Results 1 to 6 of 6
  1. #1
    Join Date
    Jul 2004
    Posts
    494

    Unanswered: Why username doesn't show during login

    Why isn't the username showing when I login?
    PHP Code:
    <?php
        
    # login.php
        
    if ($_SERVER['REQUEST_METHOD'] == 'POST'){
        
    session_start();
        
    $_SESSION['logged_in'] = true;
        
        
    header('HTTP/1.1 303 See Other');
    }
    header('Location: index.php');
    ?>
    PHP Code:
    <?php
    # index.php
    session_start();
    $logged_in = isset($_SESSION['logged_in']);
    include(
    "../dbconnection.php");
    //say goodbye to magic_quotes_gpc! no false security.

    $errors = array();

    if(
    $_SERVER['REQUEST_METHOD'] == "POST"){
        if(empty(
    $_POST['username'])){
            
    $errors[] = "username was empty";
        }
        if(empty(
    $_POST['password'])){
            
    $errors[] = "password was empty";
        }
        if(empty(
    $_POST['email'])){
            
    $errors[] = "e-mail was empty";
        }
        if(
    count($errors) == 0){
            
    //fix magic_quotes_gpc() being on
            
    if(get_magic_quotes_gpc()){
                foreach(
    $_GET as $k => $v){
                    
    $_GET[$k] = stripslashes($v);
                }
                foreach(
    $_POST as $k => $v){
                    
    $_POST[$k] = stripslashes($v);
                }
                foreach(
    $_COOKIE as $k => $v){
                    
    $_COOKIE[$k] = stripslashes($v);
                }
            }
            
    //Checks if there is a login cookie
            
    if(isset($_COOKIE['ID_my_site'])){ //if there is, it logs you in and directs you to the members page
            
    $myusername $_COOKIE['ID_my_site'];
            
    $pass $_COOKIE['Key_my_site'];
            
    $admin $_COOKIE['Admin_my_site'];
            
    $user $_COOKIE['User_my_site'];    
            
    $sql "SELECT * FROM ";
            if(
    $admin=="yes"){
                
    $sql .= $dbTable2;
            }else{
                
    $sql .= $dbTable;
            }
            
    $sql .= " WHERE username = '".mysql_real_escape_string($myusername)."'";
            
    $check mysql_query($sql)or die(mysql_error());
            while(
    $info mysql_fetch_array$check )){
                if(
    $pass == $info['password']){
                    
    $writeusername "Welcome ".$myusername."! <br />Visit your <a href=\"member.php\">member's stat</a> <br /><a href=\"login/logout.php\">Logout</a>";
                }
            }
        }
        
    //variable to keep track of whether to show the user the login form or not
        
    $showlogin true//we show the form by default, -unless- we know they have logged in

        //if the login form is submitted
        
    if (isset($_POST['submit'])){ // if form has been submitted
            
    if(!$_POST['username'] || !$_POST['pass']) {// makes sure they filled it in
                
    $writeemptyfield "<tr><td colspan=\"2\" style=\"text-align: left; color: red;\">You did not fill in a required field.</td></tr>";
            }
    // checks it against the database
            
    $_POST['email'] = mysql_real_escape_string($_POST['email']);
            
    $db['username'] = mysql_real_escape_string($_POST['username']);
            
    $sql "SELECT * FROM ";
            if(
    $admin=="yes"){
                
    $sql .= $dbTable2;
            }else{
                
    $sql .= $dbTable;
            }
            
    $sql .= " WHERE username = '".$db['username']."'";
            
    $check mysql_query($sql) or die(mysql_error());
            
    //Gives error if user dosen't exist
            
    $check2 mysql_num_rows($check);
            if (
    $check2 == 0) {
                
    $writeusernoexist "<tr><td colspan=\"2\" style=\"text-align: left; color: red;\">That user does not exist in our database.</td></tr>";
            }
            while(
    $info mysql_fetch_array$check )){
                
    $_POST['pass'] = md5($_POST['pass']);
                    
    //gives error if the password is wrong
                    
    if ($_POST['pass'] != $info['password']){
                        
    $writewrongpassword "<tr><td colspan=\"2\" style=\"text-align: left; color: red;\">Incorrect password, please try again.</td></tr>";
                    }else{
                        
    // if login is ok then we add a cookie
                        
    $hour time() + 3600;
                        
    setcookie("ID_my_site"$_POST['username'], $hour);
                        
    setcookie("Key_my_site"$_POST['pass'], $hour);
                        
                        
    //they are logged in. no need to show the login form
                        
    $showlogin false;
                        if(
    $_POST["admin"]=="yes"){
                            
    setcookie("Admin_my_site"$_POST['admin'], $hour);
                        }else{
                            
    setcookie("User_my_site"$_POST['admin'], $hour);
                        }
                        
    header("Location: login.php");
                    }
                }
            }
        }
    }

    //$_SESSION['logged_in'] = 1;    
    ?>

    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Login</title>
    </head>

    <body>
    <?php if ($logged_in): ?>
    <form action="<?php echo "logout.php";//$_SERVER['PHP_SELF'];?>" method="POST">
    <span style="float: left; text-align: left; padding: 5px 5px 5px 5px;">
      Welcome <span id="myusername"><?php echo $writeusername?> </span>!<br />
      Visit your <a style="text-decoration: none;" href="member.php" onmouseover="this.style.textDecoration='underline';" onmouseout="this.style.textDecoration='none';" >member's stat</a><br />
      <input type="submit" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C; color: #ffffff; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-weight: bold; width: 100px; height: 20px;" name="submit" onMouseOver="this.style.backgroundColor='#B4B3A9'" onMouseOut="this.style.backgroundColor='#7C7C7C'" value="Logout" />
    </span>
    </form>

    <?php else: ?>

    <form action="<?php echo "login.php";//$_SERVER['PHP_SELF'];?>" method="POST">
    <table border="0">
            <tr>
                <td>Administrator:</td><td><input type="checkbox" id="adminid" name="admin" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C;" value="no" onClick="if(this.value=='no'){this.value='yes'; document.getElementById('register').style.display = 'none';} else{this.value='no';document.getElementById('register').style.display = 'block';};" /></td>
           </tr>
    <?php echo $writeemptyfield?>
    <?php 
    echo $writeusernoexist?>
            <tr>
                <td>Username:</td>
                <td><input type="text" name="username" id="username" style="float: left; border: 1px solid #7C7C7C; font: 9px verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 100px; height: 15px;" value="User Name" onBlur="if (this.value == '') this.value = 'User Name';" onFocus="if (this.value == 'User Name') this.value = '';" /></td>
           </tr>
    <?php echo $writewrongpassword?>        
            <tr>
                <td>Password:</td><td><input type="password" style="float: left; border: 1px solid #7C7C7C; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; width: 100px; height: 15px;" name="pass" id="pass" /></td></tr>
            <tr>
                <td><a id="register" href="login/register.php" style="float: left; display: block; background-color: #7C7C7C; text-align: left; padding: 0px 0px 0px 5px; width: 80px; height: 20px; text-decoration: none; color: #ffffff; border: 1px solid #7C7C7C; font-weight: bold;" onMouseOver="this.style.backgroundColor='#B4B3A9'" onMouseOut="this.style.backgroundColor='#7C7C7C'">Register</a></td><td align="right"><input type="submit" style="float: left; border: 1px solid #7C7C7C; background-color: #7C7C7C; color: #ffffff; font: 9pt verdana, geneva, lucida, 'lucida grande', arial, helvetica, sans-serif; font-weight: bold; width: 100px; height: 20px;" name="submit" onMouseOver="this.style.backgroundColor='#B4B3A9'" onMouseOut="this.style.backgroundColor='#7C7C7C'" value="Login" /></td>
            </tr>
        </table>
    </form>
    <?php endif; ?> 
    </body>
    </html>

  2. #2
    Join Date
    Nov 2004
    Location
    out on a limb
    Posts
    13,692
    Provided Answers: 59
    username isn't shown where?
    where do you set the value of username
    have you checked to make certain there is a value in username
    have you checked the spelling is the same
    are you using POST or GET in the calling script
    I'd rather be riding on the Tiger 800 or the Norton

  3. #3
    Join Date
    Jul 2004
    Posts
    494
    Quote Originally Posted by healdem View Post
    username isn't shown where?
    where do you set the value of username
    have you checked to make certain there is a value in username
    have you checked the spelling is the same
    are you using POST or GET in the calling script
    I'm trying to insert
    PHP Code:
    echo $sql
    but nothing shows

  4. #4
    Join Date
    Nov 2004
    Location
    out on a limb
    Posts
    13,692
    Provided Answers: 59
    so what does that tell you?
    what conditions would make $sql = ""
    what steps have you taken to make certain your logic is correct?
    have you checked that there are values in your POST variables?
    my guess is you are not calling this script using POST variables at all, probably using GET variables
    you don't set a default (initialisation) value for $sql
    you don't have an else statement on your if statements that tell you the if statement failed.

    I think you need to develop some debugging skills to work out what your script is doing. unless you are using something like Eclipse debugging in PHP can be a pig, but the die statements is useful enough


    eg
    $debugmessage = "debug data";
    //do some stuff
    $debugmessage .= "username:$username<br>";
    //do some stuff
    $debugmessage .= "initial value of sql:$sql<br>";
    //do some stuff
    $debugmessage .= "current value of sql:$sql<br>";
    //do some stuff
    $debugmessage .= "final value of sql:$sql<br>";

    die (echo $debugmessage);
    I'd rather be riding on the Tiger 800 or the Norton

  5. #5
    Join Date
    Jul 2004
    Posts
    494
    Quote Originally Posted by healdem View Post
    so what does that tell you?
    what conditions would make $sql = ""
    what steps have you taken to make certain your logic is correct?
    have you checked that there are values in your POST variables?
    my guess is you are not calling this script using POST variables at all, probably using GET variables
    you don't set a default (initialisation) value for $sql
    you don't have an else statement on your if statements that tell you the if statement failed.

    I think you need to develop some debugging skills to work out what your script is doing. unless you are using something like Eclipse debugging in PHP can be a pig, but the die statements is useful enough


    eg
    $debugmessage = "debug data";
    //do some stuff
    $debugmessage .= "username:$username<br>";
    //do some stuff
    $debugmessage .= "initial value of sql:$sql<br>";
    //do some stuff
    $debugmessage .= "current value of sql:$sql<br>";
    //do some stuff
    $debugmessage .= "final value of sql:$sql<br>";

    die (echo $debugmessage);
    WHen it comes to this login issue I can't figure it out.

  6. #6
    Join Date
    Nov 2004
    Location
    out on a limb
    Posts
    13,692
    Provided Answers: 59
    well its about time you developed some debugging skills
    I admire your persistence but....
    the message you seem to be putting across is "I can't be bothered to learn"
    if that is so then the response is often "I can't be bothered to help"

    you need to work out WHY your script isn't working
    that means analysing it, making certain that what you think the script is doing is the same as it actually is
    then you need to make certain that what the script is doing is what you want it to do.

    good practice in developing sopftware is to make certain all bases are covered
    so when you use a branching statement such as an if or case statement all outcomes are covered

    so I'd suggest when you use an if statement always use an else clause
    if (somevariable == blah)
    { //do something
    } else
    { if (AmDebugging == true)
    { //display an error message
    } else
    { //in some cases you may need to set another set of values
    }
    }

    so I'd suggest you examine your script
    start at the first IF statement, put an else clause on the end of that if statement and work out what is happening.

    FWIW I don't see where you are setting username, password or email in either of those scripts

    it can be frustrating in PHP to see a blank screen, where a script has executed but doens't seem to have done anything
    in those sort of cases peppering the PHP with die (echo "location: blah")l where blah indicates what line the code got to often helps
    make certain that the variables you are using contain values which are legit, again die (echo $variablename); can help
    I'd rather be riding on the Tiger 800 or the Norton

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •