5 Replies - 439 Views - Last Post: 08 May 2013 - 04:57 AM Rate Topic: -----

#1 seyidesh  Icon User is offline

  • D.I.C Head

Reputation: -1
  • View blog
  • Posts: 51
  • Joined: 24-November 10

User Login Page Problem

Posted 02 May 2013 - 03:45 PM

Hello guys, I have this login page codes below:

This codes run fine but the section of the query, activation and token seem not to be working at all because each time i try to login with login details, the submit button is not returning anything while if i black the login field and try to login, i receive the normal error report.

I have done all troubleshooting within my php knowledge base i still can not figure out the problem.

I know you guys are professionals, kindly please bill me out.

Thanks

<link href="css/home.css" rel="stylesheet" type="text/css" />
<?php
include 'classes/connect.php';
include 'header.php';

?>
<script type="text/javascript">
 	var RecaptchaOptions ={
		theme: 'custom',
		custom_theme_widget: 'recaptcha_widget'
	};

</script>

<div id="MainBody">
<?php

// check if the submit button is clicked

	if (isset($_POST['submitted'])){

		if (preg_match('%\A(?=[-_a-zA-Z0-9])\S{4,}\z%',  stripslashes(trim($_POST['user_name'])))){
			$u = escape_data($_POST['user_name']);
			}else {
		$u = FALSE;
		echo '<li><font color="red" size="-1"> Please enter a valid Username</font></li>';
	}
	
	// Is pasword valid
	
	if (preg_match('%\A(?=[-_a-zA-Z0-9])\S{4,}\z%',  stripslashes(trim($_POST['user_pass'])))){
			$p = escape_data($_POST['user_pass']);
			}else {
		$p = FALSE;
		echo '<li><font color="red" size="-1"> Please enter a valid Password</font></li>';
	}
		
		/*
		$captchchk = 1;
		$privatekey ="PRIVATE KEY";
		$resp = recaptcha_check_answer($privatekey, 
									   $_SERVER["REMOTE_ADDR"],
									   $_POST["recaptcha_challenge_field"],
									   $_POST["recaptcha_response_field"]);
		if (!$resp->is_valid){
			echo '<br /><font color="red" size="-1"> Captcha Code was wrong</font>';
			$captchchk = 0;
		}
		*/
		if($u && $p ){
			$sql = "SELECT user_id, user_surname, user_otherName, user_email, user_name, user_pass, active, user_level FROM users WHERE user_name='". $u . "' AND user_pass='".sha1($p) ."'";
			$res = mysql_query($sql) or trigger_error("Either the Username or password are incorrect");
														 
					if (mysql_affected_rows() == 1){
						
						//$row = mysql_fetch_array($res, MYSQL_NUM);
					//mysql_free_result($res);
						
						if($row[6] !=NULL){
							header("Location: mbforgotpass.php");
							mysql_close();
							exit();
						}
						
						$_SESSION['user_surname'] = $row[1];
						$_SESSION['user_name'] =$row[4];
						
						$tokenId =rand(10000, 9999999);
						
						$sql2 = "UPDATE users SET token_id='". $tokenId ."' WHERE user_name='".$_SESSION['user_name'] ."'";
						$res2 = mysql_query($sql2);
						$_SESSION['token_id'] = $tokenId;
						session_regenerate_id();
												
						//set the $_SESSION['signed_in'] variable to TRUE
					
						header ("Location: signin.php");
						mysql_close();
						exit();
					
					}
					
			
		}else {
			echo '<br /> <p> <font color="red" size="+1"> Either the Username or Password are incorrect.</font></p>';
			mysql_close();
			exit();
		}
	}
?>



<?php

echo '<h1> Welcome';
		if(isset($_SESSION['user_surname'])){
				echo", {$_SESSION['user_surname']}!";	
		}
echo '</h1>';

	
	if (isset($_SESSION['user_username']) && (substr($_SERVER['PHP_SELF'], -10) !='signout.php')){
		echo'<a href="signout.php">Logout</a>'; 
	}else{
		echo'<form action="signin.php" method="post" >
			Username: <input type="text" name="user_name" /><br />
			Password: <input type="password" name="user_pass"><br />
			<input type="submit" name="submit" value="Sign in" />
			<input type="hidden" name="submitted" value="TRUE"  />
		 </form>';
		 
		 echo '<a href="signup.php"> Register</a><br />';
		 echo '<a href="forgot_password.php"> Forgot Password</a><br />';
	}
	
echo'</div>';

include 'footer.php';
?>


Is This A Good Question/Topic? 0
  • +

Replies To: User Login Page Problem

#2 andrewsw  Icon User is offline

  • Fire giant boob nipple gun!
  • member icon

Reputation: 2884
  • View blog
  • Posts: 9,566
  • Joined: 12-December 12

Re: User Login Page Problem

Posted 02 May 2013 - 05:17 PM

Can you describe your problem more clearly please. For example, what does the submit button not returning anything mean? Does it open the other page.. is the other page completely blank? Added: And what does "black the login field" mean? And which normal error report are you referring to? Added: You may be submitting to the same page, but your question still requires clarification.

