Vcoderz Community
We create websites that have it all, beauty & brains
Lebanon Web Design & Development - Coddict
 

Go Back   Vcoderz Community > Computer Zone > Computers & Information Technologies

Notices

Computers & Information Technologies Everything related to computers and internet.

Reply
 
Share Thread Tools Search this Thread
Old 03-13-2011   #1
7alewi
Vcoderz Team
 
7alewi's Avatar
 
Last Online: 09-03-2014
Join Date: Jan 2009
Posts: 1,438
Thanks: 776
Thanked 1,299 Times in 786 Posts
Groans: 1
Groaned at 1 Time in 1 Post
Default [HELP] PHP Login Script

I am trying to create a simple php blog where the user can login and post stuff.

When testing this on localhost im getting an error. When I try to login with a registered user it tells me that the password is wrong.

The database is created on localhost (phpmyadmin). The table is "users" with columns (email, fname, lname, password).

(The login script uses cookies.)

Registration Script:

Code:
<?php

define('TITLE', 'Register');
require 'templates/header.html';

print '<h1>Welcome to PHP Blog</h1>
       <p><b>Use the form below to Register gain access to various features on our blog.</b></p>';

 // Connects to the Database and select it

 mysql_connect("localhost", "username", "password") or die(mysql_error());
 mysql_select_db("myblog") or die(mysql_error());

// check if all filds are filled in
 
if (isset($_POST['submitted']) ) {

    $problem = FALSE;

    if (empty($_POST['first_name'])) {
        $problem = TRUE;
        print '<p class="error">Please enter your first name.</p>';
    }

    if (empty($_POST['last_name'])) {
        $problem = TRUE;
        print '<p class="error">Please enter your last name.</p>';
    }

    if (empty($_POST['email'])) {
        $problem = TRUE;
        print '<p class="error">Please enter your email address.</p>';
    }

    if (empty($_POST['password1'])) {
        $problem = TRUE;
        print '<p class="error">Please enter a password.</p>';
    }

    if ($_POST['password1'] != $_POST['password2']) {
        $problem = TRUE;
        print '<p class="error">Your password did not match your confirmed password.</p>';
    }

// checks if the email is in use

if (!get_magic_quotes_gpc()) {

     $_POST['email'] = addslashes($_POST['email']);
}

        $emailcheck = $_POST['email'];
        $check1 = mysql_query("SELECT email FROM users WHERE email = '$emailcheck'") or die(mysql_error());
        $check2 = mysql_num_rows($check1);


// show error if email exists

if ($check2 != 0) {

        die('Sorry, this email '.$_POST['email'].' is already in use.');
        
}


// insert into database

     $insert = "INSERT INTO users (email, fname, lname, password) VALUES
                  ('".$_POST['email']."', '".$_POST['first_name']."', '".$_POST['last_name']."', '".$_POST['password1']."')";
     $add_user = mysql_query($insert);
        
// if everything works, redirect the user to the welcome.php page and send an email with the details
       if ($add_user = TRUE) {

        header('Location:registered.php');
        die();

        // send an email with the details
        
$body = "Hello {$_POST['first_name']},

Thank you for registering with PHP Blog! Please find your login details below:

login email: '{$_POST['email']}'
Login password:'{$_POST['password1']}'

Please keep them safe!";
                
        mail($_POST['email'], 'Registration Confirmation', $body, 'From: admin@localhost');

        $_POST = array();
                
                } else {

        print '<p class="error">An error occured, please try again.</p>';

    }
}

?>

<form action="register.php" method="post">
<p>First Name: &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="text" name="first_name" size="20" value="<?php if (isset($_POST['first_name'])) { print htmlspecialchars($_POST['first_name']); } ?>" /></p>
<p>Last Name: &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="text" name="last_name" size="20" value="<?php if (isset($_POST['last_name'])) { print htmlspecialchars($_POST['last_name']); } ?>" /></p>
<p>Email Address: &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="text" name="email" size="20" value="<?php if (isset($_POST['email'])) { print htmlspecialchars($_POST['email']); } ?>" /></p>
<p>Password: &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="password" name="password1" size="20" /></p>
<p>Confirm Password: <input type="password" name="password2" size="20" /></p>
<p><input type="submit" name="submit" value="Register!" /></p>
<input type="hidden" name="submitted" value="true" />
</form>

<?php

require 'templates/footer.html';

?>
Login Script:

Code:
<?php

define ('TITLE', 'Log in');
require 'templates/header.html';

?>

<?php

// Connect to the Database 

 mysql_connect("localhost", "username", "password") or die(mysql_error());
 mysql_select_db("myblog") or die(mysql_error());


// Check if there is a login cookie already

 if(isset($_COOKIE['User_php_blog'])) {

//if there is a cookie, log the user in, directe them to the welcome page

     $email = $_COOKIE['User_php_blog'];
     $password1 = $_COOKIE['Pass_php_blog'];

      $check = mysql_query("SELECT * FROM users WHERE email = '$email'") or die(mysql_error());

     while($info = mysql_fetch_array($check)) {

         if ($password1 != $info['password'])    {
            }
         else
             {
             header("Location:welcome.php");
             }
         }
 }

//if the login form is submitted

 if (isset($_POST['submitted'])) { // if form has been submitted

// makes sure they filled it in

     if(!$_POST['email'] || !$_POST['password1']) {

         die ('<p><b>You did not fill in a required field</b></p>');
     }
        
// checks it against the database

     if (!get_magic_quotes_gpc()) {
         $_POST['email'] = addslashes($_POST['email']);
     }

     $check = mysql_query("SELECT * FROM users WHERE email = '".$_POST['email']."'") or die(mysql_error());

//Gives error if user dosen't exist

 $check2 = mysql_num_rows($check);

 if ($check2 == 0) {

         die ('<p><b>That user does not exist in our database. <a href=register.php>Click Here to Register</a></b></p>');
                }

 while($info = mysql_fetch_array($check)) {

        $_POST['password1'] = stripslashes($_POST['password1']);

     $info['password'] = stripslashes($info['password']);

     $_POST['password1'] = md5($_POST['password1']);

//gives error if the password is wrong

     if ($_POST['password1'] != $info['password']) {

         die('<p><b>Incorrect password, please try again.</b></p>');

     } else {
 
 // if login is ok then we add a cookie 

      $_POST['email'] = stripslashes($_POST['email']); 

      $hour = time() + 3600; 

 setcookie(User_php_blog, $_POST['email'], $hour); 

 setcookie(Pass_php_blog, $_POST['password1'], $hour);

//then redirect them to the members area

 header("Location:welcome.php"); }

    }

 }

 else

{

 // if they are not logged in show the form

 ?>

<h2>Login to access all features</h2>

<form action="login.php" method="post"
        <p>Email: &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type="text" name="email" size="20" /></p>
        <p>Password: <input type="password" name="password1" size="20" /></p>
        <p><input type="submit" name="submit" value="Log in" /> | <a class="home" href="register.php">Not yet registered?</a></p>
        <input type="hidden" name="submitted" value="true" />
        </form>
<?php

}

?>


<?php
    require 'templates/footer.html';
?>
Any idea of why its not being able to log the user in? Thank you.


7alewi is offline   Reply With Quote
Reply

  Vcoderz Community > Computer Zone > Computers & Information Technologies

Tags
login, php, script



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 07:08 AM.


Lebanon web design and development
Powered by vBulletin® Version 3.8.3
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Ad Management plugin by RedTyger
Share