BetterPHP

The non-existent community
https://betterphp.co.uk/board/

PHP Tutorial: Register and Login (Cookie Extension) [part 01

https://betterphp.co.uk/board/viewtopic.php?t=1874

Page 1 of 1

PHP Tutorial: Register and Login (Cookie Extension) [part 01

Posted: Wed Sep 05, 2012 12:44 am
by Djmann1013
I typed what the tutorial said, and it says my password and username is incorrect. Here is the code I typed:

init.inc.php file:

<?php
//init.inc.php file
session_start();

$exceptions = array('signup', 'login', 'index');

$page = substr(end(explode( '/', $_SERVER['SCRIPT_NAME'])), 0, -4);

// SQL stuff.
mysql_connect('SQL host','username','password');
mysql_select_db('database name');

include('user.inc.php');

//$_SESSION['uid'] = 1;

if (isset($_COOKIE['username'], $_COOKIE['password'])){

     if (valid_credentials($_COOKIE['username'], $_COOKIE['password'])){
            $_SESSION['username'] = htmlentities($_COOKIE['username']);

                 setcookie('username', $_COOKIE['username'], time() + 3600);
                 setcookie('password', $_COOKIE['password'], time() + 3600);

     }

}


if (in_array($page, $exceptions) === false){
    if (isset($_SESSION['username']) === false){
     header( 'Location: login.php' );
     die();
}
}



?>
Login.php 

<?php
include('init.inc.php');

$errors = array();

if (isset($_POST['username'], $_POST['password'])){

   if (empty($_POST['username'])){
     $errors[] = 'The username field is empty.';
   }
   if (empty($_POST['password'])){
     $errors[] = 'The password field is empty.';
   }

  if (valid_credentials($_POST['username'], sha1($_POST['password'])) === false){
     $errors[] = 'Username or password is incorrect.';
   }

   if (empty($errors)){

    setcookie('username', $_POST['username'], time() + 3600);
    setcookie('password', sha1($_POST['password']), time() + 3600);

     $username = $_POST['username'];
     session_register("username");
     
     header( 'Location: home.php' );

   }
}

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN">

<html>

<body>

<form action="" method="post">
<p>

<?php
if (empty($errors) === false){

?>

<ul>

<?php

foreach ($errors as $error){
   echo "<center><li>[$error]</li></center>";
}

?>

</ul>

<?

}
?>

</p>
<input type="text" name="username" id="username" placeholder="Username" maxlength="40" value="<?php if (isset($_POST['username'])){ echo htmlentities($_POST['username']); } ?>"><br><br>

<input type="password" name="password" placeholder="Password"><br><br>

<input type="submit" value="Login">

</form>

</body>

</html>
The problem is that it won't let me login. It's kinda annoying since I was looking for hours on the internet.

Re: PHP Tutorial: Register and Login (Cookie Extension) [par

Posted: Wed Sep 05, 2012 1:38 pm
by Temor
The problem is likely within the valid_credentials function. Could you post the code for that?

Re: PHP Tutorial: Register and Login (Cookie Extension) [par

Posted: Wed Sep 05, 2012 11:56 pm
by Djmann1013

 if (valid_credentials($_POST['username'], sha1('password'))) === false){
    $errors[] = 'Username or password is incorrect.';
  }
Exactly from the video, also this:

if (isset($_COOKIE['username'], $_COOKIE['password'])){

     if (valid_credentials($_POST['username'], $_POST['password'])){
            $_SESSION['username'] = htmlentities($_COOKIE['username']);

                 setcookie('username', $_COOKIE['username'], time() + 3600);
                 setcookie('password', $_COOKIE['password'], time() + 3600);

     }

}

Re: PHP Tutorial: Register and Login (Cookie Extension) [par

Posted: Thu Sep 06, 2012 12:52 am
by Temor
That's not the code I asked for. Post the code for the function. Not where you use the function.

Re: PHP Tutorial: Register and Login (Cookie Extension) [par

Posted: Thu Sep 06, 2012 1:38 am
by Djmann1013
Sorry, I meant this:
function valid_credentials($user, $pass){
$user = mysql_real_escape_string(htmlentities($user));
$pass = sha1($pass);

$total = mysql_query("SELECT COUNT('user_id') FROM `users` WHERE `user_username` = '{$user}' AND `user_password` = '{$pass}'");

return (mysql_result($total, 0) == '1') ? true: false;

}

Re: PHP Tutorial: Register and Login (Cookie Extension) [par

Posted: Thu Sep 06, 2012 1:55 am
by Temor
Your problem is that you're applying the sha1 hash twice. Once when you call it, and once inside the function.
Remove the one where you call it and keep the one inside the function.

Re: PHP Tutorial: Register and Login (Cookie Extension) [par

Posted: Thu Sep 06, 2012 2:36 am
by Djmann1013
Now I am getting this error with this code:

error: Parse error: syntax error, unexpected T_IS_IDENTICAL in /home/a8913488/public_html/login.php on line 18

code: 

   if (valid_credentials($_POST['username'], $_POST['password'])) === false){
      $errors[] = 'Username or password is incorrect.';
    }

user.inc.php file:

function valid_credentials($user, $pass){
$user = mysql_real_escape_string(htmlentities($user));
$pass = sha1($pass);

$total = mysql_query("SELECT COUNT('user_id') FROM `users` WHERE `user_username` = '{$user}' AND `user_password` = '{$pass}'");

return (mysql_result($total, 0) == '1') ? true: false;

}

Re: PHP Tutorial: Register and Login (Cookie Extension) [par

Posted: Thu Sep 06, 2012 2:46 am
by Temor
it is not expecting the triple equals ( === false ). Change that to two equals.

Re: PHP Tutorial: Register and Login (Cookie Extension) [par

Posted: Thu Sep 06, 2012 11:41 pm
by Djmann1013
It's fixed now, thanks!
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited