login problem (solved)

Place for questions and answers for all newcomers and new coders. This is a free for all forum, no question is too stupid and to noob.
Post Reply
Connor
Posts: 13
Joined: Wed Jan 18, 2017 5:41 am

login problem (solved)

Post by Connor »

Hey there!

So i downloaded a forum script for my game, and it works perfectly except from when you login to the game, you have to login to the forum separately for it to work (the users are stored into the same database).
How would i go about making it so when you login to the game, it logs into the forum as well!
Sorry if i didn't explain it too well, i've been trying to find a solution for days :(
I've added all the scripts i could think the problem could be.




Forum sign in page :

Code: Select all

<?php
//signin.php
include 'connect.php';
include '/forum/header.php';

echo '<h3>Sign in</h3><br />';

//first, check if the user is already signed in. If that is the case, there is no need to display this page
if(isset($_SESSION['signed_in']) && $_SESSION['signed_in'] == true)
{
	echo 'You are already signed in, you can <a href="signout.php">sign out</a> if you want.';
}
else
{
	if($_SERVER['REQUEST_METHOD'] != 'POST')
	{
		/*the form hasn't been posted yet, display it
		  note that the action="" will cause the form to post to the same page it is on */
		echo '<form method="post" action="">
			Username: <input type="text" name="name" /><br />
			Password: <input type="password" name="password"><br />
			<input type="submit" value="Sign in" />
		 </form>';
	}
	else
	{
		/* so, the form has been posted, we'll process the data in three steps:
			1.	Check the data
			2.	Let the user refill the wrong fields (if necessary)
			3.	Varify if the data is correct and return the correct response
		*/
		$errors = array(); /* declare the array for later use */
		
		if(!isset($_POST['name']))
		{
			$errors[] = 'The username field must not be empty.';
		}
		
		if(!isset($_POST['password']))
		{
			$errors[] = 'The password field must not be empty.';
		}
		
		if(!empty($errors)) /*check for an empty array, if there are errors, they're in this array (note the ! operator)*/
		{
			echo 'Uh-oh.. a couple of fields are not filled in correctly..<br /><br />';
			echo '<ul>';
			foreach($errors as $key => $value) /* walk through the array so all the errors get displayed */
			{
				echo '<li>' . $value . '</li>'; /* this generates a nice error list */
			}
			echo '</ul>';
		}
		else
		{
			//the form has been posted without errors, so save it
			//notice the use of mysql_real_escape_string, keep everything safe!
			//also notice the sha1 function which hashes the password
			$sql = "SELECT 
						id,
						name,
						access
					FROM
						players
					WHERE
						name = '" . mysql_real_escape_string($_POST['name']) . "'
					AND
						password = '" . md5($_POST['password']) . "'";
						
			$result = mysql_query($sql);
			if(!$result)
			{
				//something went wrong, display the error
				echo 'Something went wrong while signing in. Please try again later.';
				//echo mysql_error(); //debugging purposes, uncomment when needed
			}
			else
			{
				//the query was successfully executed, there are 2 possibilities
				//1. the query returned data, the user can be signed in
				//2. the query returned an empty result set, the credentials were wrong
				if(mysql_num_rows($result) == 0)
				{
					echo 'You have supplied a wrong user/password combination. Please try again.';
				}
				else
				{
					//set the $_SESSION['signed_in'] variable to TRUE
					$_SESSION['player'] = true;
					
					//we also put the user_id and name values in the $_SESSION, so we can use it at various pages
					while($row = mysql_fetch_assoc($result))
					{
						$_SESSION['id'] 	= $row['id'];
						$_SESSION['name'] 	= $row['name'];
						$_SESSION['access'] = $row['access'];
					}
					
					echo 'Welcome, ' . $_SESSION['name'] . '. <br /><a href="forum.php">Proceed to the forum overview</a>.';
				}
			}
		}
	}
}

include '/forum/footer.php';
?>

Game login authentication (using halls old mmorpg tuts for a base)

Code: Select all

<?php
include_once 'connect.php';
session_start();

if (isset($_POST['submit']))
{
  $player=$_POST['player'];
  $password=$_POST['password'];
  $player=strip_tags($player);
  $password=strip_tags($password);
  $password=md5($password);
  $bypass = 0;
$playerinfo="SELECT * from players where name='$player'";
$playerinfo2=mysql_query($playerinfo) or die("could not get player stats!");
$playerinfo3=mysql_fetch_array($playerinfo2);

