Sessions Login Problem
#21
Posted 09 September 2007 - 11:59 AM
Closed.
#22
Posted 26 December 2007 - 09:56 PM
Now it seems I go to login, it seems that the session is not setting or reading correcly, I can login using the wrong password or username and it displays wrong user/pass like it should, but when i login with the correct information, it says Welcome 'then my username, and refreshed, but when it does it return's the login form back. Any idea why
Thank you..
$gui = mysql_query("SELECT `member_group` FROM `users` WHERE `username` = '".$_SESSION['dreamuser08']."' LIMIT 1")or die(mysql_error()); $gui = @mysql_fetch_array($gui); if($_SESSION['0a5afbd010eb55c9e4c06242c3db315e']){ echo "<p>Welcome back, $username.</p> "; $time = time(); mysql_query("UPDATE `users` SET `lastseen` = '$date' WHERE `username` = '$username' LIMIT 1"); mysql_query("UPDATE `users` SET `lastseen2` = '$time' WHERE `username` = '$username' LIMIT 1"); if($_SESSION['0a5afbd010eb55c9e4c06242c3db315e'] && $_SESSION['dreamuser08'] && $gui['member_group'] >= 2){ memberPanel(); } if($_SESSION['0a5afbd010eb55c9e4c06242c3db315e'] && $_SESSION['dreamuser08'] && $gui['member_group'] == 4){ vipPanel(); } if($_SESSION['0a5afbd010eb55c9e4c06242c3db315e'] && $_SESSION['dreamuser08'] && $gui['member_group'] == 6){ otherPanel(); } if($_SESSION['0a5afbd010eb55c9e4c06242c3db315e'] && $_SESSION['dreamuser08'] && $gui['member_group'] == 8){ moderationPanel(); } if($_SESSION['0a5afbd010eb55c9e4c06242c3db315e'] && $_SESSION['dreamuser08'] && $gui['member_group'] >= 10){ adminPanel(); } $pr = mysql_query("UPDATE `users` SET `now_page` = '".$_SERVER['REQUEST_URI']."' WHERE `username` = '".$username."'"); $log = "<p><a href=\"$domain/logout.php\">Logout</a></p> "; return $log; }else{ if(isset($_POST['login'])){ $username = htmlspecialchars($_POST['username'], ENT_QUOTES); $password = htmlspecialchars($_POST['password'], ENT_QUOTES); $password = xcrypt($password); $sql = mysql_query("SELECT * FROM `users` WHERE `username` = '$username' AND `password` = '$password'")or die(mysql_error()); if(mysql_num_rows($sql) != 0){ $_SESSION['0a5afbd010eb55c9e4c06242c3db315e'] = true; $_SESSION['dreamuser08'] = $username; $_SESSION['xcessionx'] = "006242c35a5afbd0db315e10eb9e4c5"; $stringg = "<p>Welcome back, $username, ".$_SESSION['dreamuser08'].",".$_SESSION['xcessionx']."</p> <div id=\"loading\"></div> <meta http-equiv=\"refresh\" content=\"1\"> <p></p> "; return $stringg; $time = time(); mysql_query("UPDATE `users` SET `lastseen` = '$date' WHERE `username` = '$username' LIMIT 1"); mysql_query("UPDATE `users` SET `lastseen2` = '$time' WHERE `username` = '$username' LIMIT 1"); }else{ $stringx = "<p>Sorry, you are unable to login because you have got your username/password combination wrong. Please check spelling & try again.</p>"; return $stringx; } }else{ $stringd =' <p><form action="" method="post" name="login" id="login"> <p>Username: <input name="username" class="textbox" type="text" maxlength="50" style="width: 95%;" /> Password: <input name="password" class="textbox" type="password" maxlength="50" style="width: 95%;" /></p> <p class="align-left"><input name="login" class="login" value="Login" type="submit" style="width: 95%;" /> </p> </form></p>'; return $stringd; } }
Anybody please?
Edited by rc69, 28 December 2007 - 01:57 AM.
#23
Posted 28 December 2007 - 02:00 AM
Braunson, if you're having problems with the same script, you should have pm'd me to reopen this thread. Also, you have to remember, regardless of how desperate you are, it's the holidays. 24 hours is neither enough to take this thread off of the top 5 posts, or is it enough to willingly try and help. So don't double post.
Now, before we get into another page of posts only to have the smallest detail skipped over and eventually accidentally fixed, could you point out what has changed since it was working till now? And that means everything, even if you don't think it applies to the problem.
