unable to login, could it be the code?

rdoylelmt

I recently did a new install of phpWebsite 8.2 (www.phpwebsite.appstate.edu) which as a newbie I am pleased with except that visitors can not login (even though I have no problem with the admin login, except that after I login I also am greeted with a blank screen and have to hit back to access the homepage).

Here are the specs on my host server:
Operating system Linux

Kernel version: 2.4.9-34

Apache version 1.3.26 (Unix)

PERL version 5.006001

PHP version 4.2.2

MySQL version 3.23.45

When ever a user attempts to use the login - all they see is a blank screen and they are not registered in the database.

I am wondering if the way the user.php is written has a compatability problem with my host site? Could anyone help, please?

Sincerely,
Robb Doyle
www.buckheadbodyworks.com

( the code's indentions have changed in this post after I copied and pasted the first third of code which follows) user.php:

<?PHP

include("open_session.php");

if(!isset($mainfile)) { include("mainfile.php"); }

function nav() {
include("config.php");

    $res = mysql_query("select disable_themes from ".$table_prefix."flags");        list($disable_themes) = mysql_fetch_row($res);

$box_stuff = "[
<a href=\"user.php?op=edituser\">Edit Your Info</a> |
<a href=\"user.php?op=edithome\">Edit The Homepage</a> |";
if($result=mysql_query("SELECT * FROM ".$table_prefix."mod_comments_data"))
	$box_stuff .= "<a href=\"mod.php?mod=comments&op=user_menu\">Comment Options</a> | ";
if ($disable_themes){
$box_stuff .= "<a href=\"user.php?op=chgtheme\">Change the Theme</a> | ";
}
$box_stuff .= "<a href=\"user.php?op=logout\">Logout</a> | ";
$box_stuff .= "<a href=\"user.php?op=deleteaccount\">Delete Account</a> ]";
thememainbox("Navigation", $box_stuff);

}

function userCheck ($uname, $email) {

global $stop;
include("config.php");
if ((!$email) || ($email=="") || (!eregi("^([_0-9a-z]){1}([_\.0-9a-z-])+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,4}$",$email))) $stop = "ERROR: Invalid email<br />";
if (strrpos($email,' ') > 0) $stop = "ERROR: Email addresses do not contain spaces";
if ((!$uname) || ($uname=="") || (!eregi("^([_a-z0-9]){1}([a-z0-9_-])+$",$uname))) $stop = "ERROR: Invalid Nickname<br />";
if (strlen($uname) > 25) $stop = "Nickname is too long. It must be less than 25 characters";
if (eregi("^((root)|(adm)|(linux)|(webmaster)|(admin)|(god)|(administrator)|(administrateur)|(nobody)|(anonymous)|(anonyme)|(operator)|(opérateur))$",$uname)) $stop = "ERROR: Name is reserved<br />";
if (strrpos($uname,' ') > 0) $stop = "There cannot be any spaces in the Nickname.";
if ($user_dblocation)
{
	@mysql_select_db("$user_dbname") or die ("Unable to select database");
	if (mysql_num_rows(mysql_query("select uname from " . $table_prefix."users where strcmp(uname,'$uname')=0")) > 0) $stop = "ERROR: Nickname taken<br />";
	if (mysql_num_rows(mysql_query("select email from " . $table_prefix."users where email='$email'")) > 0) $stop = "ERROR: Email address already registered<br />";
	@mysql_select_db("$dbname") or die ("Unable to select database");
}
else
{
	if (mysql_num_rows(mysql_query("select uname from " . $table_prefix."users where strcmp(uname,'$uname')=0")) > 0) $stop = "ERROR: Nickname taken<br />";
	if (mysql_num_rows(mysql_query("select email from " . $table_prefix."users where email='$email'")) > 0) $stop = "ERROR: Email address already registered<br />";
}
return($stop);

