Web Analytics Made Easy - StatCounter login form problem - CodingForum

Announcement

Collapse
No announcement yet.

login form problem

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    login form problem

    I am new to php, so any help would be appreciated

    My user creation page works fine, however when I try and log in, I keep getting directed to the failure page.

    Can anyone see any problems? If this is being done completely wrong, can you shed some light on how I might do it different.

    Basically I need to create users and allow them to login with secured passwords.


    CODE FOR THE USER CREATION PAGE
    <?php require_once('../Connections/catering.php'); ?>
    <?php
    function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
    {
    $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

    switch ($theType) {
    case "text":
    $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
    break;
    case "long":
    case "int":
    $theValue = ($theValue != "") ? intval($theValue) : "NULL";
    break;
    case "double":
    $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
    break;
    case "date":
    $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
    break;
    case "defined":
    $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
    break;
    }
    return $theValue;
    }

    $editFormAction = $HTTP_SERVER_VARS['PHP_SELF'];
    if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
    $editFormAction .= "?" . $HTTP_SERVER_VARS['QUERY_STRING'];
    }

    if ((isset($HTTP_POST_VARS["MM_insert"])) && ($HTTP_POST_VARS["MM_insert"] == "register_user")) {
    $md5password = md5($HTTP_POST_VARS['txtpassword']);
    $insertSQL = sprintf("INSERT INTO Users (User_name, User_Password, Reg_Date, User_Email, Last_Login, First_Name, Last_Name, Address_1, Address_2, City, `State`, Zipcode, Phone, Fax) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
    GetSQLValueString($HTTP_POST_VARS['txtname'], "text"),
    GetSQLValueString($md5password, "text"),
    GetSQLValueString($HTTP_POST_VARS['txtregdate'], "text"),
    GetSQLValueString($HTTP_POST_VARS['txtemail'], "text"),
    GetSQLValueString($HTTP_POST_VARS['txtlastlogin'],
    "text"),
    GetSQLValueString($HTTP_POST_VARS['txtfirst'], "text"),
    GetSQLValueString($HTTP_POST_VARS['txtlast'], "text"),
    GetSQLValueString($HTTP_POST_VARS['txtaddress1'], "text"),
    GetSQLValueString($HTTP_POST_VARS['txtaddress2'], "text"),
    GetSQLValueString($HTTP_POST_VARS['txtcity'], "text"),
    GetSQLValueString($HTTP_POST_VARS['txtstate'], "text"),
    GetSQLValueString($HTTP_POST_VARS['txtzipcode'], "text"),
    GetSQLValueString($HTTP_POST_VARS['txtphone'], "text"),
    GetSQLValueString($HTTP_POST_VARS['txtfax'], "text"));

    mysql_select_db($database_catering, $catering);
    $Result1 = mysql_query($insertSQL, $catering) or die(mysql_error());

    $insertGoTo = "confirm.php";
    if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $HTTP_SERVER_VARS['QUERY_STRING'];
    }
    header(sprintf("Location: %s", $insertGoTo));
    }
    ?>
    <?php
    $today=date("Y-m-d")

    ?>
    <html>
    <head>
    <title>Untitled Document</title>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    <link rel="stylesheet" href="style_sheets/catering.css" type="text/css">
    </head>

    <body>
    <table width="750" border="0" align="center" cellpadding="0" cellspacing="0">
    <tr>
    <td colspan="3"><?php require_once('nav/top_nav.php'); ?>
    </td>
    </tr>
    <tr>
    <td width="200" rowspan="2" valign="top" class="top_nav_background"><?php require_once('nav/left_nav.php'); ?>
    </td>
    <td width="550" colspan="2" valign="top" class="body_heading">Account Registration</td>
    </tr>
    <tr>
    <td width="550" colspan="2" valign="top" class="body_background"><p class="body_hyperlink">Sign
    up for an account now
    <form action="<?php echo $editFormAction; ?>" method="POST" name="register_user" id="register_user">
    <p>
    <input name="txtname" type="text" id="txtname">
    User Name </p>
    <p>
    <input name="txtpassword" type="password" id="txtpassword">
    User Password</p>
    <p>
    <input name="txtregdate" type="hidden" id="txtregdate" value="<?php echo $today?>">
    </p>
    <p>
    <input name="txtemail" type="text" id="txtemail">
    Email Address </p>
    <p>
    <input name="txtlastlogin" type="hidden" id="txtlastlogin" value="<?php echo $today?>">
    </p>
    <p>
    <input name="txtfirst" type="text" id="txtfirst">
    First Name</p>
    <p>
    <input name="txtlast" type="text" id="txtlast">
    Last Name</p>
    <p>
    <input name="txtaddress1" type="text" id="txtaddress1">
    Address Line 1</p>
    <p>
    <input name="txtaddress2" type="text" id="txtaddress2">
    Address Line 2</p>
    <p>
    <input name="txtcity" type="text" id="txtcity">
    City</p>
    <p>
    <input name="txtstate" type="text" id="txtstate">
    State</p>
    <p>
    <input name="txtzipcode" type="text" id="txtzipcode">
    Zipcode</p>
    <p>
    <input name="txtphone" type="text" id="txtphone">
    Phone</p>
    <p>
    <input name="txtfax" type="text" id="txtfax">
    Fax</p>
    <p>
    <input type="submit" name="Submit" value="Submit">
    </p>
    <input type="hidden" name="MM_insert" value="register_user">
    </form></td>
    </tr>
    <tr>
    <td colspan="3"><?php require_once('nav/bottom_nav.php'); ?>
    </td>
    </tr>
    </table>
    </body>
    </html>



