SirChick Posted August 2, 2007 Share Posted August 2, 2007 If this is the wrong place for my post please move where needs be... some one told me i had to post here :) I been working on these 3 scripts for some time to get them working. I have got as far as i can but im lost on how to get them to work. I feel rude to ask for help but im really stuck lol!! Any way heres the first problem the login page im making plain and simple does not work period. It doesn't even redirect to the success.php that i have told it to! Script: <?php if (isset($_POST['Login'])) { $Username = mysql_real_escape_string($_POST['Username']); $Password = mysql_real_escape_string($_POST['Password']); mysql_connect("localhost", "root", "private") or die (mysql_error()); mysql_select_db("databasename") or die (mysql_error()); $chkUSERNAME = mysql_query("SELECT * FROM `userregistration` WHERE `Username` = '".$_POST['Username']."'"); $getUSERNAME = mysql_fetch_object($chkUSERNAME); if($_POST['Username'] != $getUSERNAME->Username) { die('Username or password is incorrect, please check your spelling!'); $chkPASSWORD = mysql_query("SELECT * FROM `userregistration` WHERE `Password` = '".$_POST['Password']."'"); $getPASSWORD = mysql_fetch_object($chkPASSWORD); if($_POST['PASSWORD'] != $getPASSWORD->Password) { die('Username or password is incorrect, please check your spelling!'); header("Location: success.php"); }}} ?> Now the next 2 codes work together but are two separate php files. The first one is the actual registration page with the form.. the second one is a captcha code which produces an image with a security code which the user has to input. Now the problems i face here are, if i put the incorrect security code i get no error message when i should, and when I do have it correct it does no input the data to my apache server. Also on top of that the check box for the player to agree to terms of service does not work. It should check to see if the user has "checked" it and agreed to the terms of service. If they have not they should not have been able to register. Register Script <?php error_reporting(E_ALL); if(!mysql_connect("localhost", "root", "private")){ echo mysql_error(); exit; } else{ mysql_select_db("databasename") or die (mysql_error()); if (isset($_POST['RegistrationSubmission'])) { session_start(); if(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) { // Insert you code for processing the form here, e.g emailing the submission, entering it into a database. $Username = mysql_real_escape_string($_POST['Username']); $Password = mysql_real_escape_string($_POST['Password']); $Password2 = mysql_real_escape_string($_POST['Password2']); $Email = mysql_real_escape_string($_POST['EmailRegistration']); $Country = mysql_real_escape_string($_POST['CountryChoice']); $ip = $_SERVER["REMOTE_ADDR"]; $Gender = $_POST['Gender']; $TermsOfService = $_POST['TermsOfService']; $jump2 = 1; if ($Password != $Password2) { echo "Passwords did not match"; if ($TermsOfService == "off") { echo "You must agree to the terms of service before registering!"; $jump2 = 0; } } if ($jump2 ==1){ $chkUSERNAME = mysql_query("SELECT * FROM `userregistration` WHERE `Username` = '".$_POST['Username']."'"); $getUSERNAME = mysql_fetch_assoc($chkUSERNAME); if($_POST['Username'] == $getUSERNAME['Username']) { die('Username already registered, please choose a different username!'); } $chkEmail = mysql_query("SELECT * FROM `userregistration` WHERE `Email` = '".$_POST['EmailRegistration']."'"); $getEmail = mysql_fetch_assoc($chkEmail); if($_POST['EmailRegistration'] == $getEmail['Email']) { die('Email already registered, please choose a different username!'); } if ($Password == $Password2) { $query = "INSERT INTO `userregistration` (Username,Password,Email,Country,IP,Gender) Values ('$Username', '$Password', '$Email', '$Country', '$ip', '$Gender')"; mysql_query($query) or die(mysql_error()); unset($_SESSION['security_code']); header("Location: success.php"); } // Insert your code for showing an error message here If ($_SESSION['security_code'] != $_POST['security_code']){ die('Your security code input did not match the generated image, please try again!'); }} } } } ?> Register Code 2 (the one that generates the captcha image for security code <?php session_start(); class CaptchaSecurityImages { var $font = 'monofont.ttf'; function generateCode($characters) { /* list all possible characters, similar looking characters and vowels have been removed */ $possible = '23456789bcdfghjkmnpqrstvwxyz'; $code = ''; $i = 0; while ($i < $characters) { $code .