}

function finishNewUser($uname, $email) {
global $stop, $makepass, $EditedMessage;
include("header.php");
include("config.php");
userCheck($uname, $email);
if (!isset($stop)) {
$makepass=makepass();
$cryptpass=md5($makepass);

	if ($user_dblocation)
	{
		@mysql_select_db("$user_dbname") or die ("Unable to select database");
		mysql_query("lock tables " . $table_prefix."users WRITE");
		$result = mysql_query("insert into " . $table_prefix."users values (NULL,'','$uname','$email','','','$cryptpass',10,'',0,0,0,'',0,'','','$commentlimit', '0', '1')");
		mysql_query("unlock tables");
		@mysql_select_db("$dbname") or die ("Unable to select database");
	}
	else
	{
		mysql_query("lock tables " . $table_prefix."users WRITE");
		$result = mysql_query("insert into " . $table_prefix."users values (NULL,'','$uname','$email','','','$cryptpass',10,'',0,0,0,'',0,'','','$commentlimit', '0', '1')");
		mysql_query("unlock tables");
	}
	if(!$result) {
		echo mysql_errno(). ": ".mysql_error(). "<br />";
	} else {
		$message = "Welcome to $sitename !\n\n Your account at ($sitename) has been created.
		Here is your member information: \n\n -Nickname:  $uname\n -Password:  $makepass\n\n $phpws_url\n\n(If you did not request this account, someone else entered your email address ($email), probably by mistake. Since they do not have the password, they cannot use the account, so no action is required on your part. Simply ignore this email.)\n";

		$subject="User Password for $uname";
		$from="$adminmail";

		$result = mysql_query("SELECT system FROM ". $table_prefix."flags");
		list($system) = mysql_fetch_row($result);

		if ($system) {
			echo "Your password is: <span class=\"boldtext\">$makepass</span><br />";
			echo "<a href=\"user.php?op=login&uname=$uname&pass=$makepass\">Please login</a> to change your info";
		} else {
			mail($email, $subject, $message, "From: $from\nX-Mailer: PHP/" . phpversion());

			thememainbox("User Registration Completed","You are now registered. You should receive your password at the email account you provided.");
		}
	}
} else {
	echo "$stop";
}
include("footer.php");

}

function userinfo($uname, $bypass=0) {
global $user, $cookie;
include("config.php");
if ($user_dblocation)
{
@mysql_select_db("$user_dbname") or die ("Unable to select database");
$result = mysql_query("select femail, url, bio from " . $table_prefix."users where strcmp(uname,'$uname')=0");

        //$res = mysql_query("select help_system from ".$table_prefix."flags");
        //list($help_system) = mysql_fetch_row($res);
	@mysql_select_db("$dbname") or die ("Unable to select database");
}
else
{
	$result = mysql_query("select femail, url, bio from " . $table_prefix."users where strcmp(uname,'$uname')=0");

        //$res = mysql_query("select help_system from ".$table_prefix."flags");
        //list($help_system) = mysql_fetch_row($res);
}
$userinfo = mysql_fetch_array($result);
if(!$bypass) cookiedecode($user);
include("header.php");
if($uname == $cookie[1]) {
	$box_title = "<span class=\"type4bigger\">" . htmlspecialchars($uname);
	$box_title .= ", Welcome to $sitename ! </span>";

//if($help_system)
//	$box_title .= help("user");
}else{
	$box_title = "<span class=\"type4bigger\">" . htmlspecialchars($uname) . "</span>";
	if($help_system)
		$box_title .= help("user");
	}
if((mysql_num_rows($result)==1) && ($userinfo[url] || $userinfo[femail] || $userinfo[bio])) {
	if ($userinfo[url]) {
		if (!strstr($userinfo[url], "http://"))
			$userinfo[url] = "http://".$userinfo[url];
		$box_stuff .= "My HomePage: <a href=\"$userinfo[url]\">$userinfo[url]</a><br />\n";
	}
	if ($userinfo[femail]) { $box_stuff .= "My E-Mail: <a

href=\"mailto:$userinfo[femail]\">$userinfo[femail]</a><br />\n"; }
if ($userinfo[bio]) { $box_stuff .= "Extra Info: $userinfo[bio]<br />\n"; }
} else {
$box_stuff .= "There is no available info for " . htmlspecialchars($uname);
}
$box_stuff .= "<br /><br />This web site uses <a href=\"cookies.php\">cookies</a>";
thememainbox($box_title, $box_stuff);
if($uname == $cookie[1]){ echo nav(); }

//bobt mod
$sv_user_name = $cookie[1];
include('./mod/userpage/authors.php');

//offer the create_page option if the user has permission

hand

php.ini: Set register_globals to "on"
and try again

rdoylelmt

In a htaccess file I set the register_globals to on.

I can now register as a user and receive a password by email.

However, after trying to login in with the user name and password, only a blank page appears and I am still not logged in.

I can't help but think that there is a problem with the code and newest version of PHP.

I'll try posting again under the code section, cause having a CMS and not being able for a user to login is frustrating to say the least.

Thanks,
Robb