PHP login form help (Done Most of It)
Posted on
16th Feb 2014 07:03 pm by
admin
Hi i am having a problem, when i try logging in it is always saying "Invalid Login" im not sure what is going wrong, a week ago i had it working. I cant remember the change i did but i know its in one of theese files (dont worry about the styling, i know theres one div i havent closed lol :
Login.php
Code: <?php
Did you know?Explore Trending and Topic pages for more stories like this.
include 'dbc.php';
$user_email = mysql_real_escape_string($_POST['email']);
$full_name = mysql_real_escape_string($_POST['full_name']);
$money = mysql_real_escape_string($_POST['money']);
$id = mysql_real_escape_string($_POST['id']);
$level = mysql_real_escape_string($_POST['level']);
$crystals = mysql_real_escape_string($_POST['crystals']);
$userdp = mysql_real_escape_string($_POST['userdp']);
$health = mysql_real_escape_string($_POST['health']);
$exp = mysql_real_escape_string($_POST['exp']);
$rep = mysql_real_escape_string($_POST['rep']);
$class = mysql_real_escape_string($_POST['class']);
$bonus = mysql_real_escape_string($_POST['bonus']);
$tutorial = mysql_real_escape_string($_POST['tutorial']);
$mana = mysql_real_escape_string($_POST['mana']);
if ($_POST['Submit']=='Login')
{
$md5pass = md5($_POST['pwd']);
$sql = "SELECT id,user_email,full_name,money,level,crystals,userdp,health,exp,rep,class,bonus,tutorial,mana FROM users WHERE
user_email = '$user_email' AND
user_pwd = '$md5pass' AND user_activated='1'";
$result = mysql_query($sql) or die (mysql_error());
$num = mysql_num_rows($result);
if ( $num != 0 ) {
session_start();
list($id,$full_name,$user_email,$money,$level,$crystals,$userdp,$health,$exp,$rep,$class,$bonus,$tutorial,$mana) = mysql_fetch_row($result);
// session variables
$_SESSION['user']= $user_email;
$_SESSION['full_name']= $full_name;
$_SESSION['money']= $money;
$_SESSION['id']= $id;
$_SESSION['level']= $level;
$_SESSION['crystals']= $crystals;
$_SESSION['userdp']= $userdp;
$_SESSION['health']= $health;
$_SESSION['exp']= $exp;
$_SESSION['rep']= $rep;
$_SESSION['class']= $class;
$_SESSION['bonus']= $bonus;
$_SESSION['tutorial']= $tutorial;
$_SESSION['mana']= $mana;*/
if (isset($_GET['ret']) && !empty($_GET['ret']))
{
header("Location: $_GET[ret]");
} else
{
header("Location: index.php");
}
exit();
}
header("Location: login.php?msg=Invalid Login");
exit();
}
?>
<link href="styles.css" rel="stylesheet" type="text/css">
<?php if (isset($_GET['msg'])) { echo "<div class="msg"> $_GET[msg] </div>"; } ?>
<p> </p><table width="40%" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td bgcolor="#000066" class="mnuheader" >
<div align="center"><font size="5"><strong>Login
Members</strong></font></div></td>
</tr>
<tr>
<td bgcolor="#000099" class="mnubody"><form name="form1" method="post" action="">
<p> </p>
<p align="center">Your Email
<input name="email" type="text" id="email">
</p>
<p align="center"> Password:
<input name="pwd" type="password" id="pwd">
</p>
<p align="center">
<input type="submit" name="Submit" value="Login">
</p>
<p align="center"><a href="register.php">Register</a> | <a href="forgot.php">Forgot</a></p>
</form></td>
</tr>
</table>
Register.php
Code: <?php
session_start();
include ('dbc.php');
if ($_POST['Submit'] == 'Register')
{
if (strlen($_POST['email']) < 5)
{
die ("Incorrect email. Please enter valid email address..");
}
if (strcmp($_POST['pass1'],$_POST['pass2']) || empty($_POST['pass1']) )
{
//die ("Password does not match");
die("ERROR: Password does not match or empty..");
}
if (strcmp(md5($_POST['user_code']),$_SESSION['ckey']))
{
die("Invalid code entered. Please enter the correct code as shown in the Image");
}
$rs_duplicates = mysql_query("select id from users where user_email='$_POST[email]'");
$duplicates = mysql_num_rows($rs_duplicates);
if ($duplicates > 0)
{
//die ("ERROR: User account already exists.");
header("Location: register.php?msg=ERROR: User account already exists..");
exit();
}
$md5pass = md5($_POST['pass2']);
$activ_code = rand(1000,9999);
$server = $_SERVER['HTTP_HOST'];
$host = ereg_replace('www.','',$server);
mysql_query("INSERT INTO users
(`user_email`,`user_pwd`,`sex`,`joined`,`activation_code`,`char_name`,`log_name`)
VALUES
('$_POST[email]','$md5pass','$_POST[sex]',now(),'$activ_code','$_POST[char_name]','$_POST[log_name]')") or die(mysql_error());
$message =
"Thank you for registering an account with $server. Here are the login details...nn
User Email: $_POST[email] n
Password: $_POST[pass2] n
Activation Code: $activ_code n
____________________________________________
*** ACTIVATION LINK ***** n
Activation Link: http://$server/myown/activate.php?usr=$_POST[email]&code=$activ_code nn
_____________________________________________
Thank you. This is an automated response. PLEASE DO NOT REPLY.
";
mail($_POST['email'] , "Login Activation", $message,
"From: "Auto-Response" <notifications@$host>rn" .
"X-Mailer: PHP/" . phpversion());
unset($_SESSION['ckey']);
echo("Registration Successful! An activation code has been sent to your email address with an activation link...");
exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-US" xml:lang="en-US" xmlns="http://www.w3.org/1999/xhtml">
<link rel="stylesheet" type="text/css" href="main.css">
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon" />
<style type="text/css"></style>
<title>The Website</title>
<center>
<html>
<center>
<head>
<div style="border: 1px white solid;">
<div id="photolayer" style="z-index: 1; left: 5px; top: 1000px; width: 100%; height: 138px; background-color:#000; visibility: visible" div align = "center">
<img src="header.jpg" alt="Title" border="5px" style="padding-top: 4px">
</div>
</div>
</head>
</center>
<body>
<p></p>
</body>
<body>
<p></p>
</body>
<center>
<div id="box">
<?php if (isset($_GET['msg'])) { echo "<div class="msg"> $_GET[msg] </div>"; } ?>
<div id="center1">
<h1>Registration</h1><img src="images/page1.png">
<form name="form1" method="post" action="tutorial.php">
<table border="0" width="500px";>
<tr>
<th><p>Please choose your <font color="red">characters</font> name:</th><td>
<input name="char_name" type="text" id="char_name"></p></td>
</tr>
<tr>
<th><p>Please choose your <font color="red">login</font> name:</th><td>
<input name="log_name" type="text" id="log_name"></p></td>
</tr>
<tr>
<th><p>Please choose your <font color="red">password</font>:</th><td>
<input name="pass1" type="password" id="pass1"></p></td>
</tr>
<tr>
<th><p>Please <font color="red">re-enter</font> your <font color="red">password</font>:</th><td>
<input name="pass2" type="password" id="pass2"></p></td>
</tr>
<tr>
<th><p>Please enter your <font color="red">email address</font>:</th><td>
<input name="email" type="text" id="email"></p></td>
</tr>
<tr>
<th>
<img src="pngimg.php" align="middle"></th><td>
<input name="user_code" type="text" size="10"></td>
</tr>
</table>
<input type="submit" name="Submit" value="Register">
</form>
</div>
</div>
</center>
<body>
<p></p>
</body>
<div id="box">
<div id="footer">
</div>
</div>
</div>
</div>
</style>
</center>
</html>
I dont think its this one as the connection is ok, but here it is anyway
Code: <?php
$dbname = 'stonersg_myown';
$link = mysql_connect('localhost','stonersg_myown','davemira1') or die("Couldn't make connection.");
$db = mysql_select_db($dbname, $link) or die("Couldn't select database");
?>
I thank you in advance for your help
