Indie-Resource.com

Were Back!
http://indie-resource.com/forums/

Browser MMO Video #5

http://indie-resource.com/forums/viewtopic.php?t=223

Page 8 of 35

Re: Video#5

Posted: Fri Dec 11, 2009 12:33 pm
by Falken
phq wrote:Hi,
how come when I try to login my password doesn't work I have to enter
c112ca8d2922bcaac5c64b666dc0fae0 instead of my normal pass.
You probably forgot to use md5 on the password string before comparing it to the saved one in the database.

Re: Video#5

Posted: Fri Dec 11, 2009 2:24 pm
by hallsofvallhalla
yes look in authenticate.php and make sure you are md5'n the password post variable

Re: Video#5

Posted: Fri Dec 11, 2009 6:15 pm
by phq
ok, i think i've fixed it :)

Re: Video#5

Posted: Tue Dec 15, 2009 9:57 pm
by phq
I have made a nice login and register page :) :

Login:

Code: Select all

<?php
include 'connect.php';
?>

<table width="470" border="1">
  <tr>
    <center>
      <th width="460" scope="col"><strong><em>Login</em></strong></th></center>
  </tr>
  <tr>
    <th height="135" scope="row">
    
    <form method="post" action="authenticate.php">
Username: <input type="text" name="player" size="30" maxlength="21" />
 <br>
Password: <input type="password" name="password" size="30" maxlength="20"><br>
<br>
<input type="submit" value="Login">
</form>
</th>
  </tr>
</table>
Register:

Code: Select all

<?php
include 'connect.php';
?>

<table width="470" border="1">
  <tr>
    <center>
      <th width="460" scope="col"><strong><em>Registration</em></strong></th></center>
  </tr>
  <tr>
    <th height="135" scope="row">
    
    <form method="post" action="reguser.php">
Username:
<input type="text" name="player" size="30" maxlength="21" />
  <br>
Password: <input type="password" name="password" size="30" maxlength="20"><br>
Confirm Password: <input type="password" name="pass2" size="30" maxlength="20"><br>
Email:  
<input type="text" name="email" size="30" maxlength="55">
<br><br>
<input type="submit">
</form>
</th>
  </tr>
</table>

Re: Video#5

Posted: Sun Dec 20, 2009 11:20 pm
by INSK
Can someone please help me..i've spent about an hour looking around to find out what is wrong. I keep trying to sign in and am using the correct password and it continues to come up again and again saying i'm entering the wrong password or username. I've even unmasked it as well as removed the password protection and it still continues :( HEEEELLLPPP!!!! And my database is named INSK by the way so that doesn't cause confusion :)


Login.php

Code: Select all

<form method="POST" action="authenticate.php">
User Name <input type="text" name="player" size="21">
Password <input type="password" name="password" size="21" mask="x">
<br>
<input type="submit" value="Login" name="submit">

<br><br>Not Registered? <a href='register.php'>Register
Authenticate.php

Code: Select all

<?php
include_once 'connect.php';
session_start();

if (isset($_POST['submit']))
{
  $player=$_POST['player'];
  $password=$_POST['password'];
  $player=strip_tags($player);
  $password=strip_tags($password);
  $password=md5($password);

  $query = "select name,password from players where name='$player' and password='$password'";
  $result = mysql_query($query) or die("Could not query players");
  $result2 = mysql_fetch_array($result);
  if ($result2)
  { 
    $_SESSION['player']=$player;
    
    echo "<big>Logged in successfully<br>";
    echo "<A href='battle.php'>Continue</a></big>";
  }
  else
  {
   echo "<big>Wrong username or password.<A href='login.php'>Try Again</a></big>";
  }
}
?>


and if they are needed



Register.php

Code: Select all

<?php
include 'connect.php';
?>

<table width="470" border="1">
  <tr>
    <center>
      <th width="460" scope="col"><strong><em>Registration</em></strong></th></center>
  </tr>
  <tr>
    <th height="135" scope="row">

