login form can you find my error?


Posted on 16th Feb 2014 07:03 pm by admin

registrationform.php seems fine send data to registration.php
registration.php seems fine checks all data then send it to function.php
connection.php does its job and connects to database also calls function.php
function.php puts data into database and send confirmation email
Did you know?Explore Trending and Topic pages for more stories like this.
link in email if pressed sends data to database

ok so far so good everything doing what i wanted it to do

loginform.php seems fine sends data to login.php

heres the code of login.php
Code: <?php
include 'Connect.php';

if(!isset($_POST[submit]))
{
include 'index.php';
exit;
}
else
{
if (empty($_POST['username']) || empty($_POST['password']))// Check if any of the fields are missing
{
$loginempty_error = 'One or more fields missing';
include 'index.php';
exit;
}
//CHECKS USERNAME
if(!preg_match("/^[a-zd]{5,12}$/i", $_POST[username]))
{
$userlogin_error = "Invalid username please check and type carefully!<br />";
include 'index.php';
exit;
}
//CHECKS PASSWORD
if(!preg_match("/^[a-zd]{5,12}$/i", $_POST[password]))
{
$passlogin_error = "Invalid password please check and type carefully!<br />";
include 'index.php';
exit;
}

// Try and login with the given username & pass
$result = user_login($_POST['username'], $_POST['password']);

if ($result != 'Correct')
{
// Reshow the form with the error
$login_error = $result;
include 'index.php';
}
else
{
// direct to homepage
include 'index.php';
exit;
}
}

?>

heres my function.php
Code: <?php
// Salt Generator
function user_login($username, $password)
{
// Try and get the salt from the database using the username
$query = "select salt from members where username='$username' limit 1";
$result = mysql_query($query);
$user = mysql_fetch_array($result);

// Using the salt, encrypt the given password to see if it
// matches the one in the database
$encrypted_pass = md5(md5($password).$user['salt']);

// Try and get the user using the username & encrypted pass
$query = "select id, username from members where username='$username' and password='$encrypted_pass'";
$result = mysql_query($query);
$user = mysql_fetch_array($result);
$numrows = mysql_num_rows($result);

// Now encrypt the data to be stored in the session
$encrypted_id = md5($user['id']);
$encrypted_name = md5($user['username']);

// Store the data in the session
$_SESSION['id'] = $id;
$_SESSION['username'] = $username;
$_SESSION['encrypted_id'] = $encrypted_id;
$_SESSION['encrypted_name'] = $encrypted_name;

if ($numrows == 1)
{
return 'Correct';
}
else
{
return false;
}
}

function user_logout()
{
// End the session and unset all vars
session_unset ();
session_destroy ();
}

function is_authed()
{
// Check if the encrypted username is the same
// as the unencrypted one, if it is, it hasn't been changed
if (isset($_SESSION['username']) && (md5($_SESSION['username']) == $_SESSION['encrypted_name']))
{
return true;
}
else
{
return false;
}
}

?>

when i type a username and password that i know is in database and is correct
it shows index.php with $login_error
why is this?
No comments posted yet

Your Answer:

Login to answer
333 Like 9 Dislike
Previous forums Next forums
Other forums

php wont update my db
hello,

sorry for posting in mysql forum but i dont know where exactly is the problem but here

retrieving more than one max key from an array?
so i have an array of 20 numerical values (0-100) that i need to order from highest to lowest and th

PHP onsubmit in the form not going to the fuction.
I have a form through ‘onsubmit’ calling a function validation(). But not going to the

MS are the best!!!
Visit http://www.microsoft.com/australia/windows/default.aspx?h=watch-a-demo and click the massive '

TemplatePower & AJAX
Hi all,



I'm currently implementing some AJAX features in my PHP-framework (which is b

HOW to get the bind variables list.
I've the following problem : I've some SQL queries stored in my DB as VARCHAR2 values.
I need t

Help! refer to a friend script with captcha code
Hi guys, I am posting on here in desperate need for some help with an ongoing search I have been doi

Need help: how to catch acess of undefined class properties
Hello. I am learning OO with PHP and have hit a problem.
Some code runs as perfectly valid code,

PHP and XML image gallery variable issue
I'm trying to display the large image on the same page as the thumbnails, to do that I'm passing a v

serializing objects - loses methods - the point being?
Hi

I know that serializing an object will lose the methods. But whats the point in that? What

Sign up to write
Sign up now if you have flare of writing..
Login   |   Register
Follow Us
Indyaspeak @ Facebook Indyaspeak @ Twitter Indyaspeak @ Pinterest RSS



Play Free Quiz and Win Cash