Browser MMO Video #5

Location of the Videos
Post Reply
Falken
Posts: 438
Joined: Fri May 08, 2009 8:03 pm

Re: Video#5

Post by Falken »

phq wrote:Hi,
how come when I try to login my password doesn't work I have to enter
c112ca8d2922bcaac5c64b666dc0fae0 instead of my normal pass.
You probably forgot to use md5 on the password string before comparing it to the saved one in the database.
--- Game Database ---
For all your game information needs!
Visit us at: http://www.gamedatabase.eu today!
Top
User avatar
hallsofvallhalla
Site Admin
Posts: 12026
Joined: Wed Apr 22, 2009 11:29 pm

Re: Video#5

Post by hallsofvallhalla »

yes look in authenticate.php and make sure you are md5'n the password post variable
Top
phq
Posts: 14
Joined: Fri Dec 11, 2009 7:24 am

Re: Video#5

Post by phq »

ok, i think i've fixed it :)
Top
phq
Posts: 14
Joined: Fri Dec 11, 2009 7:24 am

Re: Video#5

Post by phq »

I have made a nice login and register page :) :

Login:

Code: Select all

<?php
include 'connect.php';
?>

<table width="470" border="1">
  <tr>
    <center>
      <th width="460" scope="col"><strong><em>Login</em></strong></th></center>
  </tr>
  <tr>
    <th height="135" scope="row">
    
    <form method="post" action="authenticate.php">
Username: <input type="text" name="player" size="30" maxlength="21" />
 <br>
Password: <input type="password" name="password" size="30" maxlength="20"><br>
<br>
<input type="submit" value="Login">
</form>
</th>
  </tr>
</table>
Register:

Code: Select all

<?php
include 'connect.php';
?>

<table width="470" border="1">
  <tr>
    <center>
      <th width="460" scope="col"><strong><em>Registration</em></strong></th></center>
  </tr>
  <tr>
    <th height="135" scope="row">
    
    <form method="post" action="reguser.php">
Username:
<input type="text" name="player" size="30" maxlength="21" />
  <br>
Password: <input type="password" name="password" size="30" maxlength="20"><br>
Confirm Password: <input type="password" name="pass2" size="30" maxlength="20"><br>
Email:  
<input type="text" name="email" size="30" maxlength="55">
<br><br>
<input type="submit">
</form>
</th>
  </tr>
</table>
Top
INSK
Posts: 6
Joined: Tue Aug 04, 2009 12:30 am

Re: Video#5

Post by INSK »

Can someone please help me..i've spent about an hour looking around to find out what is wrong. I keep trying to sign in and am using the correct password and it continues to come up again and again saying i'm entering the wrong password or username. I've even unmasked it as well as removed the password protection and it still continues :( HEEEELLLPPP!!!! And my database is named INSK by the way so that doesn't cause confusion :)


Login.php

Code: Select all

<form method="POST" action="authenticate.php">
User Name <input type="text" name="player" size="21">
Password <input type="password" name="password" size="21" mask="x">
<br>
<input type="submit" value="Login" name="submit">

<br><br>Not Registered? <a href='register.php'>Register
Authenticate.php

Code: Select all

<?php
include_once 'connect.php';
session_start();

if (isset($_POST['submit']))
{
  $player=$_POST['player'];
  $password=$_POST['password'];
  $player=strip_tags($player);
  $password=strip_tags($password);
  $password=md5($password);

  $query = "select name,password from players where name='$player' and password='$password'";
  $result = mysql_query($query) or die("Could not query players");
  $result2 = mysql_fetch_array($result);
  if ($result2)
  { 
    $_SESSION['player']=$player;
    
    echo "<big>Logged in successfully<br>";
    echo "<A href='battle.php'>Continue</a></big>";
  }
  else
  {
   echo "<big>Wrong username or password.<A href='login.php'>Try Again</a></big>";
  }
}
?>


and if they are needed



Register.php

Code: Select all

<?php
include 'connect.php';
?>

<table width="470" border="1">
  <tr>
    <center>
      <th width="460" scope="col"><strong><em>Registration</em></strong></th></center>
  </tr>
  <tr>
    <th height="135" scope="row">

