Page 14 of 35
Re: Video#5
Posted: Mon Feb 01, 2010 9:57 pm
by phq
Hi,
My PC broke a while ago, so I decided to start again. It took me a long time to find the website
but I've found it.
So, I got the same error when I enter the normal password it doesn't work, but when I enter the md5'd password it works.
I don't think there is something wrong.
My authenticate.php :
Code: Select all
<?php
include_once 'connect.php';
session_start();
if (isset($_POST['submit']))
{
$player=$_POST['player'];
$password=$_POST['password'];
$player=strip_tags($player);
$password=strip_tags($password);
$password=md5($password);
$query = "select name,password from players where name='$player' and '$password'";
$result = mysql_query($query) or die ("Could not query players");
$result2 = mysql_fetch_array($result);
if ($result2)
{
$_SESSION['player']=$player;
echo "<big>Logged in successfully<br />";
echo "<a href='battle.php'>Continue</a></big>";
}
else
{
echo "<big>Wrong username or password.<a href='login.php'>Try Again</a></big>";
}
}
?>
Re: Video#5
Posted: Mon Feb 01, 2010 10:02 pm
by OldRod
Change:
$query = "select name,password from players where name='$player' and '$password'";
to:
$query = "select name,password from players where name='$player' and password='$password'";
and see if that helps.
Re: Video#5
Posted: Mon Feb 01, 2010 10:14 pm
by phq
Ok,
thank you that helped
Re: Video#5
Posted: Mon Feb 01, 2010 10:25 pm
by Jackolantern
You also don't have to make the password check part of the SQL query. It will run marginally faster if you simply search for the player name and then use the query results array to check the password. Always do everything you can in PHP instead of MySQL.
Re: Video#5
Posted: Tue Feb 02, 2010 10:43 pm
by Caleta
arkh wrote:so it's like this.
if i put something in the database with the title of Avatar and and entry was inserted there like an url.
like
http://www.website.com/image.jpg then if i placed $playerinfo3['Avatar'] then does that mean it would show the image?
Code: Select all
<?php
include_once 'connect.php';
session_start();
if (isset($_SESSION['player']))
{
$player=$_SESSION['player'];
}
$playerinfo="SELECT * from players where name='$player'";
$playerinfo2=mysql_query($playerinfo) or die("could not get player stats!");
$playerinfo3=mysql_fetch_array($playerinfo2);
$avatar = $playerinfo3['Avatar']
$Equipment = $playerinfo3['Equipment']
is this something like this??
i get what you said about the stats and other info. oh and what kind of script is used to modify data in database?
i am suck, i am unsure which code to use for the authenticate.php document!!
Re: Video#5
Posted: Wed Feb 03, 2010 3:23 pm
by hallsofvallhalla
use the one int he tutorial
Re: Video#5
Posted: Sun Feb 07, 2010 5:14 am
by Zerk
My login is messed up...
I have checked register and reguser and they work fine. They set all the correct information in the data base.
But it only lets me log in every few people I create; sometimes it works, sometimes it doesn't...
Example: I create a user called "pleasework" with a password of "pleasework". It lets me log in.
But then I created a user called "iamawizard" with a password of "wizard" and it won't let me log in.
So I thought it must have to have the same password as username so I made a user called "1234" with a password of "1234" and he couldn't lot in! Even if I go into the database and change the MD5 password to 1234, it won't let him log in..There is something really weird with my script or something.
This is my login and authenticate scripts..what can I do to make them work?
Code: Select all
login.php
<?php
include_once('phpinclude/connect.php');
include_once('phpinclude/logo.php');
?>
<div id="loginfalse">
<form method="POST" action="authenticate.php">
<table border='0' align="center">
<tr align="right"><td>User Name: </td><td><input type="text" name="player" size="21"></td></tr>
<tr align="right"><td>Password: </td><td><input type="password" name="password" size="21" mask="x"></td></tr>
<tr align="right"><td colspan='2'><input type="submit" value="Login" name="submit"></td></tr>
</table><br>
<br>
Not Registered? <a href='register.php' title='Register page'>Register</a><br>
<br>
<a href='index.php' title='Index'>Return to the index</a>.
</div>
Code: Select all
authenticate.php
<?php
include_once ('phpinclude/connect.php');
session_start();
include_once ('phpinclude/logo.php');
?>
<div id="loginfalse">
<?php
if (isset($_POST['submit']))
{
$player=$_POST['player'];
$password=$_POST['password'];
$player=strip_tags($player);
$password=strip_tags($password);
$password=md5($password);
$query = "select name,password from players where name='$player' and '$password'";
$result = mysql_query($query) or die("Could not query players");
$result2 = mysql_fetch_array($result);
if ($result2)
{
$_SESSION['player']=$player;
echo "<big>Logged in successfully<br>";
echo "<A href='index.php'>Continue</a></big>";
}
else
{
echo "<big>Wrong username or password.<A href='login.php'>Try Again</a></big>";
}
}
?>
</div> /*for the Login False ID*/
Re: Video#5
Posted: Sun Feb 07, 2010 1:58 pm
by OldRod
Change:
Code: Select all
$query = "select name,password from players where name='$player' and '$password'";
to:
Code: Select all
$query = "select name,password from players where name='$player' and password = '$password'";
That is one problem - see if that fixes it, if not post back
Re: Video#5
Posted: Sun Feb 07, 2010 6:17 pm
by Bust
It's giving an error:
Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at C:\xampp\htdocs\AgedBattles\connect.php:6) in C:\xampp\htdocs\AgedBattles\authenticate.php on line 3
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at C:\xampp\htdocs\AgedBattles\connect.php:6) in C:\xampp\htdocs\AgedBattles\authenticate.php on line 3
What can I do?
Re: Video#5
Posted: Sun Feb 07, 2010 6:25 pm
by OldRod
Looks like you have two session_start statements - maybe one in connect.php and one in authenticate.php. Since connect.php is included, you don't need the one in authenticate.php
