PHP Registation/Login System Problem

[FrederickGeek8]

I was following the tutorial for a PHP Registation/Login System. Whenever I hit register, if there is text in the textboxes or not, it goes to a blank, white screen, and stays on register.php. That is what happens in Firefox, if I try in Chrome then it give me a

HTTP Error 500 (Internal Server Error): An unexpected condition was encountered while the server was attempting to fulfill the request.

I have check, double checked, and triple checked for errors but could not find any. So, I was wondering if you guys could look at it. Also I removed my credentials just for securities sake. Anyways Thanks

register.php

<?php

include('core/init.inc.php');

$errors = array();

if (isset($_POST['username'], $_POST['password'], $_POST['repeat_password'])){
	if (empty($_POST['username'])){
		$errors[] = 'The username cannot be empty.';
	}

	if (empty($_POST['password']) || empty($_POST['repeat_password'])){
		$errors[] = 'The password cannot be empty.';
	}

	if ($_POST['password'] !== $_POST['repeat_password']){
		$errors[] = 'Password verification failed.';
	}
	if (user_exists($_POST['username'])){
		$errors[] = 'The username you entered is already taken.';
	}

	if (empty($errors)){
		add_user($_POST['username'], $_POST['password']);

		$_SESSION['username'] = htmlentities($_POST['username']);

		header('Location: protected.php');
		die();
	}
}


?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
		<meta http-equi"Content-Type" content="text/html; charset=utf-8" />
		<link rel="stylesheet" type="text/css" href="ext/css/style.css" />
		<title></title>
	</head>
	<body>
		<p>
			<?php

			if (empty($errors) === false){
				?>
				<ul>
					<?php

					foreach ($errors as $error){
						echo "<li>{error}</li>";
					}

					?>
				</ul>
				<?php
			}

			?>
		</p>
		<form action="" method="post">
			<p>
				<label for="username">Username:</label>
				<input type="text" name="username" id="username" />
			</p>
			<p>
                                <label for="password">Password:</label>
                                <input type="password" name="password" id="password" />
			</p>
			<p>
                                <label for="repeat_password">Repeat Password:</label>
                                <input type="password" name="repeat_password" id="repeat_password" />
			</p>
			<p>
				<input type="submit" value="Register" />
			</p>
		</form>
	</body>
</html>

logout.php

<?php



?>

login.php

<?php



?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://w3.org/TR/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
		<link rel="stylesheet" type="text/css" href="ext/css/style.css" />
		<title></title>
	</head>
	<body>
		<p>
			Need an account ? <a href="register.php">Register here</a>
		</p>
		<form action="" method="post">
			<p>
				<label for="username">Username:</label>
				<input type="text" name "username" id-"username" />
			</p>
			<p>
				<label for="password">Password:</label>
				<input type="password" name="password" "password"
			</p>
			<p>
				<input type="submit" value="Login" />
			</p>
		</form>
	</body>
<html>

protected.php

<?php include('core/init.inc.php'); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTMl 1.0 Strict//EN" "http://w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
	<head>
		<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
		<title></title>
	</head>
	<body>
		<p>
			You are logged in as <?php   ?>
		</p>
	</body>
</html>

init.inc.php

<?php

session_start();

$exceptions = array('register', 'login');

$page = substr(end(explode('/', $_SERVER['SCRIPT_NAME'])), 0, -4);

if (in_array($page, $exceptions) === false){
	if (isset($_SESSION['username']) === false){
		header('Location: login.php');
		die();
	}
}

mysql_connect('hatgeek.com', '<username>', '<password>');
mysql_select_db('user_system');

$path = dirname(_FILE_);

include("{path}/inc/user.inc.php");

?>

user.inc.php

<?php

// Checks if given username exits in db table
function user_exists($user){
	$user = mysql_real_escape_string($user);

	$total = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_name` = '{$user}'");

	return (mysql_result($total, 0) == '1') ? true : false;
}

// Checks if given username and password combo is valid
function valid_credentials($user, $pass){
	$user = mysql_real_escape_string($user));
	$pass = shal($pass);

	$total = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `user_name` = '{$user}' AND `user_password` = '{$pass}'");

	return (mysql_result($total, 0) == '1') ? true : false; 
}

// Adds user to db
function add_user($user, $pass){
	$user = mysql_real_escape_string(htmlentities$user));
	$pass = shal($pass);

	mysql_query("INSERT INTO `users` (`user_name`, `user_password`) VALUES ('{$user}', '{$pass}')");
}

?>

style.css

body {



}

[Temor]

In init.inc.php you're having just 1 underscore on each side of the __FILE__ constant.

this:

<?php
 
session_start();
 
$exceptions = array('register', 'login');
 
$page = substr(end(explode('/', $_SERVER['SCRIPT_NAME'])), 0, -4);
 
if (in_array($page, $exceptions) === false){
        if (isset($_SESSION['username']) === false){
                header('Location: login.php');
                die();
        }
}
 
mysql_connect('hatgeek.com', '<username>', '<password>');
mysql_select_db('user_system');
 
$path = dirname(_FILE_);
 
include("{path}/inc/user.inc.php");
 
?>

needs to be like this:

<?php
 
session_start();
 
$exceptions = array('register', 'login');
 
$page = substr(end(explode('/', $_SERVER['SCRIPT_NAME'])), 0, -4);
 
if (in_array($page, $exceptions) === false){
        if (isset($_SESSION['username']) === false){
                header('Location: login.php');
                die();
        }
}
 
mysql_connect('hatgeek.com', '<username>', '<password>');
mysql_select_db('user_system');
 
$path = dirname(__FILE__);
 
include("{$path}/inc/user.inc.php");
 
?>

I don't think that's the cause of your problem though.

