Cant get register/login to work

fus10n

i have made a register and log in system but for some reason it keeps giving me the can not register error or userame doesn't exist. here are the scripts please help
and yes all the server names, users, passwords are correct

Connection:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<?
// Replace the variable values below
// with your specific database information.
$host = "localhost";
$user = "yourclas_****";
$pass = "****";
$db   = "yourclas_dbUsers";

// This part sets up the connection to the 
// database (so you don't need to reopen the connection
// again on the same page).
$ms = mysql_pconnect($host, $user, $pass);
if ( !$ms )
        {
        echo "Error connecting to database.\n";
        }

// Then you need to make sure the database you want
// is selected.
mysql_select_db($db);
?>
</body>
</html>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<?php

    // dBase file
    include "dbConfig.php";

    if ($_GET["op"] == "login")
  {
  if (!$_POST["username"] || !$_POST["password"])
        {
        die("You need to provide a username and password.");
        }

  // Create query
  $q = "SELECT * FROM `dbUsers` "
        ."WHERE `username`='".$_POST["username"]."' "
        ."AND `password`=PASSWORD('".$_POST["password"]."') "
        ."LIMIT 1";
  // Run query
  $r = mysql_query($q);

  if ( $obj = @mysql_fetch_object($r) )
        {
        // Login good, create session variables
        $_SESSION["valid_id"] = $obj->id;
        $_SESSION["valid_user"] = $_POST["username"];
        $_SESSION["valid_time"] = time();

    // Redirect to member page
    Header("Location: members.php");
    }
  else
        {
        // Login not successful
        die("Sorry, could not log you in. Wrong login information.");
        }
  }
        else
  {
//If all went right the Web form appears and users can log in
  echo "<form action=\"?op=login\" method=\"POST\">";
  echo "Username: <input name=\"username\" size=\"15\"><br />";
  echo "Password: <input type=\"password\" name=\"password\" size=\"8\"><br />";
  echo "<input type=\"submit\" value=\"Login\">";
  echo "</form>";
  }
        ?>

</body>
</html>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<?php

    // dbConfig.php is a file that contains your
    // database connection information. This
    // tutorial assumes a connection is made from
    // this existing file.
    include ("dbConfig.php");


//Input vaildation and the dbase code
        if ( $_GET["op"] == "reg" )
  {
  $bInputFlag = false;
  foreach ( $_POST as $field )
        {
        if ($field == "")
    {
    $bInputFlag = false;
    }
        else
    {
    $bInputFlag = true;
    }
        }
  // If we had problems with the input, exit with error
  if ($bInputFlag == false)
        {
        die( "Problem with your registration info. "
    ."Please go back and try again.");
        }

  // Fields are clear, add user to database
  //  Setup query
  $q = "INSERT INTO `dbUsers` (`username`,`password`,`email`) "
        ."VALUES ('".$_POST["username"]."', "
        ."PASSWORD('".$_POST["password"]."'), "
        ."'".$_POST["email"]."')";
  //  Run query
  $r = mysql_query($q);

  // Make sure query inserted user successfully
  if ( !mysql_insert_id() )
        {
        die("Error: User not added to database.");
        }
  else
        {
        // Redirect to thank you page.
        Header("Location: register.php?op=thanks");
        }
  } // end if


//The thank you page
        elseif ( $_GET["op"] == "thanks" )
  {
  echo "<h2>Thanks for registering!</h2>";
  }

//The web form for input ability
        else
  {
  echo "<form action=\"?op=reg\" method=\"POST\">\n";
  echo "Username: <input name=\"username\" MAXLENGTH=\"16\"><br />\n";
  echo "Password: <input type=\"password\" name=\"password\" MAXLENGTH=\"16\"><br />\n";
  echo "Email Address: <input name=\"email\" MAXLENGTH=\"25\"><br />\n";
  echo "<input type=\"submit\">\n";
  echo "</form>\n";
  }
        // EOF
        ?>
</body>
</html>

members:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<?php
session_start();

if (!$_SESSION["valid_user"])
        {
        // User not logged in, redirect to login page
        Header("Location: login.php");
        }

// Member only content
// ...
// ...
// ...

// Display Member information
echo "<p>User ID: " . $_SESSION["valid_id"];
echo "<p>Username: " . $_SESSION["valid_user"];
echo "<p>Logged in: " . date("m/d/Y", $_SESSION["valid_time"]);

// Display logout link
echo "<p><a href=\"logout.php\">Click here to logout!</a></p>";
?>
</body>
</html>

logout:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<?php
session_start();
session_unset();

session_destroy();
// Logged out, return home.
Header("Location: index.php");
?>
</body>
</html>

big_nerd

Hi,

Are you receiving any SQL Errors?

Try removing the @ from the mysql statements such as:

  if ( $obj = @mysql_fetch_object($r) 
 // becomes
  if ( $obj = mysql_fetch_object($r)

Ensure that everything is working as you expect.

The other thing you can do is switch to plain-text passwords (don't use MySQL's built in PASSWORD function).

You can also substitute with PHP's MD5() function to create a hash. This way you can do the following on form post:

echo $_POST['username'];
echo '<br />';
echo $_POST['password'];
echo '<br />MD5 Password: '.$_POST['password'];

Once you see the values you can do a direct visual compare between what is on the screen and what is in the database (check it using MySQL Client or phpMyAdmin).

Once you've determined that it is passing exact passwords (perfectly).

You can also check to ensure that magic quotes have been disabled, this will automatically escape many characters that usually causes an unwanted scenario.

if(get_magic_quotes_gpc())
	echo "Magic quotes are enabled";
else
	echo "Magic quotes are disabled

You can disable it via php.ini or .htaccess.

lilye55

Every woman needs a pair involving golf shoes, as well as Tods Shoes or boots is amongst the best choices offered. They may be tough, supply assistance for the archways and perhaps they are quite cozy hogan shoes outlet