beeseven 0 Report post Posted March 17, 2005 I don't know what's going wrong here, but it's probably a typo: $iusername = $_POST['username']; $ipassword = stripslashes($_POST['password']); include "opendatabase.php"; opendatabase(); $userrow = mysql_query("SELECT * FROM `users` WHERE `username`='$iusername' LIMIT 1;"); $userarr = mysql_fetch_array($userrow); $ipassword = md5($ipassword); if($ipassword != $userarr[3]) { echo "<div class=\"err\">Error: Incorrect username/password combination.</div>"; exit("</BODY></HTML>"); } mysql_close();That's not all of it, but the rest is just to check if they hit login or were logged in successfully. Share this post Link to post Share on other sites
whyme 0 Report post Posted March 17, 2005 i think your include function should be like this include ("filename.php"); otherwise, i don't really see any error. Share this post Link to post Share on other sites
Hamtaro 0 Report post Posted March 17, 2005 No, the include function works that way as well. I use it like that all the time, and haven't gotten a single error. I don't see any errors in that code, either. It could possibly be a problem in the rest of the file, I'm not sure, though. Share this post Link to post Share on other sites
mobious 0 Report post Posted March 17, 2005 are you sure that the index you used for $userarr is correct? why don't you just fetch the row as an associative array. in that way you can access the index as the name of the column rather than as a number. Share this post Link to post Share on other sites
haron 0 Report post Posted March 17, 2005 Add "echo"s. $iusername = $_POST['username'];$ipassword = stripslashes($_POST['password']);include "opendatabase.php";opendatabase();$userrow = mysql_query("SELECT * FROM `users` WHERE `username`='$iusername' LIMIT 1;");$userarr = mysql_fetch_array($userrow);$ipassword = md5($ipassword);// -----------echo "$ipassword - $userarr[3]";// -----------if($ipassword != $userarr[3]){ echo "<div class=\"err\">Error: Incorrect username/password combination.</div>"; exit("</BODY></HTML>");}mysql_close(); I always use "echo"-s for debuging... Share this post Link to post Share on other sites
beeseven 0 Report post Posted March 18, 2005 Finally figured it out, it was a combination of things. First, when I originally had it as an associative array, I used the right column but forgot to have stripslashes. Then, I used a numeric array I forgot that it starts at 0 and used the actual column number instead of what it should've been in the array. Thanks for the echo idea, haron.Unfortunately, it still doesn't work. At the end, I have it to set the variable $loggedin to 1, then at the top I have it check if $loggedin is 1, and if it is to start the session. I don't think it's doing anything, though. I'd use cookies, but I don't know how to set it to die when the browser is closed, and cookies also have to be at the top. Share this post Link to post Share on other sites
Hamtaro 0 Report post Posted March 18, 2005 Well, I've never really gotten the hang of cookies, but to set it so that it will expire when the browser closes, you just don't add an expiration date to the cookie, then it'll close as soon as the browser is closed. Hey, at least you fixed some of the problems with it. Share this post Link to post Share on other sites
beeseven 0 Report post Posted March 18, 2005 I looked at what I had on my school's server, and realized that it works if you just put all the code at the top instead of making it jump around. Now I just have to make something that only members can see =P Share this post Link to post Share on other sites
mobious 0 Report post Posted March 18, 2005 I looked at what I had on my school's server, and realized that it works if you just put all the code at the top instead of making it jump around. Now I just have to make something that only members can see =P 61125[/snapback] now that you have something to show, how about handling your sessions? have you done it already? if you are not into cookies, for sure you will not have the "remember me" stuff. i suggest make a session class that will support those who still uses cookies so that you can remember them. as well as those who fear cookies. Share this post Link to post Share on other sites
Mike 0 Report post Posted March 21, 2005 Oh wait, does somebody need help with cookies? I'm good with cookies.. IF you want to make a login thing with cookies.. Put this at the top of your page before the <html> tag. <?phpif(isset($_POST['LOGINBUTTONAME'])) {if(mysql_num_rows(mysql_query("SELECT USERNAMESQLFIELD,PASSWORDSQLFIELD FROM USERSTABLENAME")) == 0) {echo '<b>Invalid password/username combination.</b>';} else {setcookie('username', $_POST['username'], time()+999999);setcookie('password', $_POST['password'], time()+999999);echo '<b>You have logged in as '.$_POST['username'].'. Return to the <a href="LINKTOINDEX">index</a>.</b>';}}?> That will work, but uh.. It uses cookies and stuff.To get rid of the cookies you'd make a file named login.php and put this at the top:<?phpsetcookie('username', null, time()+0);setcookie('password', null, time()+0);echo '<b>You have been logged out. Feel free to do whatever you want.</b>';?> Share this post Link to post Share on other sites
mobious 0 Report post Posted March 23, 2005 that's a really bad way to use cookies. i'd rather use PHP's session functions. relying fully on cookies is really not the right way to go. Share this post Link to post Share on other sites
FaLgoR 0 Report post Posted March 25, 2005 Beware with codes which uses sql strings! This code, for example, is very easy to use MySQL INJECTION. I suggest that you do it:stripslashes($iusername);stripslashes($ipassword);Do it to all your vars which have any contact with the mysql database. Share this post Link to post Share on other sites