 Login Script |
|
|
|
|
  |
 Feb 8 2008, 10:23 PM
Post
#1
|
|
|
Advanced Member  Group: Members Posts: 131 Joined: 19-January 08 From: Zagreb/Croatia Member No.: 27,735  |
I have another question---
i downloaded script of a game and it worked until my server changed to newer version of php after which it didn't work... the most probable reason is that globals are not enabled... now i need someone who can tell me what to put instead of what to make it work... this is my login.php script CODE <?php $title = "Login"; if (!$user || !$pass) { include("head.php"); print "Please fill out all fields."; include("foot.php"); exit; } include("head.php"); $password = md5($pass); $password2 = md5($password); $password3 = md5($password2); $password4 = md5($password3); $password5 = md5($password4); $logres = mysql_num_rows(mysql_query("select * from players where user='$user' and pass='$password5'")); $stat = mysql_fetch_array(mysql_query("select * from players where user='$user' and pass='$password5'")); if ($logres <= 0) { print "<br><center>Login failed. If you have not already, please signup. Otherwise, check your spelling and login again.<br><br>"; include("foot.php"); exit; }else{ if ($stat['varified'] != 'Yes') { print "<br><center>You cannot loggin until you click the link in your e-mail!<br><br>"; include("foot.php"); exit; } else { $password = md5($pass); $password2 = md5($password); $password3 = md5($password2); $password4 = md5($password3); $pass = md5($password4); session_register("user"); session_register("pass"); if ($stat['logins'] == '0') { print "<br><center>Welcome $user, this is your first time logging in. Click <u><a href=help.php>here</a></u> to learn how to play<br><br>"; mysql_query("update players set logins=logins+1 where id=$stat[id]"); } else { print "<br><center>Welcome $user, click <u><a href=news.php>here</a></u> to play<br><br>"; mysql_query("update players set logins=logins+1 where id=$stat[id]"); } } } include("foot.php"); ?> this is where you enter your username/pass(head.php) CODE <?php include("config.php"); session_start(); include "java.php"; mysql_query("update guests set page='News' where id=$gstat[id]"); if (session_is_registered("user") || session_is_registered("pass")) { include("config.php"); ?> <body leftmargin=0 rightmargin=0 onload="window.status='<?php print "$site_com"; ?>'"> <?php print "<br><center><a href=news.php>Click Here To Log back in</a><br><br><a href=logout.php>Log Out</a></center>"; exit; } $ip = "$HTTP_SERVER_VARS[REMOTE_ADDR]"; $ctime = time(); $bannedip = mysql_fetch_array(mysql_query("select * from banned where ip='$ip'")); if ($bannedip['site'] == 'Yes') { die("You have been banned! Ask the admins if you don't know why."); } $remove_these = array("<", ">", "+","=" ,"-", "--"); ?> <html> <head> <title><?php print "$title - $site_com"; ?></title> <link rel=stylesheet href=style.css> </head> <body leftmargin=0 rightmargin=0 onload="window.status='<?php print "$site_com"; ?>'"> <center><img border="0" src="images/header.png"></center> <div align="center"> <center> <table border="0" width="780"> <tr> <td width="800" valign="top"> <div align="left"> <table border="0" width="100%"> <tr> <td width="198%" valign="top" colspan="3"> </td> <tr> <td width="20%" valign="top"> <table border="1" width="100%" bordercolor="<?php print "$table_border"; ?>"> <tr> <td width="20%"> <p align="center">-- <b> Login</b> --</p> </td> </tr> <tr> <td width="20%"> <div align="center"> <center> <table border="0" width="20"> <tr><form method=post action=login.php> <td align="center"><b>Name</b></td> </tr> <tr> <td align="center"><input type=text name=user size="12"></td> </tr> <tr> <td align="center"><b>Password</b></td> </tr> <tr> <td align="center"><input type=password name=pass size="12"></td> </tr> <tr> <td align="center"> <p align="center"><input type=submit value=Login></form></p> </td> </tr> </table> </center> </div> </td> </tr> </table> <table border="1" bordercolor="<?php print "$table_border"; ?>"> <tr> <td width="20%"> <p align="center">-- <b> Navigation</b> --</p> </td> </tr> <tr> <td width="20%"> - <a href=index.php>News</a><br> - <a href=register.php>Register</a><br><br> - <a href=recovery.php>Password Recovery</a><br> </td> </tr> </table> </td> <td width="60%" valign="top" align="center"> <table border="1" width="100%" bordercolor="<?php print "$table_border"; ?>"> <tr> <td width="100%"> <p align="center">-- <?php print "<b>$title</b>"; ?> -- </td></tr> <tr><td> and this is code which goes after login.php only part of it CODE <?php include("config.php"); session_start(); include "java.php"; include("inc/helpinc.php");
$formbug[0]= '+'; $formbug[1]= '='; ?> <div id="overDiv" style="position:absolute; visibility:hidden; z-index:1000;"></div> <script language="JavaScript" src="inc/overlib.js"><!-- overLIB (c) Erik Bosrup --></script> <?php if (!session_is_registered("user") || !session_is_registered("pass")) { print "Sesion has expired."; print "<META http-equiv=refresh content=2;URL=index.php>"; exit; |
 |
 
|
|
Feb 10 2008, 11:53 PM
Post
#2
|
|
|
Advanced Member Group: Members Posts: 131 Joined: 19-January 08 From: Zagreb/Croatia Member No.: 27,735 |
how do you write your login scripts guys?
