473,765 Members | 2,034 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Login script seems to work, but members-only pages won't allow access.

3 New Member
I have a login script that use to work, but for some reason it does not work now!

You guys can test it here:

http://lamezz.com/_NEW/login.php

USER: test
PASS: test

it uses a script that is in the bin folder, and the members pages has a PHP code in it to tell the script to give access to the user.

I will reveal any script you guys wanna see!

Pleas Help!
Sep 22 '07 #1
12 2347
Atli
5,058 Recognized Expert Expert
Hi Lamez. Welcome to The Scripts!

This looks like a problem with your login script. I would guess your user information is not being stored the way you want it to.

Could you post the login script?, and maybe the part of the script in the Members area that checks if you are logged in?
Sep 23 '07 #2
pbmods
5,821 Recognized Expert Expert
Heya, lamez.

Changed thread title to better describe the problem (did you know that threads whose titles do not follow the Posting Guidelines actually get FEWER responses?).

Make sure session_start() is at the top of each page.
Sep 23 '07 #3
lamez
3 New Member
Sorry guys, I am new and I need some help!

here is my login form

Expand|Select|Wrap|Line Numbers
  1.      <form action="_bin_/login.php" method="post" onSubmit="return validate()">
  2.        <p class="center">
  3.          Username:&nbsp; <input type="text" name="username" size="20">
  4.          <br />
  5.          <br />
  6.          Password:&nbsp;&nbsp; <input type="password" name="password" size="20">
  7.          <br />
  8.          </p>
  9.          <p class="center">
  10.           <input type="submit" value="Log In">
  11.          <br />
  12.          <br />
  13.         <a href="?id=forgot_password">Forgot Password?</a>
  14.        </p>
  15.       </form>
Here is my login script
Expand|Select|Wrap|Line Numbers
  1. <?php
  2. ob_start(); // <-- move to top
  3. ?>
  4. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  5. <html xmlns="http://www.w3.org/1999/xhtml">
  6. <head>
  7. <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
  8. <link rel="stylesheet" type="text/css" href="../style/default.css"/>
  9. <title>Lamez`s Corner</title>
  10. </head>
  11. <body>
  12.  
  13.  <div class="logo"><img src="../style/img/logo.gif" alt="Lamez's Corner" /></div>
  14.  
  15.  
  16.   <div class="menu">
  17.    <ul>        
  18.     <li class="nonselected"><a href="../index.php">Home</a></li>
  19.     <li class="nonselected"><a href="../_login/_members/members.php">Members</a></li>
  20.     <li class="selected"><a href="../login.php">Login</a></li>
  21.     <li class="nonselected"><a href="../register.php">Register</a></li>
  22.     <li class="nonselected"><a href="../about_me/about.php">About Me</a>
  23.    </ul>
  24.   </div>
  25.  
  26. <div class="box">
  27.   <h4>Logging In</h4>
  28.    <p class="center">
  29. <?php
  30. ob_start();
  31.  
  32. include("config.php"); 
  33.  
  34. // connect to the mysql server 
  35. $link = mysql_connect($server, $db_user, $db_pass) 
  36. or die ("Could not connect to mysql because ".mysql_error()); 
  37.  
  38. // select the database
  39. mysql_select_db($database) 
  40. or die ("Could not select database because ".mysql_error()); 
  41.  
  42. $match = "select id from $table where username = '".$_POST['username']."' 
  43. and password = '".$_POST['password']."';"; 
  44.  
  45. $qry = mysql_query($match) 
  46. or die ("Could not match data because ".mysql_error()); 
  47. $num_rows = mysql_num_rows($qry); 
  48.  
  49. if ($num_rows <= 0) { 
  50. echo "Invalid Username or Password<br>"; 
  51. echo "<br />";
  52. echo "<a href=../login.php>Try again</a>"; 
  53. echo "</p>";
  54. exit;
  55.  
  56. } else { 
  57.  
  58. setcookie("loggedin", "".$_POST['username']."", time()+(3600 * 24));
  59.  
  60. echo "<p class=logging>";
  61. echo "Welcome <strong>".$_POST['username']."</strong><br />"; 
  62. echo "</p>";
  63.  
  64.  
  65. }
  66. ob_end_flush();
  67. ?>
  68.    <br />
  69.    <center><img src="../style/img/loading.gif"  alt="Loading Bar" /></center>
  70.    <meta http-equiv="Refresh" content="5; URL=../_login/_members/members.php">
  71.   </p>
  72. </div>
  73.  <div class="footer">
  74.     <p> Site Template &amp; Original Site Content
  75.      <br />© 2007-2008 <a href="mailto:lamez@lamezz.com">James Little</a>
  76.     </p>
  77.  </div>
  78.  
  79.     <div class="spacer">
  80.     </div>
  81.  
  82. </body>
  83. </html>
Here is the PHP block in the members page

Expand|Select|Wrap|Line Numbers
  1.    <?php
  2.    $username = $_COOKIE['loggedin'];
  3.    if (!isset($_COOKIE['loggedin'])) die("Please login to view this page.");
  4.    echo "Welcome $username";
  5.    ?>
-Thanks Guys
Sep 23 '07 #4
karlectomy
64 New Member
I think there is a discrepency in your cookie. Try var dumping your cookie on the member page and check the variables. Also, server side sessions are much more elegant than cookies especially when dealing with logging in. Theoretically, someone could make their own cookie on their machine to mimic your cookie and log themselves in.
Sep 23 '07 #5
lamez
3 New Member
I am new to PHP, could you explain more, thanks!
Sep 23 '07 #6
karlectomy
64 New Member
[PHP]var_dump()[/PHP] is a valuable function which prints any data stored in a variable to the page where it is called;

example:
Expand|Select|Wrap|Line Numbers
  1. $array[0] = 1;
  2. $array[1] = 2;
  3.  
  4. var_dump($array);
  5.  
This will output something like
array(2) { [0]=> int(1) [1]=> int(2) }

you can call [PHP]var_dump()[/PHP] on any variable such as cookie data.