The first few no-no's that i can see:
$time = time(); mysql_query("UPDATE `users` SET `lastseen` = '$date' WHERE `username` = '$username' LIMIT 1"); mysql_query("UPDATE `users` SET `lastseen2` = '$time' WHERE `username` = '$username' LIMIT 1"); if($_SESSION['0a5afbd010eb55c9e4c06242c3db315e'] && $_SESSION['dreamuser08'] && $gui['member_group'] >= 2){ memberPanel(); } if($_SESSION['0a5afbd010eb55c9e4c06242c3db315e'] && $_SESSION['dreamuser08'] && $gui['member_group'] == 4){ vipPanel(); } if($_SESSION['0a5afbd010eb55c9e4c06242c3db315e'] && $_SESSION['dreamuser08'] && $gui['member_group'] == 6){ otherPanel(); } if($_SESSION['0a5afbd010eb55c9e4c06242c3db315e'] && $_SESSION['dreamuser08'] && $gui['member_group'] == 8){ moderationPanel(); } if($_SESSION['0a5afbd010eb55c9e4c06242c3db315e'] && $_SESSION['dreamuser08'] && $gui['member_group'] >= 10){ adminPanel(); }
mysql_query("UPDATE `users` SET `lastseen` = '$date', `lastseen2` = '".time()."' WHERE `username` = '$username' LIMIT 1"); if($_SESSION['0a5afbd010eb55c9e4c06242c3db315e'] && $_SESSION['dreamuser08']){ if($gui['member_group'] >= 10){ adminPanel(); }elseif($gui['member_group'] == 8){ moderationPanel(); }elseif($gui['member_group'] == 6){ otherPanel(); }elseif($gui['member_group'] == 4){ vipPanel(); }elseif($gui['member_group'] >= 2){ memberPanel(); } }Note that 10 > 2 == true.
Edit... different train of thought. It almost looks like you intentionally put it in reverse order so that the member panel would be output, followed by the admin panel or which ever other panel. In which case, i'd still advise some else-if's, or better yet, a switch(). But ya, the main idea right now would be that i simplified everything by removing the first conditional from every other conditional as it is necessary in all of them.
Also, you can set multiple columns in one mysql update...
Edited by rc69, 28 December 2007 - 02:15 AM.
#24
Posted 02 January 2008 - 10:13 PM
There has been many changes, some that i dont even remember.
I've updated the script from the one you corrected.
Here is the corrected one now. Still dosn't work tho.
$time = time(); $gui = mysql_query("SELECT `member_group` FROM `users` WHERE `username` = '".$_SESSION['dreamuser08']."' LIMIT 1")or die(mysql_error()); $gui = @mysql_fetch_array($gui); mysql_query("UPDATE `users` SET `now_page` = '".$_SERVER['REQUEST_URI']."' WHERE `username` = '".$username."' LIMIT 1"); mysql_query("UPDATE `users` SET `lastseen` = '$date', `lastseen2` = '".time()."' WHERE `username` = '$username' LIMIT 1"); if($_SESSION['0a5afbd010eb55c9e4c06242c3db315e'] && $_SESSION['dreamuser08']){ if($gui['member_group'] >= 10){ adminPanel(); }elseif($gui['member_group'] == 8){ moderationPanel(); }elseif($gui['member_group'] == 6){ otherPanel(); }elseif($gui['member_group'] == 4){ vipPanel(); }elseif($gui['member_group'] >= 2){ memberPanel(); } $log = "<p><a href=\"$domain/logout.php\">Logout</a></p>"; return $log; }else{ if(isset($_POST['login'])){ $username = htmlspecialchars($_POST['username'], ENT_QUOTES); $password = htmlspecialchars($_POST['password'], ENT_QUOTES); $password = xcrypt($password); $sql = mysql_query("SELECT * FROM `users` WHERE `username` = '$username' AND `password` = '$password'")or die(mysql_error()); if(mysql_num_rows($sql) != 0){ $_SESSION['0a5afbd010eb55c9e4c06242c3db315e'] = true; $_SESSION['dreamuser08'] = $username; $_SESSION['xcessionx'] = "006242c35a5afbd0db315e10eb9e4c5"; $stringg = "<p>Welcome back, $username, ".$_SESSION['dreamuser08'].",".$_SESSION['xcessionx']."</p> <div id=\"loading\"></div> <meta http-equiv=\"refresh\" content=\"1\"> <p></p> "; return $stringg; $time = time(); mysql_query("UPDATE `users` SET `lastseen` = '$date' WHERE `username` = '$username' LIMIT 1"); mysql_query("UPDATE `users` SET `lastseen2` = '$time' WHERE `username` = '$username' LIMIT 1"); }else{ $stringx = "<p>Sorry, you are unable to login because you have got your username/password combination wrong. Please check spelling & try again.</p>"; return $stringx; } }else{ $stringd =' <p><form action="" method="post" name="login" id="login"> <p>Username: <input name="username" class="textbox" type="text" maxlength="50" style="width: 95%;" /> Password: <input name="password" class="textbox" type="password" maxlength="50" style="width: 95%;" /></p> <p class="align-left"><input name="login" class="login" value="Login" type="submit" style="width: 95%;" /> </p> </form></p>'; return $stringd; } }
#25
Posted 08 January 2008 - 12:48 AM
#26
Posted 08 January 2008 - 05:29 AM
#27
Posted 08 January 2008 - 02:27 PM
Now it seems I go to login, it seems that the session is not setting or reading correcly, I can login using the wrong password or username and it displays wrong user/pass like it should, but when i login with the correct information, it says Welcome 'then my username, and refreshed, but when it does it return's the login form back
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users