|
|
|
|
|
Feb 11 2008, 07:02 PM
Post
#3
|
|
|
Kinda N00B Group: Members Posts: 220 Joined: 13-January 08 From: Sweden Member No.: 27,579 |
I've made a login-script tutorial in the tutorials section
 check it out. Very simple. it works for php 5. But it don't use 5 md5 hashs xD.. why so many  =?
|
|
|
|
|
Feb 12 2008, 04:03 AM
Post
#4
|
|
|
Super Member  Group: [HOSTED] Posts: 750 Joined: 8-April 06 From: Lima - Peru Member No.: 12,579 |
If globals are not enabled then you must use the superglobals arrays like $_POST, $_GET, $_SERVER or $_SESSION, so it is very simple to make your script works again, simply add the superglobals to every variable that comes from your login page. For example:
CODE <?php $title = "Login"; if (!$_POST["user"] || !$_POST["pass"]) { include "head.php"; print "Please fill out all fields."; include "foot.php"; exit; } ?> Here I use $_POST because it is the method that you use in your form, if you use GET then you will use $_GET instead. Now, register_globals is the directive that controls this functionality and it is Off by default and also it is recommended that you don't turn it On because it can lead to security problems. QUOTE ; You should do your best to write your scripts so that they do not require ; register_globals to be on; Using form variables as globals can easily lead ; to possible security problems, if the code is not very well thought of. Checking at your code i see that you use sessions, in this case, you must start your sessions before any other code in your scripts, like: CODE <?php session_start(); include "config.php"; include "java.php"; ?> Another thing here is that you don't need to use parenthesis with include, include_once, require or require_once because they are not necessary, still it is valid. Best regards, |
|
|
|
|
Feb 17 2008, 10:45 AM
Post
#5
|
|
|
Advanced Member Group: Members Posts: 131 Joined: 19-January 08 From: Zagreb/Croatia Member No.: 27,735 |
so...when someone enters username/pass in login.php...wht do i need to do next??
how do i send info to session_start to start the session with only that guys information?? EDIT: whats wrong with this.... CODE <? session_start(); if(!session_is_registered(myusername)){ header("location:main_login.php"); } else{ $host="localhost"; // Host name $username="eggie_asa"; // Mysql username $password="asa"; // Mysql password $db_name="eggie_asa"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); if(session_is_registered(myusername)) mysql_query("select * from char where user=="$myusername"); echo'$char['bike']'; ?> <html> <body> Login Successful </body> </html> } QUOTE Parse error: syntax error, unexpected T_VARIABLE in /home/eggie/public_html/login_success.php on line 18 how do i print out something that is in table 'char' under column 'bike'... where column user is "myusername" which is inputed in other page...not the one it should be printed out This post has been edited by Eggie: Feb 17 2008, 12:11 PM |
|
|
|
|
Feb 17 2008, 12:41 PM
Post
#6
|
|
|
Nenad Bozidarevic  Group: [MODERATOR] Posts: 1,002 Joined: 7-November 05 From: Belgrade, Serbia Member No.: 9,500 |
CODE <? session_start(); if(!session_is_registered(myusername)){ header("location:main_login.php"); } else{ $host="localhost"; // Host name $username="eggie_asa"; // Mysql username $password="asa"; // Mysql password $db_name="eggie_asa"; // Database name $tbl_name="members"; // Table name // Connect to server and select databse. mysql_connect($host, $username, $password)or die("cannot connect"); mysql_select_db($db_name)or die("cannot select DB"); $result = mysql_query("select * from `char` where `user` = '$myusername'"); $char = mysql_fetch_array($result); echo $char['bike']; ?> <html> <body> Login Successful </body> </html> } Try this. |
|
|
|
|
Feb 17 2008, 12:47 PM
Post
#7
|
|
|
Advanced Member Group: Members Posts: 131 Joined: 19-January 08 From: Zagreb/Croatia Member No.: 27,735 |
it doesn't work...it prints out only
QUOTE Login Successful and btw how do i print out that string and after " is your bike"... i changed it to CODE echo '$char['bike'] is your bike '; and CODE echo "$char['bike'] is your bike"; and that didn't work... This post has been edited by Eggie: Feb 17 2008, 12:48 PM |
|
|
|
|
Feb 17 2008, 12:49 PM
Post
#8
|
|
|
Nenad Bozidarevic Group: [MODERATOR] Posts: 1,002 Joined: 7-November 05 From: Belgrade, Serbia Member No.: 9,500 |
If the MySQL query is valid, and returns one row, this should work:
CODE echo $char['bike'] . ' is your bike';
|
|
|
|
|
Feb 17 2008, 01:22 PM
Post
#9
|
|
|
Advanced Member Group: Members Posts: 131 Joined: 19-January 08 From: Zagreb/Croatia Member No.: 27,735 |
i checked if there was ynthing in $myusername string...and there's nothing...
so...how do i take a information which is typed in form in my login page and use it in other pages on my website??' SOLVED...close it and mark as solved This post has been edited by Eggie: Feb 17 2008, 11:12 PM |
|
|
|
|
Similar Topics
|
Lo-Fi Version | Time is now: 8th September 2008 - 04:52 AM |