The mysql library is deprecated - see my signature. And the font tag is OBSOLETE (and has been for a very long time).

This post has been edited by andrewsw: 02 May 2013 - 05:23 PM

Was This Post Helpful? 0
  • +
  • -

#3 seyidesh  Icon User is offline

  • D.I.C Head

Reputation: -1
  • View blog
  • Posts: 51
  • Joined: 24-November 10

Re: User Login Page Problem

Posted 03 May 2013 - 12:10 AM

Thank you for your respond. firstly, the submit button when clicked did not open other page, it only return me to the same page and the login SESSION is not set while if the login field is empty i.e if i did not enter anything inside the field the normal error is return i.e
echo '<br /> <p> <font color="red" size="+1"> Either the Username or Password are incorrect.</font></p>';
meaning this line of code below works fine.

 if (isset($_POST['submitted'])){

		if (preg_match('%\A(?=[-_a-zA-Z0-9])\S{4,}\z%',  stripslashes(trim($_POST['user_name'])))){
			$u = escape_data($_POST['user_name']);
			}else {
		$u = FALSE;
		echo '<li><font color="red" size="-1"> Please enter a valid Username</font></li>';
	}
	
	// Is pasword valid
	
	if (preg_match('%\A(?=[-_a-zA-Z0-9])\S{4,}\z%',  stripslashes(trim($_POST['user_pass'])))){
			$p = escape_data($_POST['user_pass']);
			}else {
		$p = FALSE;
		echo '<li><font color="red" size="-1"> Please enter a valid Password</font></li>';
	}


Where i think error was is the area of query, activation and token logic but i have done everything within my php knowledge i seem not to figure it out. Here

if($u && $p ){
			$sql = "SELECT user_id, user_surname, user_otherName, user_email, user_name, user_pass, active, user_level FROM users WHERE user_name='". $u . "' AND user_pass='".sha1($p) ."'";
			$res = mysql_query($sql) or trigger_error("Either the Username or password are incorrect");
														 
					if (mysql_affected_rows() == 1){
						
						//$row = mysql_fetch_array($res, MYSQL_NUM);
					//mysql_free_result($res);
						
						if($row[6] !=NULL){
							header("Location: mbforgotpass.php");
							mysql_close();
							exit();
						}
						
						$_SESSION['user_surname'] = $row[1];
						$_SESSION['user_name'] =$row[4];
						
						$tokenId =rand(10000, 9999999);
						
						$sql2 = "UPDATE users SET token_id='". $tokenId ."' WHERE user_name='".$_SESSION['user_name'] ."'";
						$res2 = mysql_query($sql2);
						$_SESSION['token_id'] = $tokenId;
						session_regenerate_id();
												
						//set the $_SESSION['signed_in'] variable to TRUE
					
						header ("Location: signin.php");
						mysql_close();
						exit();
					
					}
					
			
		}else {
			echo '<br /> <p> <font color="red" size="+1"> Either the Username or Password are incorrect.</font></p>';
			mysql_close();
			exit();
		}
	}


secondly, Thanks for the information about font tag, I will definitely correct that.

This post has been edited by Dormilich: 03 May 2013 - 01:54 AM
Reason for edit:: removed unnecessary quote

Was This Post Helpful? 0
  • +
  • -

#4 codeprada  Icon User is offline

  • Changed Man With Different Priorities
  • member icon

Reputation: 943
  • View blog
  • Posts: 2,353
  • Joined: 15-February 11

Re: User Login Page Problem

Posted 04 May 2013 - 08:19 PM

To debug your code you should dump the data from your $_POST and your SQL results. Use either var_dump or print_r and examine the results.

