Very Strange..

dvondrake

Hi,
I'm coding a login script that uses cookies for my script, and it doesnt seem to work.

Problem: It logs in, even if the username and password arent correct.

Here's the file that has the problem:

<?php 
  if(empty($_POST['usr']) || empty($_POST['pass'])) 
  {   

  include("header.php");?> 
      <b>Fill All Details </b> 
                <?php 
  } 
  else 
  { 
      //Colllect the details and validate 
      $time = time(); 
      $usr = $_POST['usr']; 
      $pass = $_POST['pass']; 
      include("config.php"); 
  if ($pass = $pass1){ 
  $auth777 = "1"; 
  }else{ 
  $auth777 = "0"; 
  } 
  if ($usr = $usr1) { 
  $auth778 = "1"; 
  }else{ 
  $auth778 = "0"; 
  } 
  if ($auth777 = "1") { 
   if ($auth778 = "1") {
  $auth779 = "1"; 
  } 
  }

      $cookie_data = $usr.'-'.$pass;   
               if($auth779 = "1") {
          if(setcookie ("cookie_info",$cookie_data, $time+3600)==TRUE) 
          { 
          include("header.php"); 
              echo "Logged in. <br> <br><a href=admin.php>Do Stuff</a><br><br>" . $_COOKIE["cookie_info"] . "    8"; 
              }else{ 
  include("header.php"); 
  echo "Authentication Failed."; 
          } 

                }else{ 
  include("header.php"); 
  echo "Authentication Failed."; 
     }  

   }

  include("footer.php"); 
  ?>

$usr1 and $pass1 come from the config file.

Please help...

leatherback

Easy.

You need == not = when you make a comparison. Now you are just assigning the values to the preset variables.

if ($pass = $pass1){

should be:

if ($pass == $pass1){

dvondrake

Ah, thanks.