Heeeelp I screwed up my script and it is not working anymore:(

Hi all

My inlogscript does not work anymore:(  I really have no idea why not, have checked the code with phpexpert editor's syntax checker which says it is errorless so i will post them here in the hope that someone can correct my code

index.php
----------
<?php
session_save_path("save");
session_start();
if (isset($_COOKIE['logindata'])) {
 $logindata = explode("|",$_COOKIE['logindata']);
 $username = $logindata[0];
 $password = $logindata[1];
 $process = true;
}
elseif (isset($_POST['submit'])) {
 $username = $_POST['username'];
 $password = $_POST['password'];
 if (isset($_POST['remember_me'])){
 setcookie("logindata","$username|$password",time()+31536000,"/");
   }

 $process = true;
  }
else {
  $process = false;
}
print "<html><head>";
include "css.php";
print "</head>";
print "<body>\n";

if ($process == true) {
 require 'dbconnect.php';
 $query = "SELECT * FROM mytable WHERE username='$username' AND password='$password' LIMIT 8;";
 $logincookie = mysql_query($query) or die(mysql_error());

 if (mysql_num_rows($logincookie) == 0) {
  $process = false;
 }
 elseif (mysql_num_rows($logincookie) > 0) {
 include 'maintable.php';
 }
}
if ($process == false) {
include 'formtable.php';
?>
<?php
}
?>
</body>
</html>
----------

formtable.php
----------
<head>
<style>
body {scrollbar-base-color : #CFBEAF;
     scrollbar-arrow-color : Black;
     scrollbar-3dlight-color : #DED3C6;
     scrollbar-darkshadow-color : #999999;
     scrollbar-highlight-color : #DED3C6;
     scrollbar-shadow-color : #DED3C6;
     background-color : #DAD0C0;
     font-family : Verdana, Arial, Helvetica, sans-serif;
     font-size : xx-small;}
.button {
        border : 1 solid #000000;
        color : Black;
        font-family : Verdana, Arial, Helvetica, sans-serif;
        font-size : 10px;
        font-weight : bold;
        background-color : #BBA38E;
}
.editbox {
        border : 1 solid Black;
        color : Black;
        font-family : Verdana, Arial, Helvetica, sans-serif;
        font-size : 10px;
        background-color : #BDA28C;
}
     </style>
</head>
<br>
<br>
<center>
<table background="form.jpg" width="300px" height="75px" style="border:1px solid black">
<tr>
 <td width="300" height="10px" bgcolor="#CFBEAF" style="border:0px"><center></center>
 </td>
 </tr>
 <tr>
 <td width="300" height="65" background="form.jpg">
<form method="post" enctype="text/html" name="form1" action="index.php">
Vul hier je username in<br>
<input type="text" class="editbox" size="20" name="username"><br>
Vul hier je wachtwoord in<br>
<input type="password" class="editbox" size="20" name="password"><br>
Onthoud mij
<input type="checkbox" class="editbox" name="remember_me" value="off" unchecked>
<input type="submit" value="login" class="button" name="submit">
</form>
</td>
</tr>
</table>
</center>
------------

The cookie is set as it should be set, i have checked that. Currently there are 8 different logins in my database, and not one can be used to succesfully login anymore? Instead of seeing the maintable.php content i just stay on the same page with the content of formtable.php displayed, my input cleared and receive no errors at all?

Fdehell
LVL 1
fdehellAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Diablo84Connect With a Mentor Commented:
hmm i think i know what it could be, ive just reconsidered the code flow and spotted a potential problem cause.

If the form is submitted then the cookie is set regardless of whether the username and password are correct or not and then when its checked later if the details are incorrect then your going to get stuck in an error loop.

There are several ways you can combat this (in as much as there are several places where you can do the check to prevent this), i think the easiest place is probably

if (mysql_num_rows($logincookie) == 0) {
  $process = false;
  //HERE !!
 }

so in the place indicated add the following

if (isset($_COOKIE['logindata'])) setcookie("logindata", "", time() - 3600);
0
 
Diablo84Commented:
I can't see anything wrong on first look except some questionable items in the query

$query = "SELECT * FROM mytable WHERE username='$username' AND password='$password' LIMIT 8;";

1) when you run it live have you replaced "mytable" with the name of your table (unless it is actaully called mytable)

2) the limit should be 1, its a single login so you only want to return 1 row
0
 
ldbkuttyConnect With a Mentor Commented:
i dont see any errors too. probably you might have made typo's in username or password !!!
0
Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
Diablo84Commented:
Basically, after the query is run, if no rows are returned then if the cookie is set then it is deleted. This will prevent the problem i mentioned.

You could do the check before setting the cookie when the form data is handled but this means more queries so its probably best to go with the less demanding fix as shown above.

Im not sure if this is the issue here but i can't think of any thing else that could be causing it.
0
 
ldbkuttyCommented:
nice found diablo.
0
 
Diablo84Commented:
:)
0
 
fdehellAuthor Commented:
Well guess what, you both were right, i first gave in the wrong inlog [this sucks to admit!] so idbkutty was right, and every time after that i ofcourse did not log in anymore, since the cookie was set with the wrong values, that to me means a 250 points split!

Thanks for anticipating both of you

Fdehell
0
 
ldbkuttyCommented:
:-)
0
 
Diablo84Commented:
glad to help :)
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.