Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 2 12 LastLast
Results 1 to 15 of 21

Thread: My Login Script

  1. #1
    New Coder
    Join Date
    Sep 2012
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts

    My Login Script

    It has been a while since I have done any coding and I am having a problem with my login script. It has worked in the past though so im unsure what to do. Here goes....

    This is where the information gets put in (its already connected to the database)

    PHP Code:
    <form method=post action=login.php>
    <tr><td width="67" with=10>User:</td><td width="145"><input type=text name=user></td>
                <td width="486" align=right with=100%>Current Game Time: <? $date date("h:i:s A T"); print "$date"?> </td>
              </tr>
    <tr><td with=10>Password:</td><td><input type=password name=pass></td>
                <td width="486" align=right with=100%>Game Version 2.5, Current Version
                </td>
              </tr>
    <tr><td colspan=2 align=center><input type=submit value=Login></td>
                <td width="486" align=right with=100%> </td>
              </tr>
    </form>


    And then this is where it gets linked too.

    PHP Code:
    <?php
    if (!$user || !$pass) {
        include(
    "head.php");
        print 
    "Please fill out all fields.";
        include(
    "foot.php");
        exit;
    }
    include(
    "head.php");
    $pass md5("$pass");
    $logres mysql_num_rows(mysql_query("select * from players where user='$user' and pass='$pass'"));
    if (
    $logres <= 0) {
        print 
    "Login failed. If you have not already, please signup. Otherwise, check your spelling and login again.";
        include(
    "foot.php");
        exit;
    } else {
        
    session_register("user");
        
    session_register("pass");
        print 
    "&nbsp;<br>Welcome back. Please click <a href=updates.php>here</a> to continue..";
    }
    include(
    "foot.php"); 
    ?>

    The following errors are shown

    Code:
    ( ! ) Notice: Undefined variable: user in C:\wamp\www\login.php on line 2
    Call Stack
    #	Time	Memory	Function	Location
    1	0.0010	680000	{main}( )	..\login.php:0
    
    ( ! ) Deprecated: Function session_is_registered() is deprecated in C:\wamp\www\head.php on line 3
    Call Stack
    #	Time	Memory	Function	Location
    1	0.0010	680000	{main}( )	..\login.php:0
    2	0.0017	688400	include( 'C:\wamp\www\head.php' )	..\login.php:3
    
    ( ! ) Deprecated: Function session_is_registered() is deprecated in C:\wamp\www\head.php on line 3
    Call Stack
    #	Time	Memory	Function	Location
    1	0.0010	680000	{main}( )	..\login.php:0
    2	0.0017	688400	include( 'C:\wamp\www\head.php' )	..\login.php:3

    And it also says "Please fill out all the fields". Any help would be greately appreciated!
    Last edited by Inigoesdr; 09-12-2012 at 04:11 AM.

  • #2
    Super Moderator Inigoesdr's Avatar
    Join Date
    Mar 2007
    Location
    Florida, USA
    Posts
    3,647
    Thanks
    2
    Thanked 406 Times in 398 Posts
    Looks like you used to have register_globals on and PHP <5.3. The errors tell you all you need to know. The $user and $pass variables need to be changed to $_POST['user'] and $_POST['pass']. The deprecated error is because session_is_registered has been deprecated and will be removed in upcoming PHP releases. You should be using:

    PHP Code:
    if(isset($_SESSION['user']))
    {
        
    // whatever
    }

    // instead of 

    if(session_is_registered('user'))
    {
        
    // whatever


  • #3
    New Coder
    Join Date
    Sep 2012
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Yeah if I remember rightly it was php 4. So making this change should fix it?

  • #4
    New Coder
    Join Date
    Sep 2012
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Hmmm well I have fixed the problems and gained another one ha ha.

    This is the login script and it seems to be working fine now


    PHP Code:
    <?php
    include("head.php");
    if (!
    $_POST['user'] || !$_POST['pass']) {
        include(
    "head.php");
        print 
    "Please fill out all fields.";
        include(
    "foot.php");
        exit;
    } else 

    $user $_POST['user'];
    $pass $_POST['pass'];
    $logres mysql_num_rows(mysql_query("select * from members where user='$user' and pass='$pass'"));
    if (
    $logres <= 0) {
        print 
    "Login failed. If you have not already, please signup. Otherwise, check your spelling and login again.";
        include(
    "foot.php");
        exit;
    } else {
     
    session_start();
    $stat mysql_fetch_array(mysql_query("select * from members where user='$user' and pass='$pass'"));
        print 
    "&nbsp;<br>Welcome back $stat[user] . Please click <a href=updates.php>here</a> to continue..";
    }
    include(
    "foot.php"); 
    ?>
    As you can see its linking to updates which is here


    PHP Code:
    <?php
    include"config.php";
    session_start();
    $stat mysql_fetch_array(mysql_query("select * from members where user='$user' and pass='$pass'"));
    print
    "Welcome $stat[user]";

    ?>
    But its then saying that user is an undefined variable which means im guessing the session isnt registering properly. Any ideas where I have gone wrong. I am aware it will be a simple fix but I am incredibly out of practice and I just cant get my head round it. Thank you once again
    Last edited by Inigoesdr; 09-14-2012 at 01:27 AM.

