Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    Regular Coder stevenmw's Avatar
    Join Date
    Jun 2007
    Location
    OK
    Posts
    497
    Thanks
    27
    Thanked 31 Times in 31 Posts

    Login Script Gone Wrong

    I was hoping someone could spot what I've done wrong?

    PHP Code:
    <?php

    ob_start
    ();

    session_start();

    $error 'could not connect to the database';
    mysql_connect('----''----''----');
    mysql_select_db('bb') or die($error);

    require 
    'includes/functions.php';

    if (
    $_POST['login']) {
      
     
    $username addslashes(strip_tags(strtolower($_POST['username'])));
     
    $password addslashes(strip_tags($_POST['password']));

    if (!
    username || !password)
    echo 
    "please enter a username";

    else {

    $find mysql_query("SELECT * FROM bb_users WHERE username_clean='$username'";


    if (
    mysql_num_row($find)==0)
     echo 
    "username not found";
    esle {
    while (
    $find_row mysql_fetch_assoc($find))
    {
    $password_hash $find_row['user_password'];
    }

    $check bb_check_hash($password$password_hash);
    if (
    $check==FALSE)
    echo 
    "incorrect password";
    else if (
    $check==TRUE) {
    $_SESSION['username']=$username;
    header("Location: main.php");
    exit();
    }
    }
    }
    ?>
    Thanks for any help!
    Last edited by stevenmw; 02-25-2012 at 08:55 AM.

  • #2
    New Coder
    Join Date
    Jan 2012
    Posts
    15
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Found a few errors.

    1. you mis-spelt ELSE
    2. in the $find variable you forgot to close your parentheses
    3. its "mysql_num_rows" not "mysql_num_row"

    Correct these errors and then tell us what error message your get.

    Quote Originally Posted by stevenmw View Post
    I was hoping someone could spot what I've done wrong?

    PHP Code:
    <?php

    ob_start
    ();

    session_start();

    $error 'could not connect to the database';
    mysql_connect('----''----''----');
    mysql_select_db('bb') or die($error);

    require 
    'includes/functions.php';

    if (
    $_POST['login']) {
      
     
    $username addslashes(strip_tags(strtolower($_POST['username'])));
     
    $password addslashes(strip_tags($_POST['password']));

    if (!
    username || !password)
    echo 
    "please enter a username";

    else {

    $find mysql_query("SELECT * FROM bb_users WHERE username_clean='$username'";


    if (
    mysql_num_row($find)==0)
     echo 
    "username not found";
    esle {
    while (
    $find_row mysql_fetch_assoc($find))
    {
    $password_hash $find_row['user_password'];
    }

    $check bb_check_hash($password$password_hash);
    if (
    $check==FALSE)
    echo 
    "incorrect password";
    else if (
    $check==TRUE) {
    $_SESSION['username']=$username;
    header("Location: main.php");
    exit();
    }
    }
    }
    ?>
    Thanks for any help!

  • #3
    Regular Coder stevenmw's Avatar
    Join Date
    Jun 2007
    Location
    OK
    Posts
    497
    Thanks
    27
    Thanked 31 Times in 31 Posts
    I made the changes suggested. Now the code looks like:

    PHP Code:
    <?php

    ob_start
    ();

    session_start();

    $error 'could not connect to the database';
    mysql_connect('---''---''---');
    mysql_select_db('bb') or die($error);

    require 
    'includes/functions.php';

    if (
    $_POST['login']) {
      
     
    $username addslashes(strip_tags(strtolower($_POST['username'])));
     
    $password addslashes(strip_tags($_POST['password']));

    if (!
    $username || !$password)
    echo 
    "please enter a username";

    else {

    $find mysql_query("SELECT * FROM bb_users WHERE username_clean='$username'");


    if (
    mysql_num_rows($find)==0)
     echo 
    "username not found";
    else {
    while (
    $find_row mysql_fetch_assoc($find))
    {
    $password_hash $find_row['user_password'];
    }

    $check bb_check_hash($password$password_hash);
    if (
    $check==FALSE)
    echo 
    "incorrect password";
    else if (
    $check==TRUE) {
    $_SESSION['username']=$username;
    header("Location: main.php");
    exit();
    }
    }
    }
    ?>
    I'm still getting an error. I know it is something simple. (and yes, it is connecting to the DB just fine)
    Last edited by stevenmw; 02-25-2012 at 05:16 AM.

  • #4
    Regular Coder stevenmw's Avatar
    Join Date
    Jun 2007
    Location
    OK
    Posts
    497
    Thanks
    27
    Thanked 31 Times in 31 Posts
    I got it semi-working. Now my header function isn't taking me to main.php when I submit the form. Any ideas?

    PHP Code:
        <?php
        
    //ob
        
    ob_start();
        
    //session
        
    session_start();
        
    //connect
        
    $error 'Could not connect to the database';
        
    mysql_connect('---','---','---');
        
    mysql_select_db('bb') or die($error);
        
        require 
    'forums/includes/functions.php';
        if (
    $_POST['login'])
        {
        
    //get from data
        
    $username addslashes(strip_tags(strtolower($_POST['username'])));
        
    $password addslashes(strip_tags($_POST['password']));
    if ((!
    $username) || (!password))
        echo 
    "Please enter a username and password<p />";
    else
    {
    //find username
    $find mysql_query("SELECT * FROM bb_users WHERE username_clean='$username'");
    if (
    mysql_num_rows($find)==0)
        echo 
    "Username not found<p />";
    else
    {
        while (
    $find_row mysql_fetch_assoc($find))
        {
         
    //grab password hash for user
         
    $password_hash $find_row['user_password'];
        }
        
        
    $check php_check_hash($password$password_hash);
        if (
    $check==FALSE)
            echo 
    "Incorrect password";
        else if (
    $check==TRUE)
        {
         
    $_SESSION['username']=$username;
         
    header("Location: main.php");
         exit();
        }
        
    }
    }
    }
    ?>
    Last edited by stevenmw; 02-25-2012 at 09:42 AM.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •