Problem with user login

jmrouleau

I get the following message when I try to login with any other username than the one I originally set up the user table with:

Fatal error: Uncaught exception 'com_exception' with message 'Source: ADODB.Field
Description: Either BOF or EOF is True, or the current record has been deleted. Requested operation requires a current record.' in 
c:\Sites\Single19\blackpearlweb\webroot\rouleaugroupproperties\bpdesigner\check_login.php:24 Stack trace: #0 
c:\Sites\Single19\blackpearlweb\webroot\rouleaugroupproperties\bpdesigner\check_login.php(24): unknown() #1 
c:\Sites\Single19\blackpearlweb\webroot\rouleaugroupproperties\bpdesigner\connect.php(4): include('c:\Sites\Single...') #2 
c:\Sites\Single19\blackpearlweb\webroot\rouleaugroupproperties\bpdesigner\index.php(3): require('c:\Sites\Single...') #3 {main} thrown in 
c:\Sites\Single19\blackpearlweb\webroot\rouleaugroupproperties\bpdesigner\check_login.php on line 24

This is weird because I have the same script working on multiple domains and this is the first issue I have had. Also I can login fine with my own username which is set up when I run the initial SQL.

Another problem I am having is when I change my password I get another error message and cannot login. I then have to go change my password with SQL and it works fine again.

Roger_Ramjet

jmrouleau wrote:
This is weird because I have the same script working on multiple domains and this is the first issue I have had. Also I can login fine with my own username which is set up when I run the initial SQL.

Another problem I am having is when I change my password I get another error message and cannot login. I then have to go change my password with SQL and it works fine again.

So it is a server configuration problem :p

Not a lot we can help you with there. Try comparing ALL the server settings and find out what is different with this server.

jmrouleau

Here's the thing.....It is on the same server as a working copy. It is just accessing a different set of tables.

Here are the login and check login files

<?php

if (isset($_POST['submit'])) { // if form has been submitted


/* check they filled in what they were supposed to and authenticate */
if(!$_POST['userName'] | !$_POST['password']) {
	die('You did not fill in a required field. <a href="login.php" target="_parent">Click here</a> to return to Login.');
}

// authenticate.

if (!get_magic_quotes_gpc()) {
	$userName = strtolower(addslashes($_POST['userName']));
	$password = sha1(strtolower(addslashes($_POST['password'])));
}else{
	$userName = strtolower($_POST['userName']);
	$password = sha1(strtolower($_POST['password']));
}

$check = $conn->Execute("SELECT first, userName, password, login_count, access FROM ".$TBEXT."users WHERE userName = '".$userName."'");

if($check->EOF){
	die('That Username Does Not Exist In Our System. <a href="login.php" target="_parent">Click here</a> to return to Login.');
}


// check passwords match

$ret_pass = $check->fields[2]->value;

if ($password != $ret_pass) {
	die('Incorrect password, please try again.');
}

// if we get here username and password are correct, 
//register session variables and set last login time.
$count = $check->fields[3]->value;
$count = $count+1;
$date = date('H:i M d, Y');

$update_login = $conn->Execute("UPDATE ".$TBEXT."users SET login_count='".$count."', last_login = '".$date."' WHERE userName = '".$userName."'");

$_POST['userName'] = $userName;
$_SESSION['userName'] = $userName;
$_SESSION['password'] = $password;
$_SESSION['name'] = stripslashes($check->fields[0]->value);
$_SESSION['access']= stripslashes($check->fields[4]->value);
$logged_in = 1;


?>

check_login.php

<?php
ob_start();

if (!isset($_SESSION['userName']) || !isset($_SESSION['password'])) {
	$logged_in = 0;
	return;
} else {
	if(!get_magic_quotes_gpc()) {
		$_SESSION['userName'] = addslashes($_SESSION['userName']);
	}


// addslashes to session username before using in a query.
$result = @$conn->Execute("SELECT password FROM ".$TBEXT."users WHERE userName = '".$_SESSION['userName']."'") or die('Database Error. Please Try Again');

if($result->EOF){
	$logged_in = 0;
	unset($_SESSION['userName']);
	unset($_SESSION['password']);
	unset($_SESSION['access']);
	unset($_SESSION['name']);
}

$ret_pass = stripslashes($result->fields[0]->value);
$_SESSION['password'] = stripslashes($_SESSION['password']);



//compare:



if($_SESSION['password'] == $ret_pass) { 
	// valid password for username
	$logged_in = 1; 
} else {
	$logged_in = 0;
	unset($_SESSION['userName']);
	unset($_SESSION['password']);
	unset($_SESSION['access']);
	unset($_SESSION['name']);
	// kill incorrect session variables.
}
}


// clean up
unset($ret_pass);

$_SESSION['userName'] = stripslashes($_SESSION['userName']);
?>

The only changes I have made to this from the working copy is the $TBEXT variable which is defined in connect.php as the root name of each table.

jmrouleau

Still looking for help on this issue....

jmrouleau

Nothing?