login problems

**gilgalbiblewhee** · Apr 3rd, 2010, 10:13 PM

I'm having logging problems. It keeps logging out when I click on the url and entering. These are my pages. First it's the index page where the rest are include files found in it:
index.php:

PHP Code:


<?php 

//twotexts

ob_start();

session_start();//the only thing related to the login

//...

login page: index.php

PHP Code:


<?php

ob_start();

include("dbconnection.php");

?>

<div style="float: left; width: 100%; margin: 0px 0px 0px 0px; background-color: #7C7C7C; border: 1px solid #A5A498; border-width: 1px 1px 0px 1px;">

    <span style="float: left; padding: 2px 10px 0px 12px; color: #FFFFFF; font-family: arial; font-weight:bold; font-size: 13px;">Login</span>

</div>

<div style="float: left; width: 100%; height: 120px; background-color: #B4B3A9; border: 1px solid #A5A498; margin: 0px 0px 0px 0px; overflow-x: hidden; overflow-y: auto;">

<?php

function login(){

?>

    <table border="0">

        <tr>

            <td>Administrator:</td><td><input type="checkbox" id="adminid" name="admin" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C;" value="no" onClick="if(this.value=='no'){this.value='yes'; document.getElementById('register').style.display = 'none';} else{this.value='no';document.getElementById('register').style.display = 'block';};" /></td>

        </tr>

        <tr>

            <td>Username:</td>

            <td><input type="text" name="<?php //vb_login_username?>username" id="username" style="float: left; border: 1px solid #7C7C7C; font: 9px verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 100px; height: 15px;" value="User Name" onBlur="if (this.value == '') this.value = 'User Name';" onFocus="if (this.value == 'User Name') this.value = '';" /></td>

        </tr>

        <tr>

            <td>Password:</td><td><input type="password" style="float: left; border: 1px solid #7C7C7C; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 100px; height: 15px;" <?php //name="pass"?> name="<?php //vb_login_username?>pass" id="pass" /></td></tr>

        <tr>

            <td><a id="register" href="login/register.php" style="float: left; display: block; background-color: #7C7C7C; text-align: left; padding: 0px 0px 0px 5px; width: 80px; height: 20px; text-decoration: none; color: #ffffff; border: 1px solid #7C7C7C; font-weight: bold;" onMouseOver="this.style.backgroundColor='#B4B3A9'" onMouseOut="this.style.backgroundColor='#7C7C7C'">Register</a></td><td align="right"><input type="submit" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C; color: #ffffff; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-weight: bold; width: 100px; height: 20px;" name="submit" onMouseOver="this.style.backgroundColor='#B4B3A9'" onMouseOut="this.style.backgroundColor='#7C7C7C'" value="Login" /></td>

        </tr>

    </table>

<?php

}



//Checks if there is a login cookie

if(isset($_COOKIE['ID_my_site'])){ //if there is, it logs you in and directs you to the members page

    $myusername = $_COOKIE['ID_my_site'];

    $pass = $_COOKIE['Key_my_site'];

    $admin = $_COOKIE['Admin_my_site'];

    $user = $_COOKIE['User_my_site'];    

    $sql = "SELECT * FROM ";

    if($admin=="yes"){

        $sql .= $dbTable2;

    }else{

        $sql .= $dbTable;

    }

    $sql .= " WHERE username = '".mysql_real_escape_string($myusername)."'";

    $check = mysql_query($sql)or die(mysql_error());

    while($info = mysql_fetch_array( $check )){

        if ($pass != $info['password']){

        }else{

            //print("Welcome ".$myusername."! <br />Visit your <a href=\"login/member.php\">member's stat</a> <br /><a href=\"login/logout.php\">Logout</a>");

            //header("Location: login/member.php");

            //header("Location: ");

        }

    }

}

//if the login form is submitted

if (isset($_POST['submit'])){ // if form has been submitted

    if(!$_POST['username'] | !$_POST['pass']) {// makes sure they filled it in

        //die('You did not fill in a required field.');

        print('You did not fill in a required field.');

    }// checks it against the database

    if (!get_magic_quotes_gpc()){

        $_POST['email'] = addslashes($_POST['email']);

    }

    $sql = "SELECT * FROM ";

    if($admin=="yes"){

        $sql .= $dbTable2;

    }else{

        $sql .= $dbTable;

    }

    $sql .= " WHERE username = '".$_POST['username']."'";

    $check = mysql_query($sql)or die(mysql_error());

    //Gives error if user dosen't exist

    $check2 = mysql_num_rows($check);

    if ($check2 == 0) {

        //die('That user does not exist in our database. <a href=login/register.php>Click Here to Register</a>');

        print('That user does not exist in our database.');

        login();

    }

    while($info = mysql_fetch_array( $check )){

        $_POST['pass'] = stripslashes($_POST['pass']);

        $info['password'] = stripslashes($info['password']);

        $_POST['pass'] = md5($_POST['pass']);



        //gives error if the password is wrong

        if ($_POST['pass'] != $info['password']){

            //die('Incorrect password, please try again.');

            print('Incorrect password, please try again.');

            login();

        }else{

            // if login is ok then we add a cookie

            $_POST['username'] = stripslashes($_POST['username']);

            $hour = time() + 3600;

            setcookie(ID_my_site, $_POST['username'], $hour);

            setcookie(Key_my_site, $_POST['pass'], $hour);

            if($_POST["admin"]=="yes"){

                setcookie(Admin_my_site, $_POST['admin'], $hour);

                print("<span style=\"float: left; text-align: left; padding: 5px 5px 5px 5px;\">Welcome ".$myusername."! <br />Visit your <a style=\"text-decoration: none;\" onmouseover=\"this.style.textDecoration='underline';\" onmouseout=\"this.style.textDecoration='none';\" href=\"login/member.php\">member's stat</a> <br /><a style=\"text-decoration: none;\" href=\"login/logout.php\" onmouseover=\"this.style.textDecoration='underline';\" onmouseout=\"this.style.textDecoration='none';\" >Logout</a></span>");

            }else{

                setcookie(User_my_site, $_POST['admin'], $hour);

                print("<span style=\"float: left; text-align: left; padding: 5px 5px 5px 5px;\">Welcome <span id=\"myusername\">".$myusername."</span>! <br />Visit your <a style=\"text-decoration: none;\" href=\"login/member.php\" onmouseover=\"this.style.textDecoration='underline';\" onmouseout=\"this.style.textDecoration='none';\" >member's stat</a> <br /><a style=\"text-decoration: none;\" href=\"login/logout.php\" onmouseover=\"this.style.textDecoration='underline';\" onmouseout=\"this.style.textDecoration='none';\" >Logout</a></span>");

            }

            //then redirect them to the members area

            //header("Location: login/member.php");

            //print("Welcome".$username);

            //header("Location: login/member.php");

            //header("Location: ");

            

        }

    }

}else{

    // if they are not logged in

    login();

}

?>

</div>

logout.php

PHP Code:


<?php

ob_start();

include("dbconnection.php");

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

<title>Logout</title>

</head>



<body>

<?php

$past = time() - 100;

//this makes the time in the past to destroy the cookie

setcookie(ID_my_site, gone, $past);

setcookie(Key_my_site, gone, $past);

setcookie(Admin_my_site, gone, $past);

header("Location: ../index.php");

?> 

</body>

</html>

Thread: login problems

Thread Tools

Display

Threaded View

login problems

Posting Permissions