I'm not sure what happened.
Creating the database (mysql) and php scripts, everything worked fine.
Had some hiccups on the server and it was upgraded, I cannot remember what versions of MySql or PHP were loaded prior; however, I do know they were 5.x.
The versions now are PHP v5.1.6 and MySql v5.027.
Even after the upgrades, everything worked fine. Now, I'm getting ready to release the app to our production servers, so I basically reloaded the .sql file that I had originally created. NO changes were ever made to any of the user tables; however, now, none of the users that I loaded are able to log in.
Any ideas on what I may have done here??
SQL Code I'm using in my .sql file to insert users
insert into users(username, password, fullname, company, email, phone) values ('jblow', SHA1('password'), 'Joe Blow', '3', 'jblow@gmail.com',
'111.222.3456');
PHP Code to extract the info
// From my connect script
function get_user_record($username)
{
$handle = db_connect();
$query = "select * from users, where username = '$username'";
$result = $handle->query($query);
return($result->fetch_assoc());
}
// From my user_auth script (cafs_fns.php)
function login($username, $password)
{
// connect to db
$handle = db_connect();
if (!$handle)
return 0;
$result = $handle->query("select * from users,
where username='$username' and
password = SHA1('$password')");
if (!$result)
{
return 0;
}
if ($result->num_rows>0)
{
return 1;
}
else
{
return 0;
}
}
My Login script
include_once('cafs_fns.php');
if ( (!isset($_REQUEST['username'])) || (!isset($_REQUEST['password'])) )
{
echo 'You must enter your username and password to proceed';
exit;
}
$username = $_REQUEST['username'];
$password = $_REQUEST['password'];
if (login($username, $password))
{
$_SESSION['auth_user'] = $username;
header('Location: '.$_SERVER['HTTP_REFERER']);
}
else
{
echo 'The credentials you have entered are incorrect<br>';
echo 'You must enter in a valid Username & Password to continue';
exit;
}
index.php
include('admin/cafs_fns.php');
include_once('../includes/header.php');
if (!check_auth_user())
{
login_form();
}