  $query = "select name,password from players where name='$player' and '$password'";
  $result = mysql_query($query) or die("Could not query players");
  $result2 = mysql_fetch_array($result);
  if ($result2)
	  if($playerinfo3['ban'] == 1)
{
	echo "<center>";
echo "<big>You're Banned.<br></big>";
echo "<A href='login.php'>Back to login page.</a></big>";
echo "</center>";
exit;

}
else
  { 
    $_SESSION['player']=$player;
	
    
    echo "<big>Logged in successfully<br>";
    echo "<A href='index.php'>Continue</a></big>";
  }
  else
  {
   echo "<big>Wrong username or password.<A href='login.php'>Try Again</a></big>";
  }
}
?>


Reply.php (when replying to a topic)

Code: Select all

<?php
//create_cat.php
include 'connect.php';
include '/forum/header.php';

if($_SERVER['REQUEST_METHOD'] != 'POST')
{
	//someone is calling the file directly, which we don't want
	echo 'This file cannot be called directly.';
}
else
{
	//check for sign in status
	if(!$_SESSION['player'])
	{
		echo 'You must be signed in to post a reply.';
	}
	else
	{
		//a real user posted a real reply
		$sql = "INSERT INTO 
					posts(post_content,
						  post_date,
						  post_topic,
						  post_by) 
				VALUES ('" . $_POST['reply-content'] . "',
						NOW(),
						" . mysql_real_escape_string($_GET['id']) . ",
						" . $_SESSION['id'] . ")";
						
		$result = mysql_query($sql);
						
		if(!$result)
		{
			echo 'Your reply has not been saved, please try again later.';
		}
		else
		{
			echo 'Reply has been saved, check out <a href="topic.php?id=' . htmlentities($_GET['id']) . '">the topic</a>.';
			header('Location: forum.php');
		}
	}
}

include '/forum/footer.php';
?>
Create topic page

Code: Select all

<?php
//create_topic.php
include 'connect.php';
include '/forum/header.php';

echo '<h2>Create a topic</h2>';
if($_SESSION['player'] == false)
{
	//the user is not signed in
	echo 'Sorry, you have to be <a href="/forum/signin.php">signed in</a> to create a topic.';
}
else
{
	//the user is signed in
	if($_SERVER['REQUEST_METHOD'] != 'POST')
	{	
		//the form hasn't been posted yet, display it
		//retrieve the categories from the database for use in the dropdown
		$sql = "SELECT
					cat_id,
					cat_name,
					cat_description
				FROM
					categories";
		
		$result = mysql_query($sql);
		
		if(!$result)
		{
			//the query failed, uh-oh :-(
			echo 'Error while selecting from database. Please try again later.';
		}
		else
		{
			if(mysql_num_rows($result) == 0)
			{
				//there are no categories, so a topic can't be posted
				if($_SESSION['access'] == 3)
				{
					echo 'You have not created categories yet.';
				}
				else
				{
					echo 'Before you can post a topic, you must wait for an admin to create some categories.';
				}
			}
			else
			{
		
				echo '<form method="post" action="">
					Subject: <input type="text" name="topic_subject" /><br />
					Category:'; 
				
				echo '<select name="topic_cat">';
					while($row = mysql_fetch_assoc($result))
					{
						echo '<option value="' . $row['cat_id'] . '">' . $row['cat_name'] . '</option>';
					}
				echo '</select><br />';	
					
				echo 'Message: <br /><textarea name="post_content" /></textarea><br /><br />
					<input type="submit" value="Create topic" />
				 </form>';
			}
		}
	}
	else
	{
		//start the transaction
		$query  = "BEGIN WORK;";
		$result = mysql_query($query);
		
		if(!$result)
		{
			//Damn! the query failed, quit
			echo 'An error occured while creating your topic. Please try again later.';
		}
		else
		{
	
			//the form has been posted, so save it
			//insert the topic into the topics table first, then we'll save the post into the posts table
			$sql = "INSERT INTO 
						topics(topic_subject,
							   topic_date,
							   topic_cat,
							   topic_by)
				   VALUES('" . mysql_real_escape_string($_POST['topic_subject']) . "',
							   NOW(),
							   " . mysql_real_escape_string($_POST['topic_cat']) . ",
							   " . $_SESSION['id'] . "
							   )";
					 
			$result = mysql_query($sql);
			if(!$result)
			{
				//something went wrong, display the error
				echo 'An error occured while inserting your data. Please try again later.<br /><br />' . mysql_error();
				$sql = "ROLLBACK;";
				$result = mysql_query($sql);
			}
			else
			{
				//the first query worked, now start the second, posts query
				//retrieve the id of the freshly created topic for usage in the posts query
				$topicid = mysql_insert_id();
				