You should however know that mysql_affected_rows doesn't work for SELECT statements. Basically it will never be equal to anything but 0.

php.net said:

Get the number of affected rows by the last INSERT, UPDATE, REPLACE or DELETE query

To count the amount of row returned from a SELECT statement use mysql_num_rows.
Was This Post Helpful? 0
  • +
  • -

#5 seyidesh  Icon User is offline

  • D.I.C Head

Reputation: -1
  • View blog
  • Posts: 51
  • Joined: 24-November 10

Re: User Login Page Problem

Posted 08 May 2013 - 01:31 AM

I have make changes to my codes but it is still not working i try to use
print_r($res)
to see the result of my
(mysql_num_rows($res) ==0) 


but the result i got is
Resource id #7
I really did not understand where this is coming from because my database did not have any user with ID 7. I only have one user in the DB with id = 1.

here is the complete codes:
<link href="css/home.css" rel="stylesheet" type="text/css" />
<?php
include 'classes/connect.php';
include 'header.php';

?>
<div id="MainBody">
<?php

// check if the submit button is clicked

	if (isset($_POST['submitted'])){

		if (preg_match('%\A(?=[-_a-zA-Z0-9])\S{4,}\z%',  stripslashes(trim($_POST['username'])))){
			$u = escape_data($_POST['username']);
			}else {
		$u = FALSE;
		echo ' Please enter a valid Username';
	}
	
	// Is pasword valid
	
	if (preg_match('%\A(?=[-_a-zA-Z0-9])\S{4,}\z%',  stripslashes(trim($_POST['userpass'])))){
			$p = escape_data($_POST['userpass']);
			}else {
		$p = FALSE;
		echo 'Please enter a valid Password';
	}
	
			
		if($u ===TRUE && $p ===TRUE ){
			$sql = "SELECT user_id, user_surname, user_otherName, user_email, user_name, user_pass, user_date, user_level, forum_notification, active FROM users WHERE user_name='". $u . "' AND user_pass='".sha1($p) ."'";
			$res = mysql_query($sql) or die(mysql_error());
														 
					if (!$res){
						echo'Somthing went wrong while signing in. Please try again later';}else{
					if(mysql_num_rows($res) ==0){
						print_r($res);
						
					}else{
						
					//$row = mysql_fetch_array($res, MYSQL_NUM);
					//mysql_free_result($res);
						
						if($row['active'] !=NULL){
							header("Location: mbforgotpass.php");
							mysql_close();
							exit();
						}
						
						$_SESSION['signed_in'] = true;
						
						while($row = mysql_fetch_assoc($res))
					{
						$_SESSION['user_id'] 	= $row['user_id'];
						$_SESSION['user_name'] 	= $row['user_name'];
						$_SESSION['user_level'] = $row['user_level'];
						$_SESSION['user_surname'] 	= $row['user_surname'];
						$_SESSION['user_otherName'] 	= $row['user_otherName'];
						
					}
					
					
					echo 'Welcome, ' . $_SESSION['user_name'] . '. <br /><a href="index.php">Proceed to the forum overview</a>.';
						
						$tokenId =rand(10000, 9999999);
						
						$sql2 = "UPDATE users SET token_id='". $tokenId ."' WHERE user_name='".$_SESSION['user_name'] ."'";
						$res2 = mysql_query($sql2);
						$_SESSION['token_id'] = $tokenId;
						session_regenerate_id();
												
						//set the $_SESSION['signed_in'] variable to TRUE
					
						header ("Location: signin.php");
						mysql_close();
						exit();
					
					}
						}
					
			
		}
	}
?>



<?php

echo '<h1> Welcome </h1>';


	
	if (isset($_SESSION['user_username']) && (substr($_SERVER['PHP_SELF'], -10) !='signout.php')){
		echo'<a href="signout.php">Logout</a>'; 
	}else{
		echo'<form action="" method="post" >
			Username: <input type="text" name="username" /><br />
			Password: <input type="password" name="userpass"><br />
			<input type="submit" name="submit" value="Sign in" />
			<input type="hidden" name="submitted" value="TRUE"  />
		 </form>';
		 
		 echo '<a href="signup.php"> Register</a><br />';
		 echo '<a href="forgot_password.php"> Forgot Password</a><br />';
	}
	
echo'</div>';

include 'footer.php';

?>

This post has been edited by Dormilich: 08 May 2013 - 04:52 AM

Was This Post Helpful? 0
  • +
  • -

#6 Dormilich  Icon User is offline

  • 痛覚残留
  • member icon

Reputation: 3392
  • View blog
  • Posts: 9,586
  • Joined: 08-June 10

Re: User Login Page Problem

Posted 08 May 2013 - 04:57 AM

$res is a variable of the Resource data type and "id #7" refers to a PHP internal variable count. you canít display a Resourceís data that simple, thatís why there are functions like mysql_fetch() to get the data out.
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1