PHP Tutorial: Register and Login (Cookie Extension) [part 01

Ask about a PHP problem here.
Post Reply
Djmann1013
Posts: 11
Joined: Sun Aug 19, 2012 12:19 am
Contact:

PHP Tutorial: Register and Login (Cookie Extension) [part 01

Post by Djmann1013 »

I typed what the tutorial said, and it says my password and username is incorrect. Here is the code I typed:

init.inc.php file:

<?php
//init.inc.php file
session_start();

$exceptions = array('signup', 'login', 'index');

$page = substr(end(explode( '/', $_SERVER['SCRIPT_NAME'])), 0, -4);

// SQL stuff.
mysql_connect('SQL host','username','password');
mysql_select_db('database name');

include('user.inc.php');

//$_SESSION['uid'] = 1;

if (isset($_COOKIE['username'], $_COOKIE['password'])){

     if (valid_credentials($_COOKIE['username'], $_COOKIE['password'])){
            $_SESSION['username'] = htmlentities($_COOKIE['username']);

                 setcookie('username', $_COOKIE['username'], time() + 3600);
                 setcookie('password', $_COOKIE['password'], time() + 3600);

     }

}


if (in_array($page, $exceptions) === false){
    if (isset($_SESSION['username']) === false){
     header( 'Location: login.php' );
     die();
}
}



?>
Login.php

<?php
include('init.inc.php');

$errors = array();

if (isset($_POST['username'], $_POST['password'])){

   if (empty($_POST['username'])){
     $errors[] = 'The username field is empty.';
   }
   if (empty($_POST['password'])){
     $errors[] = 'The password field is empty.';
   }

  if (valid_credentials($_POST['username'], sha1($_POST['password'])) === false){
     $errors[] = 'Username or password is incorrect.';
   }

   if (empty($errors)){

    setcookie('username', $_POST['username'], time() + 3600);
    setcookie('password', sha1($_POST['password']), time() + 3600);

     $username = $_POST['username'];
     session_register("username");
     
     header( 'Location: home.php' );

   }
}

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN">

<html>

<body>

<form action="" method="post">
<p>

<?php
if (empty($errors) === false){

?>

<ul>

<?php

foreach ($errors as $error){
   echo "<center><li>[$error]</li></center>";
}

?>

</ul>

<?

}
?>

</p>
<input type="text" name="username" id="username" placeholder="Username" maxlength="40" value="<?php if (isset($_POST['username'])){ echo htmlentities($_POST['username']); } ?>"><br><br>

<input type="password" name="password" placeholder="Password"><br><br>

<input type="submit" value="Login">

</form>

</body>

</html>

The problem is that it won't let me login. It's kinda annoying since I was looking for hours on the internet.
PHP addict.
User avatar
Temor
Posts: 1186
Joined: Thu May 05, 2011 8:04 pm

Re: PHP Tutorial: Register and Login (Cookie Extension) [par

Post by Temor »

The problem is likely within the valid_credentials function. Could you post the code for that?
Djmann1013
Posts: 11
Joined: Sun Aug 19, 2012 12:19 am
Contact:

Re: PHP Tutorial: Register and Login (Cookie Extension) [par

Post by Djmann1013 »


 if (valid_credentials($_POST['username'], sha1('password'))) === false){
    $errors[] = 'Username or password is incorrect.';
  }

Exactly from the video, also this:

if (isset($_COOKIE['username'], $_COOKIE['password'])){

     if (valid_credentials($_POST['username'], $_POST['password'])){
            $_SESSION['username'] = htmlentities($_COOKIE['username']);

                 setcookie('username', $_COOKIE['username'], time() + 3600);
                 setcookie('password', $_COOKIE['password'], time() + 3600);

     }

}


PHP addict.
User avatar
Temor
Posts: 1186
Joined: Thu May 05, 2011 8:04 pm

Re: PHP Tutorial: Register and Login (Cookie Extension) [par

Post by Temor »

That's not the code I asked for. Post the code for the function. Not where you use the function.
Djmann1013
Posts: 11
Joined: Sun Aug 19, 2012 12:19 am
Contact:

Re: PHP Tutorial: Register and Login (Cookie Extension) [par

Post by Djmann1013 »

Sorry, I meant this:
function valid_credentials($user, $pass){
$user = mysql_real_escape_string(htmlentities($user));
$pass = sha1($pass);

$total = mysql_query("SELECT COUNT('user_id') FROM `users` WHERE `user_username` = '{$user}' AND `user_password` = '{$pass}'");

return (mysql_result($total, 0) == '1') ? true: false;

}


PHP addict.
User avatar
Temor
Posts: 1186
Joined: Thu May 05, 2011 8:04 pm

Re: PHP Tutorial: Register and Login (Cookie Extension) [par

Post by Temor »

Your problem is that you're applying the sha1 hash twice. Once when you call it, and once inside the function.
Remove the one where you call it and keep the one inside the function.
Djmann1013
Posts: 11
Joined: Sun Aug 19, 2012 12:19 am
Contact:

Re: PHP Tutorial: Register and Login (Cookie Extension) [par

Post by Djmann1013 »

Now I am getting this error with this code:

error: Parse error: syntax error, unexpected T_IS_IDENTICAL in /home/a8913488/public_html/login.php on line 18

code:

   if (valid_credentials($_POST['username'], $_POST['password'])) === false){
      $errors[] = 'Username or password is incorrect.';
    }

user.inc.php file:

function valid_credentials($user, $pass){
$user = mysql_real_escape_string(htmlentities($user));
$pass = sha1($pass);

$total = mysql_query("SELECT COUNT('user_id') FROM `users` WHERE `user_username` = '{$user}' AND `user_password` = '{$pass}'");

return (mysql_result($total, 0) == '1') ? true: false;

}
Last edited by Temor on Thu Sep 06, 2012 2:44 am, edited 1 time in total.
Reason: code tags
PHP addict.
User avatar
Temor
Posts: 1186
Joined: Thu May 05, 2011 8:04 pm

Re: PHP Tutorial: Register and Login (Cookie Extension) [par

Post by Temor »

it is not expecting the triple equals ( === false ). Change that to two equals.
Djmann1013
Posts: 11
Joined: Sun Aug 19, 2012 12:19 am
Contact:

Re: PHP Tutorial: Register and Login (Cookie Extension) [par

Post by Djmann1013 »

It's fixed now, thanks!
PHP addict.
Post Reply