				$sql = "INSERT INTO
							posts(post_content,
								  post_date,
								  post_topic,
								  post_by)
						VALUES
							('" . mysql_real_escape_string($_POST['post_content']) . "',
								  NOW(),
								  " . $topicid . ",
								  " . $_SESSION['id'] . "
							)";
				$result = mysql_query($sql);
				
				if(!$result)
				{
					//something went wrong, display the error
					echo 'An error occured while inserting your post. Please try again later.<br /><br />' . mysql_error();
					$sql = "ROLLBACK;";
					$result = mysql_query($sql);
				}
				else
				{
					$sql = "COMMIT;";
					$result = mysql_query($sql);
					
					//after a lot of work, the query succeeded!
					echo 'You have succesfully created <a href="topic.php?id='. $topicid . '">your new topic</a>.';
				}
			}
		}
	}
}

include '/forum/footer.php';
?>
Last edited by Connor on Tue Jan 24, 2017 1:33 am, edited 1 time in total.
User avatar
Jackolantern
Posts: 10893
Joined: Wed Jul 01, 2009 11:00 pm

Re: login problem

Post by Jackolantern »

I would say the best course of action is to likely plug into the forum with the game. Have people log into the forum first, and then feed off of this for the game. The forum likely has a much more complex login and authorization feature, or at least the game likely will be more flexible in how it handles authorization.

You will also need to ensure that the forum is using database sessions. How this is done will vary depending on the forum, but I am sure it is an option since changing from volatile memory sessions to database-backed sessions is going to be a requirement for all forum software to scale-up. But once you have done that, the session data will be much easier to access from the game.
The indelible lord of tl;dr
Connor
Posts: 13
Joined: Wed Jan 18, 2017 5:41 am

Re: login problem

Post by Connor »

Jackolantern wrote:I would say the best course of action is to likely plug into the forum with the game. Have people log into the forum first, and then feed off of this for the game. The forum likely has a much more complex login and authorization feature, or at least the game likely will be more flexible in how it handles authorization.

You will also need to ensure that the forum is using database sessions. How this is done will vary depending on the forum, but I am sure it is an option since changing from volatile memory sessions to database-backed sessions is going to be a requirement for all forum software to scale-up. But once you have done that, the session data will be much easier to access from the game.
I tried that (getting them to login to the forum first) no luck :(
I am 100% sure it is doable, i just don't have the knowledge to be able to do it haha
User avatar
hallsofvallhalla
Site Admin
Posts: 12031
Joined: Wed Apr 22, 2009 11:29 pm

Re: login problem

Post by hallsofvallhalla »

Its a cookie most likely. The forum is creating it and looking for it while your login is not.
Connor
Posts: 13
Joined: Wed Jan 18, 2017 5:41 am

Re: login problem

Post by Connor »

hallsofvallhalla wrote:Its a cookie most likely. The forum is creating it and looking for it while your login is not.

How would i do that? I'm clueless
User avatar
hallsofvallhalla
Site Admin
Posts: 12031
Joined: Wed Apr 22, 2009 11:29 pm

Re: login problem

Post by hallsofvallhalla »

Sorry I meant session. Your game uses session 'player' while your forums use 'signed_in'

add this to you game authentication script after they successfully login.

$_SESSION['signed_in'] == true
Connor
Posts: 13
Joined: Wed Jan 18, 2017 5:41 am

Re: login problem

Post by Connor »

hallsofvallhalla wrote:Sorry I meant session. Your game uses session 'player' while your forums use 'signed_in'

add this to you game authentication script after they successfully login.

$_SESSION['signed_in'] == true
That makes sense! But, i tried that and

Code: Select all

Notice: Undefined index: ..
The line is :

Code: Select all

" . $_SESSION['id'] . ")";
I keep getting that error, sorry for the constant posts about this, really want it fixed haha
User avatar
hallsofvallhalla
Site Admin
Posts: 12031
Joined: Wed Apr 22, 2009 11:29 pm

Re: login problem

Post by hallsofvallhalla »

sorry my bad. It is only suppose to be 1 = not ==

$_SESSION['signed_in'] = true
Connor
Posts: 13
Joined: Wed Jan 18, 2017 5:41 am

Re: login problem

Post by Connor »

hallsofvallhalla wrote:sorry my bad. It is only suppose to be 1 = not ==

$_SESSION['signed_in'] = true

I kept getting a notice when i added it, so i added 'id' (the line that had the error) into my authenticate as well and it works.
Thank you!!
User avatar
hallsofvallhalla
Site Admin
Posts: 12031
Joined: Wed Apr 22, 2009 11:29 pm

Re: login problem

Post by hallsofvallhalla »

Nice glad you got it working.
Post Reply

Return to “Beginner Help and Support”