    <form method="post" action="reguser.php">
Username:
<input type="text" name="player" size="30" maxlength="21" />
  <br>
Password: <input type="password" name="password" size="30" maxlength="20"><br>
Confirm Password: <input type="password" name="pass2" size="30" maxlength="20"><br>
Email:  
<input type="text" name="email" size="30" maxlength="55">
<br><br>
<input type="submit">
</form>
</th>
  </tr>
</table>
Reguser.php

Code: Select all

<?php
include 'connect.php';
?>

<?php
$player=$_POST['player'];
$password=$_POST['password'];
$pass2=$_POST['pass2'];
$player=strip_tags($player);
$email=$_POST['email'];
$email=strip_tags($email);

if ($email == "")
{
echo "You didn't enter a email address!<br>";
echo " <A href='register.php'>Go back</a>";
    exit;
    }
if ($password==$pass2)
{
  
  $isplayer="SELECT * from players where name='$player'";
  $isplayer2=mysql_query($isplayer) or die("Could not query players table");
  $isplayer3=mysql_fetch_array($isplayer2);
  if(!$_POST['password'] || !$_POST['pass2'])
  {
     print "You did not enter a password";
    echo " <A href='register.php'>Go back</a><br>";
    exit;
  }
  else if($isplayer3 || strlen($player)>15 || strlen($player)<1)
  {
     print "There is already a player of that name or the name you specified is over 16 letters or less than 1 letter<br>";
     echo " <A href='register.php'>Go back</a>";
    exit;
  }
  else
  {
    $isaddress="SELECT * from players where email='$email'";
    $isaddress2=mysql_query($isaddress) or die("not able to query for password");
    $isaddress3=mysql_fetch_array($isaddress2);
    if($isaddress3)
    {
      print "There is already a player with that e-mail address<br>";
      echo " <A href='register.php'>Go back</a>";
    exit;
    }
    else
    {
        $password=md5($password);
        
$SQL = "INSERT into players(name, password, email, level, exper, attack, defense, hpoints) VALUES ('$player','$password','$email','1','0','5','5','30')";
      mysql_query($SQL) or die("could not register");
      
      print "Thank you for registering.";
   
    }
  }
}

else
{
  print "Your password didn't match or you did not enter a password<br>";
   echo " <A href='register.php'>Go back</a>";
    exit;
}
echo "<br><A href='login.php'>Login Page</a>";
?>
Top
User avatar
Torniquet
Posts: 869
Joined: Sun Aug 02, 2009 6:18 am

Re: Video#5

Post by Torniquet »

i cant see anything wrong with that :s

make sure in your databse under the passwords the varchar length is more then i think its 32 characters. i usually set it to 50 to be on the safe side lol..

i noticed on your login page you limit the boxes to 21 chars, so if you have done that on the database, your password field is only holding half the encrypted password.

hope that helps. :)
New Site Coming Soon! Stay tuned :D
Top
User avatar
OldRod
Posts: 1320
Joined: Sun Sep 20, 2009 4:26 pm

Re: Video#5

Post by OldRod »

That'd be my guess too - your password field is too short to hold the md5'd password (32 length)

Other than that, the code itself looks ok.
Top
User avatar
hallsofvallhalla
Site Admin
Posts: 12026
Joined: Wed Apr 22, 2009 11:29 pm

Re: Video#5

Post by hallsofvallhalla »

yep sounds like your table players, field password is set too low for characters, change it to like 60

also might want to remove these, only if that doesnt work
$player=strip_tags($player);
$password=strip_tags($password);
Top
INSK
Posts: 6
Joined: Tue Aug 04, 2009 12:30 am

Re: Video#5

Post by INSK »

still not working..guess i'll just start all over. :@ at least i only went this far :)
Top
GrInd3r
Posts: 66
Joined: Mon Jul 13, 2009 10:34 pm

Re: Video#5

Post by GrInd3r »

then ur not doing ur md5 right as they said make sure it is 32++ try 255 as the field size... and that is max. google md5 or hashing or sha as well there are more secure ways nowe with the new apache server that has come out that are more better and encrypted better!!!
Top
Post Reply

Return to “Older Browser MMO Videos”