Member #: 341 Rank: user - (14) Since: 06/12/07 Posts: 14
|
Okay, so I ran
through the
tut. I went
through and
made some
adjustments
and wound up
having a few
problems. So I
went back to
the base code
that was
provided. Got
rid of all of
the errors but
1.
I am using the
latest version
of WAMP as a
development
server to learn
PHP.
My error
Login Failure:
An error
occured, please
verify your
username and
password are
correct.
I have verified
that this is
NOT the case.
Is there
anything in
particular that
I need to make
.md5 encryption
to work ?
MyRegister.php<
BR>Code:
<?php
require_once('.
./www/db_connec
t.php');
//SEE IF
ALREADY LOGGED
IN
if($_SESSION['
logged_in'] ==
1)
{
//REDIRECT
TO HOMEPAGE
header('Locatio
n:
http://localhos
t/www/Mypage.ph
p');
} else {
if(isset($HTTP
_POST_VARS['sub
mit']))
{
//BEGIN
CHECKING
USERNAME...
if(!$_POST['use
rname'])
die('Alert:
username field
was
blank.');
//array of
invalid
characters
$junk =
array('.' , ','
, '//' , '\\' ,
'`' , ';' , '['
, ']' ,
'-',
'*', '&',
'^', '%', '$',
'#', '@', '!',
'~', '+', '(',
')',
'|', '{',
'}', '<',
'>', '?',
':', '"',
'=');
//starting
lenght of
username
$len =
strlen($_POST['
username']);
//replace
invalid
characters
$_POST['usernam
e'] =
str_replace($ju
nk, '',
$_POST['usernam
e']);
$test =
$_POST['usernam
e'];
//if lenghts
are different
($len smaller),
invalid
characters
found, so
prompt
error.
if(strlen($test
) != $len) {
die('Username
Error: Username
contained
invalid
characters. You
can only use
A-Z, 0-9 and
the
underscore
(_).');
}
//Check if
username
already
exists...
$q2 =
mysql_query(&qu
ot;SELECT *
FROM
`familymembers`
WHERE
`username` =
'".$_POST[
'username'].&qu
ot;'");
$q3 =
mysql_fetch_obj
ect($q2);
if($q3->user
name ==
$_POST['usernam
e']) {
die('<BR>
;<BR>Sorr
y, but the
username
"'.$q3->
;username.'&quo
t; is taken,
please choose
another.');
}
//PASSWORD
if(!$_POST['pas
sword']) {
die('Error:
Password field
was blank');
}
if(!$_POST['ver
ify_password'])
{
die('Error:
Verify Password
field was
blank.');
}
if($_POST['pass
word'] !=
$_POST['verify_
password']) {
die('Error:
The passwords
do not
match.');
}
if(strlen($_POS
T['password'])
< 6 ) {
die('Error:
Your password
is too short.
Must be 6 or
more characters
in
length.');
}
//ADD NEW
MEMBER
$insert
="INSERT
INTO
`familymembers`
(username,
password,
email) VALUES
('".$_POST
['username'].&q
uot;',
'".md5($_P
OST['password']
)."',
'".$_POST[
'email']."
')";
$insert2 =
mysql_query($in
sert);
if(!$insert2)
die(mysql_error
());
echo('Registrat
ion Successful,
Welcome new
member! You can
now login to
your new
account.');
} else {
?>
<table>
<form
name="sign
up"
action="&l
t;?php
$_SERVER['PHP_S
ELF'];
?>"
method="PO
ST">
<tr>
<td>Usern
ame: <BR>
(only A-Z, 0-9
and _
Allowed)<BR&
gt;</td><
br />
<td><i
nput
type="text
" id
="username
"
name="user
name"
value="&qu
ot;
maxlength="
;30">
<BR></
td>
</tr>
<tr>
<td>Passw
ord:</td>
<td><i
nput
type="pass
word"
id="passwo
rd"
name="pass
word"
value="&qu
ot;
maxlength="
;30">&l
t;BR>
(minimum 6
characters)<
/td>
</tr>
<tr>
<td>Verif
y
Pass:</td>
;
<td><i
nput
type="pass
word"
id="verify
_password"
name="veri
fy_password&quo
t;
value="&qu
ot;
maxlength="
;30">&l
t;BR>
</td>
</tr>
<tr>
<td>Email
:</td>
<td><i
nput
type="text
"
id="email&
quot;
name="emai
l"
value="&qu
ot;
size="30&q
uot;><br&
gt;</td><
br />
</tr>
<tr>
<td>Click
to Complete
Signup:</td&
gt;
<td><i
nput
type="subm
it"
id="submit
"
name="subm
it"
value="sub
mit">&l
t;/td>
</tr>
</form><
br />
</table>
<?php
} //end not
logged in
} //end submit
not pressed
?>
MyLogin.php
Code:
<?php
ob_start();
require_once('.
./www/db_connec
t.php');
if(isset($_SESS
ION['username']
) &&
isset($_SESSION
['password']))
{
//REDIRECT TO
USERS
PROFILE...
header("Lo
cation:
http://localhos
t/MyPage.php&qu
ot;);
} //end if
logged in
//IF SUBMIT
BUTTON
PRESSED
if(isset($_POST
['submit']))
{
if(!$_POST['use
rname'])
die("Error
: You must
enter your
username before
logging
in.");
if(!$_POST['pas
sword'])
die("Error
: You must
enter your
password before
logging
in.");
//set cookie
if checked
if(!empty($_POS
T['stay_in']))
{
$joined
=''.$_POST['use
rname'].'[]'.md
5($_POST['passw
ord']).'';
setcookie('logi
n_cookie',
$joined,
2147483647,
'/',
'.www.myfamily.
com');
} //end
if
//verify
user...
$get_user =
mysql_query(&qu
ot;SELECT *
FROM
`familymembers`
WHERE username
=
'".$_POST[
'username'].&qu
ot;' AND
password =
'".md5($_P
OST['password']
)."'"
);
$q =
mysql_fetch_obj
ect($get_user);
if(!$q)
die("Login
Failure: An
error occured,
please verify
your username
and password
are
correct.")
;
//set session
variables
$_SESSION['logg
ed_in'] = 1;
$_SESSION['user
name'] =
$_POST['usernam
e'];
$_SESSION['pass
word'] =
$_POST['passwor
d'];
session_write_c
lose();
header("Lo
cation:
http://localhos
t/MyPage.php&qu
ot;);
} else {
//show login
form
?>
<form
name="logi
n"
method="po
st"
action="&l
t;?php
$_SERVER['PHP_S
ELF'];
?>">
<table>
<tr>
<td>Usern
ame:<input
type="text
"
id="userna
me"
name="user
name">&
lt;/td>
</tr>
<tr>
<td>Passw
ord:<input
type="pass
word"
id="passwo
rd"
name="pass
word">&
lt;/td>
</tr>
<tr>
<td>Submi
t: <input
type="subm
it"
value="Sub
mit"
name="subm
it"
id="submit
"></
td>
</tr>
<tr>
<td>Remem
ber? <input
type="chec
kbox"
name="stay
_in[]"
checked="y
es"><
;/td>
</tr>
</table><
br />
</form>
<?php
}//end else
?>
I am a little
confused about
the header code
that is given
in the
tutorial. This
code is
supposed to go
at the top of
each page... or
at the top of
the pages that
I only want
people to be
able to
navigate to IF
they are logged
in...?
|