/Edit, I also just realized that you forgot a dollarsign just under where you set the $path variable.

[FrederickGeek8]

In init.inc.php you're having just 1 underscore on each side of the __FILE__ constant.

this:

<?php
 
session_start();
 
$exceptions = array('register', 'login');
 
$page = substr(end(explode('/', $_SERVER['SCRIPT_NAME'])), 0, -4);
 
if (in_array($page, $exceptions) === false){
        if (isset($_SESSION['username']) === false){
                header('Location: login.php');
                die();
        }
}
 
mysql_connect('hatgeek.com', '<username>', '<password>');
mysql_select_db('user_system');
 
$path = dirname(_FILE_);
 
include("{path}/inc/user.inc.php");
 
?>

needs to be like this:

<?php
 
session_start();
 
$exceptions = array('register', 'login');
 
$page = substr(end(explode('/', $_SERVER['SCRIPT_NAME'])), 0, -4);
 
if (in_array($page, $exceptions) === false){
        if (isset($_SESSION['username']) === false){
                header('Location: login.php');
                die();
        }
}
 
mysql_connect('hatgeek.com', '<username>', '<password>');
mysql_select_db('user_system');
 
$path = dirname(__FILE__);
 
include("{$path}/inc/user.inc.php");
 
?>

I don't think that's the cause of your problem though.

/Edit, I also just realized that you forgot a dollarsign just under where you set the $path variable.

Thanks but now when I try to go to register.php I just get

HTTP Error 500 (Internal Server Error): An unexpected condition was encountered while the server was attempting to fulfill the request.

[Temor]

what are the error logs saying?
Does this happen on other pages or is it just this very page?
It looks like this might be server-related.

[icey2k]

Altho this wont cause that error, I thought I'd just point it out.

 
foreach ($errors as $error){
     echo "<li>{error}</li>";
}

is missing a $

Other than the dirname(__FILE__); in init.inc.php. I see only html errors in the login.php file.

[FrederickGeek8]

I have fixed all the problems that you guys have described but now I am unable to access register.php at all. Plus there is no error log that is being outputed (as far as I know)

[jacek]

I have fixed all the problems that you guys have described but now I am unable to access register.php at all. Plus there is no error log that is being outputed (as far as I know)

That's odd, what does happen when you try to browse to login.php ?

[FrederickGeek8]

I have fixed all the problems that you guys have described but now I am unable to access register.php at all. Plus there is no error log that is being outputed (as far as I know)

That's odd, what does happen when you try to browse to login.php ?

Everything works. No errors, nothing.

[jacek]

Everything works. No errors, nothing.

Okay, so what is the problem exactly :s ?

[FrederickGeek8]

Everything works. No errors, nothing.

Okay, so what is the problem exactly :s ?

Well right now I can't get to register.php

I get this error

HTTP Error 500 (Internal Server Error): An unexpected condition was encountered while the server was attempting to fulfill the request.

[jacek]

That error is coming from Apache, so it is not very likely to have anything to do with the code.

If you look at your error.log file it might tell you what caused it, the only thing I could think of would be a .htacess file with a typo.

[FrederickGeek8]

OK. I have tried this on two different servers and I still can't get to register.php . Where is this "error.log"?

[jacek]

OK. I have tried this on two different servers and I still can't get to register.php . Where is this "error.log"?

Not sure for your set-up, for me it is in /var/log/apache2/error.log

The best thing to do would be to look in the documentation for what ever server you use.

[FrederickGeek8]

OK I looked and I saw errors from my previous adventure... So I recreated the files (blank files) and I refreshed register.php... And nothing has been added to error.log or error.log.1

EDIT: I saw this:

[Tue Jan 31 21:50:30 2012] [error] [client 173.76.239.133] PHP Parse error:  syntax error, unexpected T_VARIABLE in /var/www/login/core/inc/user.inc.php on line 24

[FrederickGeek8]

I got it. I did

$user = mysql_real_escape_string(htmlentities$user));

instead of

 $user = mysql_real_escape_string(htmlentities($user));

EDIT: Now it is giving me

Call to undefined function shal() in /var/www/login/core/inc/user.inc.php on line 25

EDIT EDIT: Fixed that, lets see if there is any other errors

EDIT EDIT EDIT: Everything works!!!! Now to find out what part of the tutorial I am on...

[jacek]

EDIT EDIT EDIT: Everything works!!!! Now to find out what part of the tutorial I am on...

Good news