BR>
<input type="submit">
</form>

Now, create the LOG.PHP. This is the file that performs the action of the form.

Code:

<?
session_name("MyLogin");
session_start();

if($_GET['action'] == "login") {
$conn = mysql_connect("localhost","user","password"); // your MySQL connection data
$db = mysql_select_db("DATABASENAME"); //put your database name in here
$name = $_POST['user'];
$q_user = mysql_query("SELECT * FROM USERS WHERE login='$name'");


if(mysql_num_rows($q_user) == 1) {

$query = mysql_query("SELECT * FROM USERS WHERE login='$name'");
$data = mysql_fetch_array($query);
if($_POST['pwd'] == $data['password']) {
session_register("name");
header("Location: yourpage.php"); // success page. put the URL you want
exit;
} else {
header("Location: login.php?login=failed&cause=".urlencode('Wrong Password'));
exit;
}
} else {
header("Location: login.php?login=failed&cause=".urlencode('Invalid User'));
exit;
}
}

// if the session is not registered
if(session_is_registered("name") == false) {
header("Location: login.php");
}
?>


If you paid enough attention, you noticed that the login will lead the user to YOURPAGE.PHP. Add these lines of code to any webpage that you want to secure (including yourpage.php):

Code:

<?
require("log.php");
?>

Printing the user name in the screen is very easy. Just add this code:
Code:

<? print $_SESSION["name"]; ?>


And that is what i was told to do but when i use it, it messes up my page that i put it on to test it on: milleja46games.frihost.org/mailinglist.html
erlendhg
Hi.
I haven't tried out the code you supplied, but I can say that once I saw it, I think it looked somewhat shady.

You really shouldn't use the
Code:
action="log.php?action=login"

Instead use
Code:
action="log.php"
and make a hidden field inside the form tag:
Code:
<input type="hidden" name="action" value="login />


EDIT

And of course, you'll then have to substitute
Code:
if($_GET['action'] == "login") {
with
Code:
if($_POST['action'] == "login") {


EDIT

Sorry, It became a few edits now.
I just also thought your code might be written just a bit more secure, so you never store the "correct" password in a local variable:

Code:
$pwd = $_POST['pwd'];
$query = mysql_query("SELECT * FROM USERS WHERE login='$name' AND password='$pwd'");
if (mysql_num_rows($query)) {


instead of

Code:
$query = mysql_query("SELECT * FROM USERS WHERE login='$name'");
$data = mysql_fetch_array($query);
if($_POST['pwd'] == $data['password']) {


Well, hope you figure it out Smile
Cheers.
milleja46
thanks i will try that. But i have to do it through proxy since normal one doesn't work also what files did the code belong to that you told me were wrong?
milleja46
And where would i put:

Code:

<?
require("log.php");
?>


So it doesn't mess up my page?
tchaunt
Put the require toward the top of the code.

Also, I noticed that you're ending the session connection immediately after starting it.

Code:
session_name("MyLogin");
session_start();
# vv This line right here
session_destroy();


If you're not going to use the session, there's not really a need to start it.

And I'm almost certain you censored out your actual details, but just to make sure, in LOG.php, have you replaced "user" and "password" and "DATABASE NAME" with your actual strings you need in the lines:
Code:
$conn = mysql_connect("localhost","user","password"); // your MySQL connection data
$db = mysql_select_db("DATABASENAME"); //put your database name in here
milleja46
well i didn't sensor it out i just copied it from the instructions. And yes i changed it when i put it in the actual file.
milleja46
well i didn't sensor it out i just copied it from the instructions. And yes i changed it when i put it in the actual file. But that still doesn't explain where i should put it. Does it go in the header? Before my site name is listed on the actual page or where? I am still very new to php and mysql databases so i really need it explained.
tchaunt
Sorry about that. I meant to elaborate more before I posted, then forgot. Technically, you only have to put the "require();" line before any functions or features you want blocked are called. I, personally, would put it as the second line of your code:

Code:

<?
require(file.php);

# Rest of the code
?>
HTML
milleja46
Okay will try it once i get a new account for my site.
Related topics
html login system
Simple login system
Microsoft blows it again... (Why NOT to use IE)
changed domaine name, now login page wont work in phbb2
why wont system shield work
Login System help
news system with login for more than 1 user.
Developing a Login System with PHP and MySQL
i need a single user login system
Login System Tutorial Part 1 Creating Registration
Frih$ on offer for PHP Login System
Could someone create a really simple login system???
Login system with uploading features!
Creating safe persistent login system
Reply to topic    Frihost Forum Index -> Scripting -> Php and MySQL

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.