Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    New Coder
    Join Date
    Aug 2008
    Posts
    64
    Thanks
    11
    Thanked 0 Times in 0 Posts

    Login script help!!

    I am having problems with this script. When I login correctly it says invalid username or password when it shoud say i have successfully logged in as $user
    here is the script

    PHP Code:
    <?php
    session_start
    ();
    include 
    "./global.php";

    echo 
    "<title>Login</title>";
    if(
    $_SESSION['uid']) {
        echo 
    "You are already logged in if you wish to log out, please <a href=\"./logout.php\">click here</a>!\n";
    } else {

        if(!
    $_POST['submit']) {
                echo 
    "<table border=\"0\" cellspacing=\"3\" cellpadding\=\"3\">\n";
                echo 
    "<form method=\"post\" action=\"./login.php\">\n";
                echo 
    "<tr><td>Username</td><td><input type=\"text\" name=\"username\"></td></tr>\n";
                echo 
    "<tr><td>Password</td><td><input type=\"password\" name=\"password\"></td></tr>\n";
                echo 
    "<tr><td colspan=\"2\" align=\"center\"<input type=\"submit\" name=\"submit\" value =\"Login\"></td></tr>\n";
                echo 
    "</form></table>\n";
            } else {
                
    $user mss($_POST['username']);
                
    $pass $_POST['password'];
                
                    if(
    $user && $pass) {
                        
    $sql "SELECT id FROM `users` WHERE `username`='".$user."'";
                        
    $res mysql_query($sql) or die(mysql_error());
                        if(
    mysql_num_rows($res) > 0) {
                            
    $sql2 "SELECT id FROM `users` WHERE `username`='".$user."' AND `password`='".md5($pass)."'";
                            
    $res2 mysql_query($sql2) or die(mysql_error());
                            if(
    mysql_num_rows($res2) > 0) {
                                
    $row mysql_fetch_assoc($res2);
                                
    $_SESSION['uid'] = $row['id'];
                                
                                echo 
    "You have succsessfully logged in as " $user//THIS DOES NOT WORK
                            
    } else {
                                echo 
    "Username and/or password are not valid!"//THIS IS TAKING ITS PLACE!
                            
    }
                        } else {
                            echo 
    "The username you supplied does not exist!";
                        }
                    } else {
                        echo 
    "Complete the form!";
                    }
            }

    }

    ?>
    Last edited by westes; 08-15-2008 at 01:41 AM.

  • #2
    Regular Coder ninnypants's Avatar
    Join Date
    Apr 2008
    Location
    Utah
    Posts
    504
    Thanks
    10
    Thanked 47 Times in 47 Posts
    What is "mss"
    PHP Code:
    $user mss($_POST['username']); 
    I searched the PHP manual and as far as I know it doesn't exist

  • #3
    New Coder
    Join Date
    Aug 2008
    Posts
    64
    Thanks
    11
    Thanked 0 Times in 0 Posts
    mss comes in line three
    where it includes the file, global.php

    here is global.php
    PHP Code:
    <?php

    $con 
    mysql_connect('localhost''root''root') or die (mysql_error());
    $db mysql_select_db("users"$con);


    function 
    mss($value) {
        return 
    mysql_real_escape_string(trim(strip_tags($value))); //mss function
    }
    ?>


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •