kerbdog Posted February 11, 2011 Share Posted February 11, 2011 Hi I am having trouble with a login code which keeps producing a true value even when the password is incorrect. Just spent 4 hours writing code and I think I've gone a bit coo coo: <h1>Login</h1> <p>If you are an existing member please login below. If you are new to this site please register to obtain your unqiue login and password by <a href="register.php">clicking here.</a></p> <?php require_once('common.php'); $error = '0'; if (isset($_POST['login'])){ // Get user input $username = isset($_POST['username']) ? $_POST['username'] : ''; $password = isset($_POST['password']) ? $_POST['password'] : ''; // Try to login the user $error = loginUser($username,$password); } ?> <?php if ($error != '') {?> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" name="loginform"> <table width="100%"> <tr><td>Username:</td><td> <input name="username" type="text" /></td></tr> <tr><td>Password:</td><td> <input name="password" type="password" /></td></tr> <tr><td colspan="2" align="center"><input type="submit" name="login" value="Login" /></td></tr> </table> </form> <a href="register.php">Register</a> <?php } if (isset($_POST['login'])){ ?> <table width="100%"><tr><td><br/> <?php if ($error == '') { echo "<h1>Welcome $username! <br/>You are logged in!</h1><br/><br/>"; echo '<a href="browse_index.php"><h2>Now you can start shopping! ---CLICK HERE---</h2></a>'; } else echo $error; ?> <br/><br/><br/></td></tr></table> <?php } ?> Code for Common.php: ?php function loginUser($user,$pass){ $errorText = ''; $validUser = false; // Check user existance $pfile = fopen("users.txt","r"); rewind($pfile); //$counter=0; while (!feof($pfile)) { $line = fgets($pfile); $temp = explode(':', $line); if ($temp[5] == $user) { // User exists, check password if (trim($data[0]) == trim(md5($pass))){ $validUser= true; $_SESSION['userName'] = $user; //$counter = $counter + 1; //echo $data; } break; } } fclose($pfile); if ($validUser != false) $errorText = "Invalid username or password!"; if ($validUser == true) $_SESSION['validUser'] = true; else $_SESSION['validUser'] = false; return $errorText; } function logoutUser(){ unset($_SESSION['validUser']); unset($_SESSION['userName']); } function checkUser(){ if ((!isset($_SESSION['validUser'])) || ($_SESSION['validUser'] != true)){ header('Location: login.php'); } } ?> Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted February 11, 2011 Share Posted February 11, 2011 I'd start by var_dump()ing $error, and go from there. // Try to login the user $error = loginUser($username,$password); var_dump($error); Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.