    CODE FOR THE LOGIN PAGE
    <?php require_once('../Connections/catering.php'); ?>
    <?php
    // *** Validate request to login to this site.
    session_start();

    $loginFormAction = $_SERVER['PHP_SELF'];
    if (isset($accesscheck)) {
    $GLOBALS['PrevUrl'] = $accesscheck;
    session_register('PrevUrl');
    }

    if (isset($_POST['txtusername'])) {
    $loginUsername=$_POST['txtusername'];
    $password=(md5($_POST['txtpassword']));
    $MM_fldUserAuthorization = "";
    $MM_redirectLoginSuccess = "success.php";
    $MM_redirectLoginFailed = "failure.php";
    $MM_redirecttoReferrer = false;

    $LoginRS__query=sprintf("SELECT User_name, User_Password FROM Users WHERE User_name='%s' AND User_Password='$password'",
    get_magic_quotes_gpc() ? $loginUsername : addslashes($loginUsername), get_magic_quotes_gpc() ? $password : addslashes($password));

    $LoginRS = mysql_query($LoginRS__query) or die(mysql_error());
    $loginFoundUser = mysql_num_rows($LoginRS);
    if ($loginFoundUser) {
    $loginStrGroup = "";

    //declare two session variables and assign them
    $GLOBALS['MM_Username'] = $loginUsername;
    $GLOBALS['MM_UserGroup'] = $loginStrGroup;

    //register the session variables
    session_register("MM_Username");
    session_register("MM_UserGroup");

    if (isset($_SESSION['PrevUrl']) && false) {
    $MM_redirectLoginSuccess = $_SESSION['PrevUrl'];
    }
    header("Location: " . $MM_redirectLoginSuccess );
    }
    else {
    header("Location: ". $MM_redirectLoginFailed );
    }
    }
    ?>
    <html>
    <head>
    <title>Untitled Document</title>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    <link rel="stylesheet" href="style_sheets/catering.css" type="text/css">
    </head>

    <body>
    <table width="750" border="0" align="center" cellpadding="0" cellspacing="0">
    <tr>
    <td colspan="3"><?php require_once('nav/top_nav.php'); ?>
    </td>
    </tr>
    <tr>
    <td width="200" rowspan="2" valign="top" class="left_nav_background"><?php require_once('nav/left_nav.php'); ?>
    </td>
    <td width="550" colspan="2" valign="top" class="body_heading">Login</td>
    </tr>
    <tr>
    <td width="550" colspan="2" valign="top" class="body_background"><form ACTION="<?php echo $loginFormAction; ?>" method="POST" name="login">
    <p>
    <input name="txtusername" type="text" id="txtusername" size="40">
    User Name</p>
    <p>
    <input name="txtpassword" type="password" id="txtpassword" size="40">
    Password </p>
    <p>
    <input type="submit" name="Submit" value="Submit">
    </p>
    </form>
    </td>
    </tr>
    <tr>
    <td colspan="3"><?php require_once('nav/bottom_nav.php'); ?>
    </td>
    </tr>
    </table>
    </body>
    </html>
    Tags: None
  • #2
    Welcome here!

    ramsfield,

    don't get me wrong. I'm not trying to put you down or so, but i would suggest that you leave that code alone. I think you copied it from somewhere, but it is realy outdated code that uses a lott of depreciated syntax. You realy don't want to start of with outdated code.
    Instead of going through the code and 'update' or correct it, i suggest that you take a look at http://www.hotscripts.com/php and look for a few tutorials or scripts. Like here http://www.hotscripts.com/PHP/Script...ion/index.html

    if you have any questions or problems, then we'll probably be able to help you out. But i my opinion, it would not be a good idea to start from the code you posted.

    note :when posting php code, you best enclose the code in [PHP] and [/PHP] which makes it easier for us to read (colourcoding, indenting,...)
    Posting guidelines I use to see if I will spend time to answer your question : http://www.catb.org/~esr/faqs/smart-questions.html

    Comment

    Previous template Next
    Working...
    X