  • #5
    Regular Coder
    Join Date
    Sep 2002
    Posts
    462
    Thanks
    0
    Thanked 20 Times in 20 Posts
    if this is the exact code, you're missing an opening bracket after the first else.
    NO Limits!! DHCreationStation.com
    ------------------------------------------------------------
    For projects using MediaTypes (MIMETypes) visit E-BAM.net -(updated weekly)

    Broken items wanted for tinkerin'! PostItNow@BrokenEquipment.com
    Global Complaint Dept.

  • #6
    New Coder
    Join Date
    Sep 2012
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Ah yes well spotted. This does not make a difference though, the error lies with carrying on the session

  • #7
    New Coder
    Join Date
    Sep 2012
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I am still stuck with this if anyone is able to help

  • #8
    Super Moderator Inigoesdr's Avatar
    Join Date
    Mar 2007
    Location
    Florida, USA
    Posts
    3,647
    Thanks
    2
    Thanked 406 Times in 398 Posts
    Quote Originally Posted by Feerick11 View Post
    I am still stuck with this if anyone is able to help
    Did you replace it like I stated earlier? Post the session code that is giving you the error.

  • #9
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,476
    Thanks
    63
    Thanked 538 Times in 525 Posts
    Quote Originally Posted by Feerick11 View Post
    Hmmm well I have fixed the problems and gained another one ha ha.
    More than one actually..

    Quote Originally Posted by Feerick11 View Post
    PHP Code:
    <?php
    include("head.php"); //Html output started
    if (!$_POST['user'] || !$_POST['pass']) {
        include(
    "head.php"); //Duplicate of above

    //Skip a few lines

     
    session_start();
    session_start() causes php and the webserver to send a cookie. Cookies are sent in the headers before the html so they can only be sent ONCE. You cannot send a cookie after html output has been sent. Therefore you can not use session_start() down here after you've already used head.php and output your html header. Put session_start() at the top of your script instead.


    Quote Originally Posted by Feerick11 View Post
    PHP Code:
    <?php
    include"config.php"//Make sure there is no html or whitespace here
    session_start(); //Probably best at the top
    $stat mysql_fetch_array(mysql_query("select * from members where user='$user' and pass='$pass'"));
    print
    "Welcome $stat[user]";

    ?>
    Again as before, where is $user defined? - It isn't. Neither is $pass. This is because you don't have register globals turned on (PHP4 feature which was a very bad idea).

    To counteract this:
    PHP Code:
    <?php
    session_start
    ();
    include
    "config.php";

    $user mysql_real_escape_string($_POST['user']);
    $pass mysql_real_escape_string($_POST['pass']);

    $stat mysql_fetch_array(mysql_query("select * from members where user='$user' and pass='$pass'"));
    print
    "Welcome $stat[user]";
    ?>
    I can't really think of anything to write here now...

  • #10
    New Coder
    Join Date
    Sep 2012
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thank you I will try this when I get back. I didnt think starting the session at the top of the login page because at that point you are not actually logged in but I think I understand now.

  • #11
    New Coder
    Join Date
    Sep 2012
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    I dont understand why im having such a problem with this. Its still saying the variables on the updates file arent being recognised. So the session isnt being started on the login file. I dont understand why im having such a problem with this. Here are what the files are now




    This is login.php




    PHP Code:
    <?php
    include("head.php");
    if (!
    $_POST['user'] || !$_POST['pass']) {
        print 
    "Please fill out all fields.";
        include(
    "foot.php");
        exit;
    } else {

    $user mysql_real_escape_string($_POST['user']);
    $pass mysql_real_escape_string($_POST['pass']); 
    $logres mysql_num_rows(mysql_query("select * from members where user='$user' and pass='$pass'"));
    if (
    $logres <= 0) {
        print 
    "Login failed. If you have not already, please signup. Otherwise, check your spelling and login again.";
        include(
    "foot.php");
        exit;
    } else {
     
    session_start();
    $stat mysql_fetch_array(mysql_query("select * from members where user='$user' and pass='$pass'"));
        print 
    "&nbsp;<br>Welcome back $stat[user] . Please click <a href=updates.php>here</a> to continue..";
    }}
    include(
    "foot.php"); 
    ?>







    And this is updates.php


    PHP Code:
    <?php
    session_start
    ();
    include
    "config.php";
    $user mysql_real_escape_string($_POST['user']);
    $pass mysql_real_escape_string($_POST['pass']); 
    $stat mysql_fetch_array(mysql_query("select * from members where user='$user' and pass='$pass'"));
    print
    "Welcome $stat[user]";

    ?>

    The error im getting on updates.php is


    ( ! ) Notice: Undefined index: user in C:\wamp\www\updates.php on line 4
    Call Stack
    # Time Memory Function Location
    1 0.0009 674216 {main}( ) ..\updates.php:0

    ( ! ) Notice: Undefined index: pass in C:\wamp\www\updates.php on line 5
    Call Stack
    # Time Memory Function Location
    1 0.0009 674216 {main}( ) ..\updates.php:0



    How do I make the session register properly on login.php and continue over to updates.
    Last edited by Inigoesdr; 09-20-2012 at 11:51 AM.

