registrationform.php seems fine send data to registration.php
registration.php seems fine checks all data then send it to function.php
connection.php does its job and connects to database also calls function.php
function.php puts data into database and send confirmation email
link in email if pressed sends data to database
ok so far so good everything doing what i wanted it to do
loginform.php seems fine sends data to login.php
heres the code of login.php
Code: <?php
include 'Connect.php';
if(!isset($_POST[submit]))
{
include 'index.php';
exit;
}
else
{
if (empty($_POST['username']) || empty($_POST['password']))// Check if any of the fields are missing
{
$loginempty_error = 'One or more fields missing';
include 'index.php';
exit;
}
//CHECKS USERNAME
if(!preg_match("/^[a-zd]{5,12}$/i", $_POST[username]))
{
$userlogin_error = "Invalid username please check and type carefully!<br />";
include 'index.php';
exit;
}
//CHECKS PASSWORD
if(!preg_match("/^[a-zd]{5,12}$/i", $_POST[password]))
{
$passlogin_error = "Invalid password please check and type carefully!<br />";
include 'index.php';
exit;
}
// Try and login with the given username & pass
$result = user_login($_POST['username'], $_POST['password']);
if ($result != 'Correct')
{
// Reshow the form with the error
$login_error = $result;
include 'index.php';
}
else
{
// direct to homepage
include 'index.php';
exit;
}
}
?>
heres my function.php
Code: <?php
// Salt Generator
function user_login($username, $password)
{
// Try and get the salt from the database using the username
$query = "select salt from members where username='$username' limit 1";
$result = mysql_query($query);
$user = mysql_fetch_array($result);
// Using the salt, encrypt the given password to see if it
// matches the one in the database
$encrypted_pass = md5(md5($password).$user['salt']);
// Try and get the user using the username & encrypted pass
$query = "select id, username from members where username='$username' and password='$encrypted_pass'";
$result = mysql_query($query);
$user = mysql_fetch_array($result);
$numrows = mysql_num_rows($result);
// Now encrypt the data to be stored in the session
$encrypted_id = md5($user['id']);
$encrypted_name = md5($user['username']);
// Store the data in the session
$_SESSION['id'] = $id;
$_SESSION['username'] = $username;
$_SESSION['encrypted_id'] = $encrypted_id;
$_SESSION['encrypted_name'] = $encrypted_name;
if ($numrows == 1)
{
return 'Correct';
}
else
{
return false;
}
}
function user_logout()
{
// End the session and unset all vars
session_unset ();
session_destroy ();
}
function is_authed()
{
// Check if the encrypted username is the same
// as the unencrypted one, if it is, it hasn't been changed
if (isset($_SESSION['username']) && (md5($_SESSION['username']) == $_SESSION['encrypted_name']))
{
return true;
}
else
{
return false;
}
}
?>
when i type a username and password that i know is in database and is correct
it shows index.php with $login_error
why is this?
Why do I get this error?
Error:Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /home/runevid/public_html/Quests/finished_tutorial.php on line
md5 is it unique
I know this is most likely one of many simple questions that can be found semi easily. But I'm pressed for time. I have searched google, php.net, etc. But it only tells me how to make md5 hashes. Ok
Preventing SQL Injection
I have a question about SQL Injection, In some of our code we use this:
Users and Groups with PHP Classes
Hi,I have setup what I hope to be a good working User class. Now I want to introduce group membership and group permissions. Before doing so, I have a couple of questions.Firstly, because users and
Querying info from one table based on info in another
Hi, I am currently trying to make a part for my user driven website where one user can subscribe to another and whoever they have subscribed to is echoed back on there profile page. my users table
query help
Hi experts.
How to display objects in a row
I have 7 codes that i want to display in a row one next to another.The first is {$ads->ads_display('1')}, the second {$ads->ads_display('2')} and so on...They appear one under the other.
[RESOLVED] Socket/Port remains open after app crashes
I'm having this problem with a networked app in vb.net.If the program exits normally the port closes fine, however, if it crashes sometimes it remains open and I am unable to close it. The next time
Extracting Long text from message class with parameters
Hi,
PHP IMAGE UPLOAD SCRIPT
Hi for the last week i have been looking for scripts that will upload a photo to a certain folder which i can then change the name of it but however i create a thumbnail of 140 width and 130 height
