problems with my login

Collapse
X
Collapse
 
  • Page of 2
  • Time
  • Show
Clear All
new posts
Previous 1 2 template Next
  • twodelay
    New Member
    • Nov 2007
    • 12
    #16
    Ok below is the code you have seen before which is the login:

    [CODE=php]
    <?php

    if ($_SESSION["userid"]) {
    ?>
    <link href="../../css/styles.css" rel="stylesheet " type="text/css" />
    <link href="../../css/stylestext.css" rel="stylesheet " type="text/css" />
    <link href="../../css/rollovers.css" rel="stylesheet " type="text/css" />

    <div id="signup"><di v id="blogspacer" ></div>
    <p class="bodybold blue">Logged in</p>
    <?php echo $loginerror?>
    <p class="loginbod y">You are currently logged in as <strong>
    <?php echo $member["member_nam e"]?>
    </strong></p>
    <p><a class="loginbod y" href='<?php echo $_SERVER['PHP_SELF']?>?logout=true< ?php echo($_GET["id"]) ? "&id=".$_GE T["id"] : "";?>'>Clic k here to log out</a></p>
    </div>
    <div id="blogspacer" ></div>
    <?php
    }
    else {
    ?>

    <div id="signup"><di v id="blogspacer" ></div>
    <form action='
    <?php echo $_SERVER['PHP_SELF']?>
    <?php ($_GET["id"]) ? "?id=".$_GE T["id"] : "";?>' method='POST'/>
    <p class="bodybold blue">Blog Login</p>
    <p class="loginbod y">Username <br /><input name='un' type='text' class="loginbod y" size='20'/>
    </p><p class="loginbod y">Password <br /><input name='pw' type='password' class="loginbod y" size='20'/>
    </p><p><input type='submit' class="loginbod y" value='Login'/></p>
    </div>
    <div id="blogspacer" ></div>

    <?php
    }
    ?>
    [/CODE]

    then the next bit of code is...

    [CODE=php]
    <?php
    $filter[] = "blog_type = 1";
    if ($_SESSION["userid"]) {
    $filter[] = "blog_type = 2";
    $filter[] = "(blog_type = 3 && memberID = ".$_SESSION["userid"].")";
    } // end if ($_SESSION["userid"])
    $sql = "SELECT * FROM blogs WHERE ".implode(" OR ",$filter);
    $result = mysql_query($sq l);
    @ $rows = mysql_num_rows( $result);
    if ($rows > 0) {
    while($data = mysql_fetch_arr ay($result)) {
    $sql = "SELECT member_name FROM members WHERE memberID = ".$data["memberID"];
    $author_result = mysql_query($sq l);
    $author_name = mysql_fetch_arr ay($author_resu lt);
    if ($data["blog_type"] == 1) $type = "Public";
    elseif ($data["blog_type"] == 2) $type = "Personal";
    elseif ($data["blog_type"] == 3) $type = "Private";
    echo "<p><a href='view.php? id=".$data["blogID"]."'>".$data["blog_name"]."</a> by ".$author_n ame["member_nam e"]." (".$type.")</p>";
    } // end while($data = mysql_fetch_arr ay($result))
    } // end if ($rows > 0)
    else {
    ?>Sorry, but there are currently no blogs available for you to peruse.
    <p>Please try back again in a few days.</p>

    <?php
    } // end if ($rows > 0) else
    ?>

    </div>

    <div id="bloglogin" >
    <?php include_once($_ SERVER['DOCUMENT_ROOT']."/common/panel/account.php"); ?>
    </div>
    [/CODE]
    Last edited by Atli; Nov 13 '07, 05:12 PM. Reason: Changed [code] tags to [code=php].

      Comment

      • twodelay
        New Member
        • Nov 2007
        • 12
        #17
        Another question... how would i go about finding out whether my server is set up to run sessions?

          Comment

          • Atli
            Recognized Expert Expert
            • Nov 2006
            • 5062
            #18
            I still can't find any login code there.

            The first example you posted appears to show you a logout page if you are logged in, or print a login form if you are not. But there is no code to process the data sent by the login form.

            The second code seems to fetch blog entries from a MySQL database and display to the user. Again, there is no code here that will log a user in.

            Are you sure there is any such code?
            Could it be possible that you forgot to copy it from your old project?
            That would certainly explain why the functionality won't work.

