Won't login...

Sharif

The Problem:

User cannot login at all, even with the right user/pass.

The PHP:

<?php
session_start();
header("Cache-control: private"); 
include('required/config.php');
include('required/language.php');
include('required/functions.php');

//Build required variables
$username = $_POST['username'];
$password = $_POST['password'];
$MD5 = md5($password);

//Check and see if a session exists
if($_COOKIE['loggedin'] == 'yes' && isset($_COOKIE['userid']))
{
	//Attempt to login user
	$sql = "SELECT * FROM users WHERE userid = '" . $_COOKIE['userid'] . "'";
	$query = mysql_query($sql) or die(sql_error());
	$row = mysql_fetch_array($query);

//If database finds a match
if (mysql_num_rows($query) == 1)
{
	//If user hasn't been activated, turn 'em away!
	if($row['status'] == 1)
	{
		echo $login['not_activated'];
		exit();
	}

	//If they have been activated, welcome them with open webpages!
	else
	{
		//Create session variables and set cookies
		setcookie("loggedin", "yes", time()+604800, '', $cookie_domain);
		setcookie("userid", $_COOKIE['userid'], time()+604800, '', $cookie_domain);
		$_SESSION['type'] = $row['type'];
		$_SESSION['first_name'] = $row['first_name'];
		header('Location: ' . $full_domain . 'index.php');
		exit();
	}
}
}
elseif ($_POST['submit'] == 'Login')
{
	//If the username or password isn't set...
	if(!$username || !$password)
	{
		echo $loginMISSING;
		include('required/login_form.php');
	}
	else 
	{		
		//Attempt to login...
		$sql = "SELECT username, password FROM users WHERE username = '$username' AND password = '$MD5'";
		$query = mysql_query($sql) or die(sql_error());
		$row = mysql_fetch_array($query);

	//If database finds a match...
	if (mysql_num_rows($query) == 1)
	{
		//If user hasn't been activated, turn 'em away!
		if($row['status'] == 1)
		{
			echo $login['not_activated'];
			exit();
		}

		//If they have been activated, welcome them with open webpages!
		else
		{				
			//Create session variables and set cookies
			$_SESSION['userid'] = $row['userid'];
			$_SESSION['type'] = $row['type'];
			$_SESSION['first_name'] = $row['first_name'];

			//If they want the website to remember their login information, set session data to last for one week
			if($_POST['remember'])
			{
				setcookie("loggedin", "yes", time()+604800, '', $cookie_domain);
				setcookie("userid", $_SESSION['userid'], time()+604800, '', $cookie_domain);
			}

			//Send the user to the index.php page
			header('Location: ' . $full_domain . 'index.php');
			exit();
		}
	}
	//If the database couldn't find a match...
	else
	{
		echo $login['denied'];
		include('required/login_form.php');
		exit();
	}
}
}
//Check and see if the user is ALREADY logged in
elseif(isset($_SESSION['userid']) && isset($_SESSION['type']) && isset($_SESSION['first_name'])) 
{
	header('Location: index.php');
}
else 
{
	echo $login['first'];
	include('required/login_form.php');
}
?>

The HTML:

<form action="<?php $PHP_SELF; ?>" method="post" name="login_form">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr align="left" valign="top">
<td>Username:</td>
<td><input name="username" type="text" value="<?php echo $username; ?>" size="20"></td>
</tr>
<tr align="left" valign="top">
<td>Password:</td>
<td><input name="password" type="password" size="20"></td>
</tr>
<tr align="left" valign="top">
<td>Remember Info?</td>
<td><input name="remember" type="checkbox" value="remember"></td>
</tr>
<tr align="left" valign="top">
<td colspan="2"><input name="submit" type="submit" value="Login"></td>
</tr>
</table>
</form>

The solution:

Please tell me 🙂

tekky

this part here seems bass ackwards...

//Check and see if a session exists 
if($_COOKIE['loggedin'] == 'yes' && isset($_COOKIE['userid'])) 
{ 
    //Attempt to login user

if loggedin exists... why are we trying to log them in again? 😕

Sharif

That part is to do this:

If the two cookies exist then do not ask for username and password, log them in using their userid.

tekky

ahhh oke next question... why use cookies AND sessions (unless you intend to "remember" them for future log ins... (which it doesnt appear to be the case)

Sharif

That is EXACTLY what I intend to do, and the code will do exactly just that...

tekky

Originally posted by Sharif
That is EXACTLY what I intend to do, and the code will do exactly just that...

you need to add some debugging statements so you see which IF's are being TRUE and which are being FALSE and whats being set to what etc etc...

Sharif

But can you tell me WHY it isn't working? It won't login... like the username and password are always wrong.

tekky

Originally posted by tekky
you need to add some debugging statements so you see which IF's are being TRUE and which are being FALSE and whats being set to what etc etc...

Sharif

Ok I got that, how do I do that?

LordShryku

Dude, check debugging 101 in the Echo Lounge. Look around

tekky

Originally posted by Sharif
Ok I got that, how do I do that?

my god, does your mother still spoon feed you too?

<?
if ($requires_spoonfeeding)
{
     if ($thisvar == $thatvar)
     {
          echo "thisvar == thatvar<br>"; //soley here to display variables for debugging
          //do whatever here;
     }
     else
     {
          echo "I'm a dumbass and my variables are wrong, so my   if statement is never true!<br>"; //soley here to say your variables are wrong
     }
}
else
{
     echo "Wow! A good newbie who knows how to search!<br>";
}
?>

Merve

Originally posted by tekky
my god, does your mother still spoon feed you too?

<?
if ($requires_spoonfeeding)
{
     if ($thisvar == $thatvar)
     {
          echo "thisvar == thatvar<br"; //soley here to display variables for debugging
          //do whatever here;
     }
     else
     {
          echo "I'm a dumbass and my variables are wrong, so my   if statement is never true!<br>"; //soley here to say your variables are wrong
     }
}
else
{
     echo "Wow! A good newbie who knows how to search!<br>";
}
?>

[/B]

I was a good newbie....until the Geeks vs. Nerds fiasco.

Sharif

I can feed my gotdamn self!

tekky

Originally posted by Sharif
I can feed my gotdamn self!

very well, but you sure cant search or read help docs...

do you understand the principles of using debugging atleast now?

Sharif

Yes... I think so!