Sessions are a whole other chapter...
Sep 23 '07 #7
Atli
5,058 Recognized Expert Expert
I agree with karlectomy. You should use Sessions instead of cookies. It would be a lot more secure.

Check out this article I wrote about Sessions if you want to try it. Should show you exactly what you need.
Sep 24 '07 #8
karlectomy
64 New Member
Check out this article I wrote about Sessions if you want to try it.
Atli,

Great article, btw. Nice, simple examples. I usually pass the session ID as a GET var, I wasn't aware you could pass as POST.

Could you fill me in on how you POST your SID?

also, is there a way to encode the SID In a URL Parameter?
Sep 24 '07 #9
Atli
5,058 Recognized Expert Expert
Atli,

Great article, btw. Nice, simple examples. I usually pass the session ID as a GET var, I wasn't aware you could pass as POST.

Could you fill me in on how you POST your SID?

also, is there a way to encode the SID In a URL Parameter?
I'm not sure what you mean. How do you pass the session ID?

PHP will try to pass the session ID automatically. By default it will try to save it as a cookie, if that fails it tries to send it via POST. If that is not possible it will try to pass it in the URL, through GET.
Sep 24 '07 #10

Sign in to post your reply or Sign up for a free account.

Similar topics
2
4164
Yahoo Login Issues
by: bryce21 | last post by:
I'm trying to write a script that logs into Yahoo Fantasy Football. Once logged in, I'll be able to grab stats and various other pieces of info about our league. The problem I'm having deals with actually logging in programatically. I've been using Snoopy to help with the user agent side of things and it seems to work well. I can successfully put together a valid yahoo login URL based on username/password/challenge. It looks like the...
PHP
2
8466
Automatic login via asp (vb) .net
by: Paul M. | last post by:
Hi, we have 2 www systems one which we wrote ourselves the other is a parent company one over which we have no control. The 2nd system involves the user having to enter a username & password in a login screen. Is there any way of calling the 2nd systems login page and having the username & password be inserted automatically? This auto passing in of information might also be applied to optins selection so instead of manually clicking on...
HTML / CSS
12
2443
Javascript login
by: GreenBayFan | last post by:
Hello, I am a computer science major. I have had HTML and Java, but not any JavaScript. I know they are similar, but there seem to be a lot of functions and methods I am not familiar with. Plus I don't have a good understanding of what Java can do within the web environment. (My Java classes concentrated on console based applications.) What I want is a simple Java Login box for "Apartment Number" that takes that value and assigns it to a...
Javascript
0
5859
godaddy login via curl php script
by: nfhm2k | last post by:
I've been trying to find a solution to this for quite some time now... I even took a look at existing scripts... Including this one... http://groups.google.co.uk/group/comp.lang.php/browse_thread/thread/2e052386da903425/b03ec83ac55273a2?lnk=st&q=&rnum=1#b03ec83ac55273a2 Everyone on that post seems to say its to do with the cookie's, yet if infact they had tried this script they would have found that even with the cookies enabled this...
PHP
1
6436
OnAuthenticate Event, Login Controls
by: pj | last post by:
I'm trying to redirect users to another page after they Authenticate with the ASP.NET login controls. The user is able to login, but I can't get the response.redirect to work. Can anyone help? My code is below. Thanks, pj mcdba, mcp
ASP.NET
2
1933
Multiple field login and a related question
by: dylanhughes | last post by:
I'm looking for an example of a login system that has multiple fields (2 to be exact) + password. e.g username, company name and password, the user, company and password are checked against a mysql database. I have it working with just the username field but I'm confused on how to go about adding another field. I'm pretty new to PHP so don't beat me up too much for this example code, I borrowed and hacked it together in a very short period...
PHP
10
1960
nathj
Designing a Login Process for a site
by: nathj | last post by:
Hi, I have a quick favour to ask - would someone please check over this concept for me? Basically I need to generate a login script and while time is on my side I want to invest in writing my own so that I fully understand and can fully control what is going on. When a visitor applies for membership they assign themselves a password that is hashed and stored in the database. I do not have, nor do I want a remember-me (stay logged in)...
PHP
3
1142
Login problem
by: harsh9892991141 | last post by:
every time enter my login id and password in my index page it shows me the error 404 Object not found! The requested URL was not found on this server. The link on the referring page seems to be wrong or outdated. Please inform the author of that page about the error. If you think this is a server error, please contact the webmaster. Error 404 127.0.0.1
PHP
9
7531
admin login
by: adweaver | last post by:
Hello All, I'm new to the world of php. I've just had a site designed for me by a company, and I'm now trying to manage and grow it, so it will suit my needs. The site was built in a folder called mysite.com/test. I coppied this folder a number of times, so I now have mysite.com/test2, mysite.com/test3 etc. Each folder acts as its own landing page. they setup an interface where we can control the upsells presented to the customer;...
PHP
0
9568
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...
General
0
9399
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
Windows Server
0
10163
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
C / C++
0
10007
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
0
9835
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
General
0
8832
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
Career Advice
1
7379
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
Microsoft Access / VBA
1
3924
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
C# / C Sharp
2
3532
muto222
How to add payments to a PHP MySQL app.
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
PHP

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us