I have the table "users" setup, but now when the script is run, it says missing fields username and pass in the "where clause" and I have no idea what I did wrong
Below is the script, I have removed my username and pass from it, but I left the part that contains my SQL Database connection information (its a PHPnet account).
Code: Select all
<?php
// Connects to your Database
mysql_connect("sql1.phpnet.us", "usernamehere", "passwordhere") or die(mysql_error());
mysql_select_db("pn_495265_login") or die(mysql_error());
//checks cookies to make sure they are logged in
if(isset($_COOKIE['ID_my_site']))
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
//if the cookie has the wrong password, they are taken to the login page
if ($pass != $info['password'])
{
$logininfo = "Account Login";
}
//otherwise they are shown the admin area
else
{
$logininfo = "Logged In!";
}
}
}
else
//if the cookie does not exist, they are taken to the login screen
{
$logininfo = "Account Login";
}
//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site']))
//if there is, it logs you in and directs you to the members page
{
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM users WHERE username = '$username'")or die(mysql_error());
while($info = mysql_fetch_array( $check ))
{
if ($pass != $info['password'])
{
}
else
{
header("Location: members.php");
}
}
}
//if the login form is submitted
if (isset($_POST['submit'])) { // if form has been submitted
// makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database
if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>');
}
while($info = mysql_fetch_array( $check ))
{
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);
//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else
{
// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);
//then redirect them to the members area
header("Location: members.php");
}
}
} else {
// if they are not logged in
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" lang="de" xml:lang="de">
<head>
</head>
<body>
<div id="font_settings" class="boxed">
<h2 class="title">Login</h2>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<p><tr><td>Username:</td><td></p>
<input type="text" name="username" maxlength="40">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="50">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
</table>
</form>
<p><a href=register.php> Register! </a></p>
<?php
}
?>
</body>
</html>
[code]
This is where the script is located: [url=http://bdamanempire.phpnet.us/login.php]http://bdamanempire.phpnet.us/login.php[/url]
And yes, its saved as a PHP file, so the script runs/compiles properly.
If anyone can help me configure my users database so I can get this running, that would be so great!
[color=#888888][size=85]Archived topic from Iceteks, old topic ID:4836, old post ID:38012[/size][/color]