login problem in Netscape?? PLEASE HELP

hwij3

I'm doing my school project where I have login process. Everything works just fine when I was testing it in IE.
But when I tried it using Netscape I could not login.
My coding is something like this:

if (!($row_array = checkPassword($form[id],$form[password])))
$message.= "<li>Incorrect password try again<br>\n";

if ($message == "")  //No error was found
{
      cleanMemberSession ($row_array[id], $row_array[password]);
      header ("Location: page2.php?".SID);	
      exit;

}

The funny thing is after I tried to login in Netscape, I was sent to the page2 with a "Guest" status, even when I enter a wrong password.
The only way to enter page2 is by logging in correctly.
It means that it should pass the CheckPassword function and no error message should be found.

Everything works perfectly in IE including the validation stuff.
Can anyone help me with this stuff please?
Thank you in advance..

hwij3

and in function cleanMemberSession I have something like this:

session_start();
session_register("session");

function cleanMemberSession ($id, $pass)
{
global $session;
$session[id]=$id;
$session[password]=$pass;
$session[logged_in]=true;
}

levi_501_dehaan

please show your function check password.
also what errors are being returned 🙂 these things will help you/us track down errors.
to make your code easier to read (when you have alot of code). make sure you use delimiters, even if you dont need them. its a good idea. also, i'd put your array names in quotes
ie:

session_start();
session_register("session");

function cleanMemberSession ($id, $pass)
{
global $session;
$session['id']=$id;
$session['password']=$pass;
$session['logged_in]'=true;
}

if (!($row_array = checkPassword($form['id'],$form['password'])))
{
$message .= "<li>Incorrect password try again<br>\n";
}
if ($message == "") //No error was found
{
cleanMemberSession ($row_array['id'], $row_array['password']);
header ("Location: page2.php?".$SID); //<-- whats this?? .SID? i think you mean to send $SID as a variable? it has to have the $ in front of it.
exit;
}

This may or may not help 🙂
but i'd suggest posting your errors, it helps.

hwij3

thanks for the reply.
nothing much in checkPassword actually. I just compare the combination of userID and Password to the ID and password in database. I'm pretty sure that the problem is not with the checking password. But anyway this is the checkPassword function:

function checkPassword ($id,$password)
{
global $link;
$result = mysql_query("SELECT id,password FROM user
WHERE id='$id' and password='$password'",$link);
if(!$result)
die ("checkPass fatal error: ".mysql_error() );
if(mysql_num_rows($result))
return mysql_fetch_array ($result);

return false;
}

I'm sure that it's not the problem becuase actually I refer from the SAMS book which I learnt from.

A friend of mine told me something like cache problem but I'm not really sure about it. It just came out of normal chat so no idea whether it has anything to do with it.
Can someone help me with this??

bernouli

should be " == " not " = "

if (!($row_array == checkPassword($form[id],$form[password]))) 
$message.= "<li>Incorrect password try again<br>\n";

hwij3

uhm... I dont think so.
Because it is an assignment not comparison.
$row_array has nothing initially.
It is the same as:

$row_array = checkPassword($form[id], $form[password]);
if (! $row_array) // $row_array is empty
{
// THe rest are the same...
}

And keep in mind that I actually have finished my project and it works perfectly in IE.
But in Navigator everytime I tried to login I was sent to page2.php with Guest status.
The funny thing is when I tried a wrong password same thing happened. It goes to page2.php with Guest status.
strange huh?? 😕
I can go to page2.php only after satisfying the checkPassword function. In Internet Explorer if I fail the password checking I display an error message indicating that the password entered was not correct.

😕 😕 😕

levi_501_dehaan

Well this code works with Netscape.

Put this as the file your form submits to.

session_start(); 
include("includedb.php");//db info

$loginstr="$username"."$password";
$loginstrlen=strlen($loginstr);

if ($loginstrlen<2)
{
Header("Location: index.php", replace);
        $error = 1;
        session_register("error");
}
if (@$username && @$password) {
    $res = @mysql_query("SELECT username,password FROM users WHERE username='$username' AND password='$password'");
    if(@mysql_num_rows($res) != 0) 
		{
        Header("Location: pageone.php", replace);
        $verified_user = $username;
        $verified_userpw = $password;
        session_register("verified_user");
        session_register("verified_userpw");
        setcookie("time",$PHPSESSID,time()+600,"/College/Authentication/","cs5",0);
        }
else {
Header("Location: index1.php", replace);
        $error = 1;
        session_register("error");
	  }

}

Put this in a header file on all your pages.

session_start();

//db stuff
  $connection = mysql_connect("","","") or die ("Could not connect to the MySQL Server");
  $db = mysql_select_db($dbname, $connection) or die ("Unable to select database.");
  $connectdb1="users";

  $res = @mysql_query("SELECT username FROM $connectdb1 WHERE username='$verified_user' AND password='$verified_userpw'");

 if(@mysql_num_rows($res) == 0) {
 Header("Location: /index.php");

	$error = 2;
    session_register("error");
    }

put this in your login page, usually index.php.

          <?
//this message is if no username/password pair is entered
if ($error==1){
echo "<font color=\"#FF0000\" face=\"arial\" size=\"2\">";
echo "Invalid Login - Please try again";
echo "</font>";
echo "<br>";
session_destroy();
}
//this message is if the wrong username/password pair is entered
if ($error==2){
echo "<font color=\"#FF0000\" face=\"arial\" size=\"2\">";
echo "Unauthorized Access";
echo "</font>";
echo "<br>";
session_destroy();
}

//this message is if the cookie has expired
if ($error==3){
echo "<font color=\"#FF0000\" face=\"arial\" size=\"2\">";
echo "Session has expired - Please Login";
echo "</font>";
echo "<br>";
session_destroy();
}

//setting the form now for input
?>

This should work, check the code for errors, sometimes i forget something 🙂. but it should work fine
-=Levi=-
P.S. if you have time, could you check my code? Its a question on the forum. I just need someone to look at it and see if they can see something i've glossed over?