  • #12
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,476
    Thanks
    63
    Thanked 538 Times in 525 Posts
    I've already told you how to deal with sessions using session_start().

    You either go back and read my advice again or you give up. Where did I tell you to put session_start() ? - The top of your scripts. Why didn't you do it in login.php? - Why have you left it down in an else clause after starting your html output with your header? - Did you think that I was just speaking unimportant gibberish or something?

    As for the undefined index messages, these two lines I gave you earlier:
    $user = mysql_real_escape_string($_POST['user']);
    $pass = mysql_real_escape_string($_POST['pass']);

    Change $_POST['user'] and $_POST['pass'] so that they match the names of the login fields in your html. That means if you have:
    <input type="text" name"username"> you change $_POST['user'] to $_POST['username'] and the same for the password field.
    Last edited by tangoforce; 09-16-2012 at 04:02 PM.
    I can't really think of anything to write here now...

  • #13
    New Coder
    Join Date
    Sep 2012
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Apologies I did make these changes in login.php I just copied the old version of the text to here. And my html is matching up with user and pass etc...

    That is why I dont understand the issues I am having. Just so I am not mistaken, sessions will work on a offline server wont they?

    If the html didnt match up the $stat variable wouldnt be working on login.php but it is. It just isnt carrying over to updates.php

    I am not using session_register() anywhere is this the reason?
    Last edited by Inigoesdr; 09-20-2012 at 11:50 AM.

  • #14
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,476
    Thanks
    63
    Thanked 538 Times in 525 Posts
    Quote Originally Posted by Feerick11 View Post
    That is why I dont understand the issues I am having. Just so I am not mistaken, sessions will work on a offline server wont they?
    That depends on what you mean exactly.

    By 'offline server' do you mean you have put your browser in offline mode OR do you mean you have a locally installed WAMP system?

    If you have a WAMP (Windows Apache, MySQL & PHP) system then yes sessions will work on your machine regardless of whether you are connected to the internet or not. If you have your browser in offline mode then no.

    As you're unwilling to show the actual correct version of login.php there is little else we can do to assist you. You've shown an unmodified version since my last attempt to help you and then said that you have another version and posted the old version. If you have the newer version why are you not showing it? Also in your login.php there appears to be no mysql login details (unless its in head.php but then what are you doing in updates.php?)

    As for the sessions, you appear to be thinking that you are trying to take the $user and $pass variables from the session. I've told you earlier that this previously worked because of register globals being turned on in PHP4 which is completely different to the use of sessions. register globals was turned off by default in php 5 so your variables will no longer work like that - thats why you must take them from the $_POST array and sanitize them using mysql_real_escape_string() at a minimum (or use any other protection you like).

    As for sessions, I've not see you use the $_SESSION array anywhere in your code so I am at a loss to explain why you claim sessions are not working
    I can't really think of anything to write here now...

  • #15
    New Coder
    Join Date
    Sep 2012
    Posts
    12
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Yeah sorry I am using wampserver.

    Here is my login.php


    PHP Code:
    <?php
     session_start
    ();
    include(
    "head.php");
    if (!
    $_POST['user'] || !$_POST['pass']) {
        print 
    "Please fill out all fields.";
        include(
    "foot.php");
        exit;
    } else {

    $user mysql_real_escape_string($_POST['user']);
    $pass mysql_real_escape_string($_POST['pass']); 
    $logres mysql_num_rows(mysql_query("select * from members where user='$user' and 

    pass='$pass'"
    ));
    if (
    $logres <= 0) {
        print 
    "Login failed. If you have not already, please signup. Otherwise, check your 

    spelling and login again."
    ;
        include(
    "foot.php");
        exit;
    } else {
    $stat mysql_fetch_array(mysql_query("select * from members where user='$user' and 

    pass='$pass'"
    ));
        print 
    "&nbsp;<br>Welcome back $stat[user] . Please click <a 

    href=updates.php>here</a> to continue.."
    ;
    }}
    include(
    "foot.php"); 
    ?>


    Th mysql connecion is within head.php and updates.php will basically be my first page within the website (once logged in). Once again, apologies for all the trouble. I just cant get my head around what im doing wrong here.
    Last edited by Inigoesdr; 09-20-2012 at 11:48 AM.


  •  
    Page 1 of 2 12 LastLast

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •