PHP Tutorial: Private Message System [part 04] HELP!
Posted: Sun Apr 14, 2013 8:17 pm
Hey guys i really need your help now im following this tutorial but everytime i want to login it says "login failed".
here is my code
init.inc.php
[syntax=php]
<?php
$core_path = dirname(__FILE__);
if (empty($_GET['page']) || in_array("{$_GET['page']}.page.inc.php", scandir("{$core_path}/pages")) == false){
header('HTTP/1.1 404 Not Found');
header('Location: index.php?page=inbox');
die();
}
session_start();
mysql_connect("localhost", "root", "");
mysql_select_db('msg_system');
include("{$core_path}/inc/user.inc.php");
if (isset($_POST['user_name'], $_POST['user_password'])){
if (($user_id = validate_crendenials($_POST['user_name'], $_POST['user_password'])) !== false){
$SESSION['user_id'] = $user_id;
header('Location: index.php?page=inbox');
die();
}
}
if (empty($_SESSION['user_id']) && $_GET['page'] !== 'login'){
header('HTTP/1.1 403 Forbidden');
header('Location: index.php?page=login');
die();
}
$include_file = "{$core_path}/pages/{$_GET['page']}.page.inc.php";
?>[/syntax]
And here is user.inc.php
[syntax=php]
<?php
// checks a given username and password combination, returning the user's ID.
function validate_crendenials($user_name, $user_password){
$user_name = mysql_real_escape_string($user_name);
$user_password = sha1($user_password);
$result = mysql_query("SELECT user_id FROM users WHERE user_name = '{$user_name}' AND user_password = '{$user_password}'");
if (mysql_num_rows($result) != 1){
return false;
}
return mysql_result($result, 0);
}
?>
[/syntax]
here is my code
init.inc.php
[syntax=php]
<?php
$core_path = dirname(__FILE__);
if (empty($_GET['page']) || in_array("{$_GET['page']}.page.inc.php", scandir("{$core_path}/pages")) == false){
header('HTTP/1.1 404 Not Found');
header('Location: index.php?page=inbox');
die();
}
session_start();
mysql_connect("localhost", "root", "");
mysql_select_db('msg_system');
include("{$core_path}/inc/user.inc.php");
if (isset($_POST['user_name'], $_POST['user_password'])){
if (($user_id = validate_crendenials($_POST['user_name'], $_POST['user_password'])) !== false){
$SESSION['user_id'] = $user_id;
header('Location: index.php?page=inbox');
die();
}
}
if (empty($_SESSION['user_id']) && $_GET['page'] !== 'login'){
header('HTTP/1.1 403 Forbidden');
header('Location: index.php?page=login');
die();
}
$include_file = "{$core_path}/pages/{$_GET['page']}.page.inc.php";
?>[/syntax]
And here is user.inc.php
[syntax=php]
<?php
// checks a given username and password combination, returning the user's ID.
function validate_crendenials($user_name, $user_password){
$user_name = mysql_real_escape_string($user_name);
$user_password = sha1($user_password);
$result = mysql_query("SELECT user_id FROM users WHERE user_name = '{$user_name}' AND user_password = '{$user_password}'");
if (mysql_num_rows($result) != 1){
return false;
}
return mysql_result($result, 0);
}
?>
[/syntax]