Jump to content

login system not working...

cheesybiscuits

By cheesybiscuits
in PHP Coding Help

 Share

Recommended Posts

cheesybiscuits Newbie

cheesybiscuits

Posted
Posted

Hi, I made a login/register system and it was working fine, but now I seem to have broken it and I'm scratching my head as to why. I think it's something to do with the $_SESSION array, the error happens from going from the login.php page to members.php, I log in successfully, but when I get to the members page it says "you must be logged in".

 

index.php has the form to login or a link to register.php to make an account

<?php session_start(); ?>
<html>
<head>
<title>Lincs Crusade | Login page.</title>
</head>
<body>
<form action="login.php" method="POST">
	Username:
	<input type="text" name="username"><br />
	Password:
	<input type="password" name="password"><br />
	<input type="submit" value="Login">
</form>
<a href="register.php">Click here to register!</a>
</body>
</html>

 

The register.php page

<?php
session_start();
echo "<h2>Register</h2>";
$submit = $_POST['submit'];
$username = strip_tags($_POST['username']); 
$password = strip_tags($_POST['password']);
$repeatpassword = strip_tags($_POST['repeatpassword']);
$email = $_POST['email'];
$date = date("Y-m-d");

if ($submit) { 
	if ($username&&$password&&$repeatpassword&&$email) {
		if ($password==$repeatpassword) {
			if (strlen($username)>65) { 
				echo "Length of username is too long!"; 
			} elseif (strlen($email)>100) { 
				echo "Length of email is too long!";
			} elseif (strlen($password)>65||strlen($password)< {
				echo "Password must be between 8 and 65 characters long!"; 
			} else {
				include('functions.php'); 
				echo "All fields were accepted! ";
				$password = md5($password);
				$repeatpassword = ($repeatpassword);
				$email = md5($email);
				connect(); 
				mysql_query(" 
					INSERT INTO users VALUES ('','$username','$password','$email','$date') 
				") or die("Could not insert values into <em>users</em> table!");
				mysql_query("
					INSERT INTO stats VALUES ('$username',10,10,0,1)
				") or die("Could not insert values into <em>stats</em> table!");
				$_SESSION['username'] == $username;
				die("You have been registered! Please return to <a href=\"index.php\">homepage</a> and login."); 
			}
		} else {
			echo "Your passwords do not match!";
		}
	} else {
		echo "Please fill in <em>all</em> fields!";
	}

}
?>
<html>
<head>
<title>Lincs Crusade | Register an Account.</title>
</head>
<body>
<form action="register.php" method="POST">
	<p>Your username:</p>
	<p>Note: Do not use your real name.</p>
	<input type="text" name="username" value="<?php echo $username ?>"/>=
	<p>Choose a password:</p>

	<input type="password" name="password" />
	<p>Please repeat password:</p>
	<input type="password" name="repeatpassword" />
	<p>Your student email:</p>
	<p>Note: This is only used for recovering a lost or forgotten password.</p>
	<input type="text" name="email" /><br />
	<input type="submit" value="Register" name="submit" />
	<p>
		Note: Your password and email are md5 encrypted. This means neither I (the author) or anyone else will be able to view your information<br />
		in plain text. For example, your password or email will look something like this "534b44a19bf18d20b71ecc4eb77c572f" once it has been encrypted.
	</p>
</form>
</body>
</html>

 

The login.php page that process the form data to access members.php page

<?php
session_start();
$username = $_POST['username'];
$password = $_POST['password'];
if ($username&&$password) {
	include('functions.php');
	connect();
	$query = mysql_query("SELECT * FROM users WHERE username='$username'");
	$numrow = mysql_num_rows($query); 
	if ($numrow!=0) { 
		while ($row = mysql_fetch_assoc($query)) {
			$dbusername = $row['username'];
			$dbpassword = $row['password'];
		}
		if ($username==$dbusername&&md5($password)==$dbpassword) { 
			echo "You're in! - <a href=\"members.php\">Proceed to the members page</a>";	
			$_SESSION['username'] == $username; 	
		} else {
			echo "Incorrect password!";
		}
	} else {
		die ("That user doesn't exist,<a href=\"register.php\">please register an account</a>");
	}	
} else {
	die("Please enter a username and password!");
} 
?>

 

The members.php page

<?php 
session_start();
?>
<html>
<head>
<title>Lincs Crusade | Members page.</title>
</head>
<body>
<?php	
	if ($_SESSION['username']) {
		echo "Welcome," .$_SESSION['username']. "!<br />";
		echo "<a href=\"stats.php\">View your stats.</a>";
	} else {
		die ("You must be logged in.");
	}
?>
</body>
</html>

 

and this is what is in the functions.php file

<?php
function connect() {
    mysql_connect("localhost","root","password") or die ("Unable to connect");
	mysql_select_db("database") or die ("Unable to find database");
}
?>

 

Thanks for your help.

 

 

 

 

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.