Web Analytics Made Easy -
StatCounter Login script help - CodingForum

Announcement

Collapse
No announcement yet.

Login script help

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Login script help

    Hey everyone, I have a bit of a problem.

    I'm trying to create a site where you can create an account, enter your length and weight and with it it calculates your BMI, or Body Mass Index.
    If it detects you are overweight(A BMI of more than 25) it calculates how much you have to lose in order to get a good BMI, or even that you can enter your desired BMI and it calculates how much you have to lose.

    Thing is... I'm already at a dead end with the login script. I've just started in PHP and SQL, but I have coded in C++ a lot before. I actually made a similar program to what I'm doing now in C++.

    I'll try to give you as much code as I can.

    This is the form:
    Code:
    <html>
    <head>
    <title>My Weight Coach</title>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    </head>
    <body bgcolor="#5c5c5c" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
    <!-- ImageReady Slices (MWCMWC.psd) -->
    <table id="Table_01" width="1024" height="769" border="0" cellpadding="0" cellspacing="0" align ="center">
    	<tr>
    		<td colspan="2" rowspan="2">
    			<img src="images/MWCMWC_01.png" width="613" height="115" alt=""></td>
    		<td>
    			<a href = "http://sanderson.bc-inf.nl/MWCLO.html"><img src="images/MWChome_02.png" width="137" height="49" border="0" alt=""></a></td>
    		<td colspan="2">
    			<img src="images/MWCMWC_03.png" width="137" height="49" alt=""></td>
    		<td>
    			<a href = "http://sanderson.bc-inf.nl/MWChome.html"><img src="images/MWCLO_04.png" width="137" height="49" border = "0" alt=""></a></td>
    	</tr>
    	<tr>
    		<td colspan="4">
    			<img src="images/MWCMWC_05.png" width="411" height="66" alt=""></td>
    	</tr>
    	<tr>
    		<td rowspan="2">
    			<img src="images/MWChome_06.png" width="137" height="653" alt=""></td>
    
    		<td colspan="3" background = "images/MWChome_07.png" width="730" height="585" alt="">
    <form id="loginForm" name="loginForm" method="post" action="login-exec.php">
      <table width="300" border="0" align="center" cellpadding="2" cellspacing="0">
        <tr>
          <td width="112"><b>Login</b></td>
          <td width="188"><input name="login" type="text" class="textfield" id="login" /></td>
        </tr>
        <tr>
          <td><b>Password</b></td>
          <td><input name="password" type="password" class="textfield" id="password" /></td>
        </tr>
        <tr>
          <td>&nbsp;</td>
          <td><input type="submit" name="Submit" value="Login" /></td>
        </tr>
      </table>
    </form>
    </td>
    		<td colspan="2" rowspan="2">
    			<img src="images/MWChome_08.png" width="157" height="653" alt=""></td>
    	</tr>
    	<tr>
    		<td colspan="3">
    			<img src="images/MWChome_09.png" width="730" height="68" alt=""></td>
    	</tr>
    	<tr>
    		<td>
    			<img src="images/spacer.gif" width="137" height="1" alt=""></td>
    		<td>
    			<img src="images/spacer.gif" width="476" height="1" alt=""></td>
    		<td>
    			<img src="images/spacer.gif" width="137" height="1" alt=""></td>
    		<td>
    			<img src="images/spacer.gif" width="117" height="1" alt=""></td>
    		<td>
    			<img src="images/spacer.gif" width="20" height="1" alt=""></td>
    		<td>
    			<img src="images/spacer.gif" width="137" height="1" alt=""></td>
    	</tr>
    </table>
    <!-- End ImageReady Slices -->
    </body>
    </html>
    As you can see, most of it is useless images for the layout.

    This is my login-exec.php script:
    Code:
    <?php
    	//Start session
    	session_start();
    	
    	//Include database connection details
    	require_once('config.php');
    	
    	//Array to store validation errors
    	$errmsg_arr = array();
    	
    	//Validation error flag
    	$errflag = false;
    	
    	//Connect to mysql server
    	$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
    	if(!$link) {
    		die('Failed to connect to server: ' . mysql_error());
    	}
    	
    	//Select database
    	$db = mysql_select_db(DB_DATABASE);
    	if(!$db) {
    		die("Unable to select database");
    	}
    	
    	//Function to sanitize values received from the form. Prevents SQL injection
    	function clean($str) {
    		$str = @trim($str);
    		if(get_magic_quotes_gpc()) {
    			$str = stripslashes($str);
    		}
    		return mysql_real_escape_string($str);
    	}
    	
    	//Sanitize the POST values
    	$login = clean($_POST['login']);
    	$password = clean($_POST['password']);
    	
    	//Input Validations
    	if($login == '') {
    		$errmsg_arr[] = 'Login ID missing';
    		$errflag = true;
    	}
    	if($password == '') {
    		$errmsg_arr[] = 'Password missing';
    		$errflag = true;
    	}
    	
    	//If there are input validations, redirect back to the login form
    	if($errflag) {
    		$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
    		session_write_close();
    		header("location: login-form.php");
    		exit();
    	}
    	
    	//Create query
    	$qry="SELECT * FROM members WHERE login='$login' AND passwd='".md5($_POST['password'])."'";
    	$result=mysql_query($qry);
    	
    	//Check whether the query was successful or not
    	if($result) {
    		if(mysql_num_rows($result) == 1) {
    			//Login Successful
    			session_regenerate_id();
    			$member = mysql_fetch_assoc($result);
    			$_SESSION['SESS_MEMBER_ID'] = $member['member_id'];
    			$_SESSION['SESS_FIRST_NAME'] = $member['firstname'];
    			$_SESSION['SESS_LAST_NAME'] = $member['lastname'];
    			session_write_close();
    			header("location: http://sanderson.bc-inf.nl/member-index.php");
    			exit();
    		}else {
    			//Login failed
    			header("location: http://sanderson.bc-inf.nl/login-failed.php");
    			exit();
    		}
    	}else {
    		die("Query failed");
    	}
    ?>
    If you need any further information, please ask and I will provide it.
    Last edited by Taze; Apr 7, 2009, 06:19 PM. Reason: Accidentally pressed enter.

  • #2
    This is your first post, and I don't want to discourage you ...
    We really do thrive on helping people.

    Problems like this are extremely hard to outsiders (like us) to solve.
    We can't run your scripts ourselves. I suggest you hire a freelancer
    that can actually go into your website files (and MySQL database) to
    figure it out.

    Maybe you could possibly word the questions like, I get this error message
    when this happens (and describe the error and line number).

    We just feel sort of helpless that we can't view it online and execute it ourselves,
    but we can't do that without installing everything on our own servers.

    Sorry, I hope someone has a better answer for you.

    Comment


    • #3
      Originally posted by mlseim View Post
      This is your first post, and I don't want to discourage you ...
      We really do thrive on helping people.

      Problems like this are extremely hard to outsiders (like us) to solve.
      We can't run your scripts ourselves. I suggest you hire a freelancer
      that can actually go into your website files (and MySQL database) to
      figure it out.

      Maybe you could possibly word the questions like, I get this error message
      when this happens (and describe the error and line number).

      We just feel sort of helpless that we can't view it online and execute it ourselves,
      but we can't do that without installing everything on our own servers.

      Sorry, I hope someone has a better answer for you.
      I understand, I already figured it would be too hard to just solve on the spot.
      I don't even get an error, I test the scripts with both a registered login that is in the database, and with a wrong one to see if either gets a reaction but all I see is a white screen.
      Due to time pressure I've decided to give up on the login system and just make a BMI calculator, which is also posing some difficulty due to the fact that I have to work with forms and across pages unlike in C++ where you can easily make something like this.

      Now if it wouldn't be too rude, I would like to request someone take a quick look at this and tell me what I'm doing wrong.
      Code:
      <form method="post" action=calculator.php>
      <b>Weight in kilograms:</b><input type="text" size="12" name="W"><br />
      <b>Length in M.CM format:</b><input type="text" size="12" name="L"><br />
      <input type="submit" value="Calculate BMI">
      This is the form I'm using. It's very simple because it only has 2 values, naturally.
      PHP Code:
      <?php
      $W 
      $_POST["W"];
      $L $_POST["L"];
      $B;

      if (
      is_numeric($W) && is_numeric($L))
      {
      $B $W * ($L $L);
      echo (
      "Your BMI is : $B");
      }
      ?>
      This is the small calculator part of calculator.php. It's nothing special yet, I just use this to see if I can get any output and improve from there, establish the existance of the $W and $L variables so to speak.

      Thanks in advance.

      Comment


      • #4
        Can you export your MySQL database i cant be bothered adding all the tables atm. It's late. P.S no need to give up the login script won't take long at all. All the code is already there just needs testing
        Last edited by timgolding; Apr 7, 2009, 07:37 PM.
        You can not say you know how to do something, until you can teach it to someone else.

        Comment


        • #5
          you don't need this

          PHP Code:
          $B
          Dont have to declare variables unlike C
          You can not say you know how to do something, until you can teach it to someone else.

          Comment


          • #6
            This works for me and can go in one file.

            PHP Code:
            <?php
            if(!isset($_POST['W']) && !isset($_POST['L']))
            echo
            '
            <form method="post" action="">
            <b>Weight in kilograms:</b><input type="text" size="12" name="W"><br />
            <b>Length in M.CM format:</b><input type="text" size="12" name="L"><br />
            <input type="submit" value="Calculate BMI">'
            ;
            else
            {
            $W $_POST["W"];
            $L $_POST["L"];

            if (
            is_numeric($W) && is_numeric($L))
            {
            $B $W * ($L $L);
            echo (
            "Your BMI is : $B");

            }
            ?>
            You can not say you know how to do something, until you can teach it to someone else.

            Comment


            • #7
              I can't see anything wrong with your script either. Except not putting "" round your action on your form tag. Not having a doctype declaration, body, head (neither do i) etc and having that useless $B; in there. None of which would stop it working. What is it outputting if anything at all. If nothing maybe you don't have apache or php installed correctly on your test machine. If it displays the PHP code on the browser as you have it there then it definitely doesn't have php installed or worst still its a file on your desktop that your just double clicking on and isn't actually on a webserver.
              Last edited by timgolding; Apr 7, 2009, 08:23 PM.
              You can not say you know how to do something, until you can teach it to someone else.

              Comment

              Working...
              X