    <form method="post" action="reguser.php">
Username:
<input type="text" name="player" size="30" maxlength="21" />
  <br>
Password: <input type="password" name="password" size="30" maxlength="20"><br>
Confirm Password: <input type="password" name="pass2" size="30" maxlength="20"><br>
Email:  
<input type="text" name="email" size="30" maxlength="55">
<br><br>
<input type="submit">
</form>
</th>
  </tr>
</table>
Reguser.php

Code: Select all

<?php
include 'connect.php';
?>

<?php
$player=$_POST['player'];
$password=$_POST['password'];
$pass2=$_POST['pass2'];
$player=strip_tags($player);
$email=$_POST['email'];
$email=strip_tags($email);

if ($email == "")
{
echo "You didn't enter a email address!<br>";
echo " <A href='register.php'>Go back</a>";
    exit;
    }
if ($password==$pass2)
{
  
  $isplayer="SELECT * from players where name='$player'";
  $isplayer2=mysql_query($isplayer) or die("Could not query players table");
  $isplayer3=mysql_fetch_array($isplayer2);
  if(!$_POST['password'] || !$_POST['pass2'])
  {
     print "You did not enter a password";
    echo " <A href='register.php'>Go back</a><br>";
    exit;
  }
  else if($isplayer3 || strlen($player)>15 || strlen($player)<1)
  {
     print "There is already a player of that name or the name you specified is over 16 letters or less than 1 letter<br>";
     echo " <A href='register.php'>Go back</a>";
    exit;
  }
  else
  {
    $isaddress="SELECT * from players where email='$email'";
    $isaddress2=mysql_query($isaddress) or die("not able to query for password");
    $isaddress3=mysql_fetch_array($isaddress2);
    if($isaddress3)
    {
      print "There is already a player with that e-mail address<br>";
      echo " <A href='register.php'>Go back</a>";
    exit;
    }
    else
    {
        $password=md5($password);
        
$SQL = "INSERT into players(name, password, email, level, exper, attack, defense, hpoints) VALUES ('$player','$password','$email','1','0','5','5','30')";
      mysql_query($SQL) or die("could not register");
      
      print "Thank you for registering.";
   
    }
  }
}

else
{
  print "Your password didn't match or you did not enter a password<br>";
   echo " <A href='register.php'>Go back</a>";
    exit;
}
echo "<br><A href='login.php'>Login Page</a>";
?>

Re: Video#5

Posted: Mon Dec 21, 2009 2:01 am
by Torniquet
i cant see anything wrong with that :s

make sure in your databse under the passwords the varchar length is more then i think its 32 characters. i usually set it to 50 to be on the safe side lol..

i noticed on your login page you limit the boxes to 21 chars, so if you have done that on the database, your password field is only holding half the encrypted password.

hope that helps. :)

Re: Video#5

Posted: Mon Dec 21, 2009 2:06 am
by OldRod
That'd be my guess too - your password field is too short to hold the md5'd password (32 length)

Other than that, the code itself looks ok.

Re: Video#5

Posted: Mon Dec 21, 2009 2:17 pm
by hallsofvallhalla
yep sounds like your table players, field password is set too low for characters, change it to like 60

also might want to remove these, only if that doesnt work
$player=strip_tags($player);
$password=strip_tags($password);

Re: Video#5

Posted: Mon Dec 21, 2009 10:30 pm
by INSK
still not working..guess i'll just start all over. :@ at least i only went this far :)

Re: Video#5

Posted: Tue Dec 22, 2009 1:36 am
by GrInd3r
then ur not doing ur md5 right as they said make sure it is 32++ try 255 as the field size... and that is max. google md5 or hashing or sha as well there are more secure ways nowe with the new apache server that has come out that are more better and encrypted better!!!
All times are UTC
Page 8 of 35

Powered by phpBB® Forum Software © phpBB Limited