Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Heeeelp I screwed up my script and it is not working anymore:(

Posted on 2004-09-11
9
Medium Priority
?
187 Views
Last Modified: 2006-11-17
Hi all

My inlogscript does not work anymore:(  I really have no idea why not, have checked the code with phpexpert editor's syntax checker which says it is errorless so i will post them here in the hope that someone can correct my code

index.php
----------
<?php
session_save_path("save");
session_start();
if (isset($_COOKIE['logindata'])) {
 $logindata = explode("|",$_COOKIE['logindata']);
 $username = $logindata[0];
 $password = $logindata[1];
 $process = true;
}
elseif (isset($_POST['submit'])) {
 $username = $_POST['username'];
 $password = $_POST['password'];
 if (isset($_POST['remember_me'])){
 setcookie("logindata","$username|$password",time()+31536000,"/");
   }

 $process = true;
  }
else {
  $process = false;
}
print "<html><head>";
include "css.php";
print "</head>";
print "<body>\n";

if ($process == true) {
 require 'dbconnect.php';
 $query = "SELECT * FROM mytable WHERE username='$username' AND password='$password' LIMIT 8;";
 $logincookie = mysql_query($query) or die(mysql_error());

 if (mysql_num_rows($logincookie) == 0) {
  $process = false;
 }
 elseif (mysql_num_rows($logincookie) > 0) {
 include 'maintable.php';
 }
}
if ($process == false) {
include 'formtable.php';
?>
<?php
}
?>
</body>
</html>
----------

formtable.php
----------
<head>
<style>
body {scrollbar-base-color : #CFBEAF;
     scrollbar-arrow-color : Black;
     scrollbar-3dlight-color : #DED3C6;
     scrollbar-darkshadow-color : #999999;
     scrollbar-highlight-color : #DED3C6;
     scrollbar-shadow-color : #DED3C6;
     background-color : #DAD0C0;
     font-family : Verdana, Arial, Helvetica, sans-serif;
     font-size : xx-small;}
.button {
        border : 1 solid #000000;
        color : Black;
        font-family : Verdana, Arial, Helvetica, sans-serif;
        font-size : 10px;
        font-weight : bold;
        background-color : #BBA38E;
}
.editbox {
        border : 1 solid Black;
        color : Black;
        font-family : Verdana, Arial, Helvetica, sans-serif;
        font-size : 10px;
        background-color : #BDA28C;
}
     </style>
</head>
<br>
<br>
<center>
<table background="form.jpg" width="300px" height="75px" style="border:1px solid black">
<tr>
 <td width="300" height="10px" bgcolor="#CFBEAF" style="border:0px"><center></center>
 </td>
 </tr>
 <tr>
 <td width="300" height="65" background="form.jpg">
<form method="post" enctype="text/html" name="form1" action="index.php">
Vul hier je username in<br>
<input type="text" class="editbox" size="20" name="username"><br>
Vul hier je wachtwoord in<br>
<input type="password" class="editbox" size="20" name="password"><br>
Onthoud mij
<input type="checkbox" class="editbox" name="remember_me" value="off" unchecked>
<input type="submit" value="login" class="button" name="submit">
</form>
</td>
</tr>
</table>
</center>
------------

The cookie is set as it should be set, i have checked that. Currently there are 8 different logins in my database, and not one can be used to succesfully login anymore? Instead of seeing the maintable.php content i just stay on the same page with the content of formtable.php displayed, my input cleared and receive no errors at all?

Fdehell
0
Comment
Question by:fdehell
  • 5
  • 3
9 Comments
 
LVL 27

Expert Comment

by:Diablo84
ID: 12034530
I can't see anything wrong on first look except some questionable items in the query

$query = "SELECT * FROM mytable WHERE username='$username' AND password='$password' LIMIT 8;";

1) when you run it live have you replaced "mytable" with the name of your table (unless it is actaully called mytable)

2) the limit should be 1, its a single login so you only want to return 1 row
0
 
LVL 32

Assisted Solution

by:ldbkutty
ldbkutty earned 1000 total points
ID: 12034729
i dont see any errors too. probably you might have made typo's in username or password !!!
0
 
LVL 27

Accepted Solution

by:
Diablo84 earned 1000 total points
ID: 12034750
hmm i think i know what it could be, ive just reconsidered the code flow and spotted a potential problem cause.

If the form is submitted then the cookie is set regardless of whether the username and password are correct or not and then when its checked later if the details are incorrect then your going to get stuck in an error loop.

There are several ways you can combat this (in as much as there are several places where you can do the check to prevent this), i think the easiest place is probably

if (mysql_num_rows($logincookie) == 0) {
  $process = false;
  //HERE !!
 }

so in the place indicated add the following

if (isset($_COOKIE['logindata'])) setcookie("logindata", "", time() - 3600);
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 27

Expert Comment

by:Diablo84
ID: 12034757
Basically, after the query is run, if no rows are returned then if the cookie is set then it is deleted. This will prevent the problem i mentioned.

You could do the check before setting the cookie when the form data is handled but this means more queries so its probably best to go with the less demanding fix as shown above.

Im not sure if this is the issue here but i can't think of any thing else that could be causing it.
0
 
LVL 32

Expert Comment

by:ldbkutty
ID: 12034759
nice found diablo.
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12034764
:)
0
 
LVL 1

Author Comment

by:fdehell
ID: 12039368
Well guess what, you both were right, i first gave in the wrong inlog [this sucks to admit!] so idbkutty was right, and every time after that i ofcourse did not log in anymore, since the cookie was set with the wrong values, that to me means a 250 points split!

Thanks for anticipating both of you

Fdehell
0
 
LVL 32

Expert Comment

by:ldbkutty
ID: 12039378
:-)
0
 
LVL 27

Expert Comment

by:Diablo84
ID: 12039384
glad to help :)
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit (http://en.wikipedia.org/wiki/PHPUnit) and similar technologies have enjoyed wide adoption, making it possib…
Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Suggested Courses

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question