Jump to content
xisto Community
phpnoob

Php Simple Login Script Help

Recommended Posts

Hello All,

 

I am totally new to php and really to any code writing so please be gentle =-)

 

I am trying to write a simple login script to password protect a site we are working on, I have used the tutorial in this forum for creating a simple login and I continue to get errors.

 

So this is what I have written ...

<?php mysql_connect('h41mysql63.secureserver.net', 'monkeyJin', 'xxxxxxx') or die(mysql_error()); mysql_select_db('monkeyJin') or die(mysql_error()); if(isset($_COOKIE['ID_my_site'])){  $username = $_COOKIE['ID_my_site'];  $pass = $_COOKIE['Key_my_site']; $check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error()); while($info = mysql_fetch_array( $check ))  {  if ($pass != $info['password'])   {	}  else  {  header("Location: members.php");    } }}if (isset($_POST['submit'])) { if(!$_POST['username'] | !$_POST['pass']) {die('You did not fill in a required field.');}if(!get_magic_quotes_gpc()) {$_POST['email'] = addslashes($_POST['email']);}$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());$check2 = mysql_num_rows($check);if ($check2 == 0) { die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>'); }while($info = mysql_fetch_array( $check )){$_POST['pass'] = stripslashes($_POST['pass']);$info['password'] = stripslashes($info['password']);$_POST['pass'] = md5($_POST['pass']);}if ($_POST['pass'] != $info['password']) {die('Incorrect password, please try again.');}else { $_POST['username'] = stripslashes($_POST['username']); $hour = time() + 3600; setcookie(ID_my_site, $_POST['username'], $hour); setcookie(Key_my_site, $_POST['pass'], $hour); header("Location: members.php"); }  } else { ?>
And the error I get is -

Parse error: parse error, unexpected $ in /home/content/y/d/e/ydesygn/html/monkey-graphics/login.php on line 91

Any help would be so appreciated!!!! Thanks in advance!

Share this post


Link to post
Share on other sites

From the code you provided, there is no line 91. The only error i see is that the last code block, the else statement, is cut off. I'm not sure if that was done on purpose to hide other code, but, visually, that is the only thing i see that can cause very undesirable results.

Share this post


Link to post
Share on other sites

If I'm reading this code right, it looks like you are storing your member's usernames and passwords in plain text in their cookies. This could be a pretty big security risk for people logging into this website from a public location.

Share this post


Link to post
Share on other sites

The last line: else { you opened it and you need to close it with } thats way you get that error I guess? but if it's not the full code, on these kind situations it always shows the last line as error code. :(

Share this post


Link to post
Share on other sites

Thank you all for your responses! I can't believe I forgot to put the end bracket after the last else! Now... I can enter a username and password and submit, but no matter what, it is telling me that the password is incorrect! any suggestions for that?

Share this post


Link to post
Share on other sites

Print out the POST and COOKIE arrays to see the contents of each of them.

<pre><?phpprint_r($_POST);print_r($_COOKIE);?></pre>

Share this post


Link to post
Share on other sites

Thank you all for your responses! I can't believe I forgot to put the end bracket after the last else!

 

Now... I can enter a username and password and submit, but no matter what, it is telling me that the password is incorrect! any suggestions for that?

I would blame the while statement:
while($info = mysql_fetch_array( $check )){$_POST['pass'] = stripslashes($_POST['pass']);$info['password'] = stripslashes($info['password']);$_POST['pass'] = md5($_POST['pass']);}
While statements loop until the expression evaluates to FALSE. In this case, the fact that you got the message following the while statement means that the while statement's expression evaluated to false. Therefore, since PHP doesn't care if there is no such index (key) in the array (hence no error), $info is bound to contain the boolean FALSE rather than the expected array. You can verify this by using var_dump() on the variable $info. Change the while statement into an if statement and try again.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.