[Wolves] php problem
Wayne Morris
wayne at machx.co.uk
Fri Feb 27 13:36:42 GMT 2004
Can someone have a look at the script below - its bugging the hell out
of me and I've spent hours on it:
Basically its a simple login in script and it works if you use only one
email address whilst browsing the net, if you have more than one email
address in use it ferks up.
What should happen is that $email and $passwrd are read into a text
input box, they are compared against a mysql database for verification,
then the session starts.
The problem seems to be if you wish to switch users, the second time
around the $email field entered into the text field is ignored and it
uses the previous one entered (which it seems to get from autocomplete?)
and it will log you in if you use the first users password,
ie
User1 Pass1 - log in to User1 account
User2 Pass2 - incorrect passworf
User2 Pass1 - log in to User1 account
Help please!
<?php
require( "common.php" );
if( isset( $action ) )
{
if( $action == "login" )
{
$email = trim( $email );
$passwd = trim( $passwd );
if( $email == "" ) error( "Please enter your e-mail" );
if( $passwd == "" ) error( "Please enter your password" );
dbConnect();
$result = mysql_query( "SELECT email FROM user WHERE email='$email'"
) or error( mysql_error() );
if( mysql_num_rows( $result ) != 1 ) error( "Sorry, e-mail doesn't
exist" );
$result = mysql_query( "SELECT email FROM user WHERE email='$email'
AND passwd LIKE BINARY '$passwd'" ) or error( mysql_error() );
if( mysql_num_rows( $result ) != 1 ) error( "Sorry, invalid password"
);
else
{
session_register( "email" );
session_register( "passwd" );
setcookie( "email", $email, time()+3600*24*365 );
if( isset( $cat ) ) header( "Location: ./list.php?cat=$cat" );
if( $cat == "" ) header( "Location: ./account.php" );
}
}
}
else
{
displayHeader( "Member Login" );
echo "<p align=\"center\"><font size=\"4\">Member Login</font></p>\n";
echo "<div align=\"center\">\n";
//$email = "";
echo "$email";
echo " <center>\n";
echo " <table border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\n";
echo " <form method=\"post\"
action=\"$PHP_SELF?action=login&cat=$cat\">\n";
echo " <tr>\n";
echo " <td width=\"80\" height=\"25\">E-mail</td>\n";
echo " <td width=\"160\" height=\"25\"><input type=\"text\"
name=\"email\" size=\"20\" maxlength=\"50\"></td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td width=\"80\" height=\"25\">Password</td>\n";
echo " <td width=\"160\" height=\"25\"><input type=\"password\"
name=\"passwd\" size=\"20\" maxlength=\"12\"></td>\n";
echo " </tr>\n";
echo " <tr>\n";
echo " <td width=\"8\" height=\"25\"></td>\n";
echo " <td width=\"160\" height=\"25\"><input type=\"submit\"
value=\" Login \"></td>\n";
echo " </tr>\n";
echo " </form>\n";
echo " </table>\n";
echo " </center>\n";
echo "</div>\n";
echo "<p align=\"center\"><b>Not yet a member? <a
href=\"register.php\">Register now</a>!</b></p>\n";
echo "<p align=\"center\"><b><a href=\"getpass.php\">Forget your
password?</a></b></p>\n";
echo "<p align=\"center\"><a
href=\"javascript:history.back()\"><b>Back</b></a></p>\n";
displayFooter();
}
Wayne Morris
07960 859346
--
Live machinery database
www.machx.co.uk/classifieds/
Most recently added items
www.machx.co.uk/classified/recent.php
More information about the Wolves
mailing list