            As to finding out if your server supports sessions.
            Try this code. If you server supports sessions, the sessionID should stay the same, and the message should never change. No matter how much you refresh the page.
            [code=php]
            <?php
            # Start session and print the session ID
            session_start() ;
            echo "Session ID: ". session_id() ."<br />";

            # Set a random message if it isn't already set.
            if(!isset($_SES SION['message'])) {
            $textArray = array("First", "Second", "Third");
            $_SESSION['message'] = $textArray[mt_rand(0, 2)];
            }

            # Print the message
            echo "Message: {$_SESSION['message']}<br />";
            ?>
            [/code]

              Comment

              • twodelay
                New Member
                • Nov 2007
                • 12
                #19
                Ok so now i have the code that communicates with the database to check login and password is correct etc.

                [CODE=php]
                <?

                session_start() ;
                function display_array($ array) {
                echo "<pre>";
                print_r($array) ;
                echo "</pre>";
                return true;
                } // function display_array($ array)
                function parseContent($c ontent) {
                $content = str_replace("<u l>","\n<ul>\n", $content);
                $content = str_replace("<l i>","\n<li>\n", $content);
                $content = str_replace("</li>","\n</li>\n",$content );
                $content = str_replace("</ul>","\n</ul>\n",$content );
                $lines = explode("\n",$c ontent);
                $add_paragraph_ tags = true;
                foreach($lines as $line) {
                $line = trim($line);
                if (!empty($line)) {
                if ($line == "<ul>") $add_paragraph_ tags = false;
                elseif ($line == "</li>") $add_paragraph_ tags = false;
                if ($add_paragraph _tags) $output .= "<p>".$line ."</p>\n";
                else $output .= $line."\n";
                if ($line == "</ul>") $add_paragraph_ tags = true;
                elseif ($line == "<li>") $add_paragraph_ tags = true;
                $lines_output[] = $line;
                } // end if (!empty(trim($l ine)))
                } // end foreach($lines as $line)
                return $output;
                } // end function parseContent($c ontent)
                $db = mysql_pconnect( "localhost","** *************", "************** ***");
                mysql_select_db ("************* *****");

                // If you are logging in do this
                if ($_POST["un"]) {
                $result = mysql_query("SE LECT * FROM members WHERE member_username = '".$_POST["un"]."' AND member_password = PASSWORD('".$_P OST["pw"]."')");
                @ $row = mysql_num_rows( $result);
                if ($row > 0) {
                $member = mysql_fetch_arr ay($result);
                mysql_query("UP DATE members SET member_lastlogi n = NOW() WHERE memberID = ".$member["memberID"]);
                $_SESSION["userid"] = $member["memberID"];
                } // end if ($row > 0)
                else $loginerror = "<p><strong>Cou ld not log you in. Username and password do not match!</strong></p>";
                } // end if ($_POST["un"])

                // This code logs you out
                if ($_GET["logout"]) {
                unset($_SESSION["userid"]);
                } // end if ($row > 0) else

                if (!empty($_SESSI ON["userid"])) {
                $result = mysql_query("SE LECT * FROM members WHERE memberID = '".$_SESSION["userid"]."'");
                @ $row = mysql_num_rows( $result);
                if ($row > 0) {
                $member = mysql_fetch_arr ay($result);
                } // end if ($row > 0)
                else {
                unset($_SESSION["userid"]);
                } // end if ($row > 0) else
                } // end if (!empty($_SESSI ON["userid"]))

                ?>
                [/CODE]
                Last edited by Atli; Nov 14 '07, 03:30 PM. Reason: Changed [code] tags to [code=php].

                  Comment

                  • Atli
                    Recognized Expert Expert
                    • Nov 2006
                    • 5062
                    #20
                    Ok, I see a few things there I'd like to mention.

                    First, and most likely to solve your problem, line 52. I assume that the SQL statement there is meant to find out if the user with the given user ID actually exists.
                    The problem is that you are enclosing the ID in quote tags, which it should not be. Numeric values should not be quoted.

                    Second. You use the mysql_pconnect function to connect MySQL. Is there any specific reason for this?
                    If not, you may be better of using the mysql_connect function.

                    Lastly. The way your code is built, it would be possible to both log in and log out at the same time. I would add a else clause to the if statement that checks if the POST data has been sent so this would not be possible.
                    It should never happen anyways so the only thing you are doing with this is bypass the last two if statements if you are login in.

                      Comment

                      Previous 1 2 template Next
                      Working...