This is the problem, I can finally log in and log out of my site with no problem, but when I log out, and try to log back in, my website does not log you in at all, it acts like you never supplied a username and password. Here is my user auth script, modified to conceal the true names of varibles and their sources:
session_start();
if ($perform == 'logout') {
setcookie ("saveduser");
setcookie ("savedpass");
session_unregister("username");
session_unregister("password");
session_unregister("useremail");
session_unregister("userurl");
session_unregister("userrealname");
session_unset();
session_destroy();
unset($saveduser);
unset($savedpass);
unset($username);
unset($password);
}
else {
if (isset($saveduser)) $username=strtolower($saveduser);
if (isset($savedpass)) $password=$savedpass;
if ((!isset($username)) or ($username=="")) {
$userdo="login"; }
else {
$username=strtolower($username);
$userid= auth_user($username, $password);
session_register("username", "password");
if (!$userid) {
session_unregister("username");
session_unregister("password");
session_unset();
session_destroy();
unset($username);
unset($password);
unset($saveduser);
unset($savedpass);
setcookie ("saveduser");
setcookie ("savedpass");
error();
$userdo="error";
$loggedin='false';
}
else {
setcookie ("saveduser", $username, time()+time());
setcookie ("savedpass", $password, time()+time());
getinfo2($username);
$userdo="logged";
$loggedin='true';
}
}
}
function auth_user($username, $password) {
$getinfo=mysql_query("select username, password from users WHERE username =
'$username' AND password = password('$password') ");
if (!mysql_num_rows($getinfo)) return 0;
else {
$query_data=mysql_fetch_row($getinfo);
return $query_data[0];
}
}
function getinfo2($username){
global $username,$usersymbol, $loggedin, $useremail, $filter, $userurl,
$userrealname, $getinfo2;
$getinfo2=mysql_query("select * from users where username = '$username'");
if ($getinfo2) {
$type=mysql_result($getinfo2, 0, 'type');
$useremail=mysql_result($getinfo2, 0, 'email');
$userurl=mysql_result($getinfo2, 0, 'url');
$userrealname=mysql_result($getinfo2, 0, 'name');
$filter=mysql_result($getinfo2, 0, 'filter');
$getinfo44=mysql_query("select extra from types where title_id = '$type'");
$usersymbol=mysql_result($getinfo44, 0, 'extra');
session_register("useremail");
session_register("userurl");
session_register("userrealname");
session_register("filter");
session_register("usersymbol");
if you want, you can check out what happenes at www.cafe-house.com, you can sign up for free, try to log in incorrectly, and it will tell you you've suplied invalid entries, that's what it did before I added the else statement after if (perform=='logout')