= substr($possible, mt_rand(0, strlen($possible)-1), 1); $i++; } return $code; } function CaptchaSecurityImages($width='120',$height='40',$characters='6') { $code = $this->generateCode($characters); /* font size will be 75% of the image height */ $font_size = $height * 0.75; $image = imagecreate($width, $height) or die('Cannot initialize new GD image stream'); /* set the colours */ $background_color = imagecolorallocate($image, 255, 255, 255); $text_color = imagecolorallocate($image, 20, 40, 100); $noise_color = imagecolorallocate($image, 100, 120, 180); /* generate random dots in background */ for( $i=0; $i<($width*$height)/3; $i++ ) { imagefilledellipse($image, mt_rand(0,$width), mt_rand(0,$height), 1, 1, $noise_color); } /* generate random lines in background */ for( $i=0; $i<($width*$height)/150; $i++ ) { imageline($image, mt_rand(0,$width), mt_rand(0,$height), mt_rand(0,$width), mt_rand(0,$height), $noise_color); } /* create textbox and add text */ $textbox = imagettfbbox($font_size, 0, $this->font, $code) or die('Error in imagettfbbox function'); $x = ($width - $textbox[4])/2; $y = ($height - $textbox[5])/2; imagettftext($image, $font_size, 0, $x, $y, $text_color, $this->font , $code) or die('Error in imagettftext function'); /* output captcha image to browser */ header('Content-Type: image/jpeg'); imagejpeg($image); imagedestroy($image); $_SESSION['security_code'] = $code; } } $width = isset($_GET['width']) && $_GET['height'] < 600 ? $_GET['width'] : '120'; $height = isset($_GET['height']) && $_GET['height'] < 200 ? $_GET['height'] : '40'; $characters = isset($_GET['characters']) && $_GET['characters'] > 2 ? $_GET['characters'] : '6'; $captcha = new CaptchaSecurityImages($width,$height,$characters); ?> For those who need a script for these things are free to use these as you wish! *I have edited out my username and password and database name for those who may think i didnt* Any help is appreciated big time! And sorry for being rude to ask, i can usually fix my problems but im stuck here lol Quote Link to comment Share on other sites More sharing options...
Isomerizer Posted August 2, 2007 Share Posted August 2, 2007 Re: Can you help me debug my codes I think for the first script this should work: <?php if (isset($_POST['Login'])) { $Username = mysql_real_escape_string($_POST['Username']); $Password = mysql_real_escape_string($_POST['Password']); mysql_connect("localhost", "root", "private") or die (mysql_error()); mysql_select_db("databasename") or die (mysql_error()); $chkUSERNAME = mysql_query("SELECT * FROM `userregistration` WHERE `Username` = '".$_POST['Username']."'"); $getUSERNAME = mysql_fetch_object($chkUSERNAME); if($_POST['Username'] != $getUSERNAME->Username) { die('Username or password is incorrect, please check your spelling!'); } $chkPASSWORD = mysql_query("SELECT * FROM `userregistration` WHERE `Password` = '".$_POST['Password']."'"); $getPASSWORD = mysql_fetch_object($chkPASSWORD); if($_POST['PASSWORD'] != $getPASSWORD->Password) { die('Username or password is incorrect, please check your spelling!'); } header("Location: success.php"); } ?> Changed a few }'s around, Also if you get header output alreay send out use html redirection instead. Quote Link to comment Share on other sites More sharing options...
SirChick Posted August 2, 2007 Author Share Posted August 2, 2007 Re: Can you help me debug my codes I think for the first script this should work: <?php if (isset($_POST['Login'])) { $Username = mysql_real_escape_string($_POST['Username']); $Password = mysql_real_escape_string($_POST['Password']); mysql_connect("localhost", "root", "private") or die (mysql_error()); mysql_select_db("databasename") or die (mysql_error()); $chkUSERNAME = mysql_query("SELECT * FROM `userregistration` WHERE `Username` = '".$_POST['Username']."'"); $getUSERNAME = mysql_fetch_object($chkUSERNAME); if($_POST['Username'] != $getUSERNAME->Username) { die('Username or password is incorrect, please check your spelling!'); } $chkPASSWORD = mysql_query("SELECT * FROM `userregistration` WHERE `Password` = '".$_POST['Password']."'"); $getPASSWORD = mysql_fetch_object($chkPASSWORD); if($_POST['PASSWORD'] != $getPASSWORD->Password) { die('Username or password is incorrect, please check your spelling!'); } header("Location: success.php"); } ?> Changed a few }'s around, Also if you get header output alreay send out use html redirection instead. i tried it and i had the same result for the login page. what did you change exactly? Quote Link to comment Share on other sites More sharing options...
SirChick Posted August 2, 2007 Author Share Posted August 2, 2007 Re: Can you help me debug my codes At the moment when the data is submitted it doesnt do jack all. Thats is the login page.. when you login correctly it takes you to sucess.php which basically says "you have successfully logged in" then it redirects you to the main front page where login members can access. It would not make sense to log in yet be directed back to the login page cos you'd never be able to access the site then. But at the moment all it does is you can type in aload of junk and click login and it clears the data you inputted and does nothing. And you can also type in correct data (a valid username and password) and it still does the same thing. You get me? Quote Link to comment Share on other sites More sharing options...
Matty Posted August 6, 2007 Share Posted August 6, 2007 Re: Can you help me debug my codes You need to set sessions/cookies. Then you need to do checks on each page... etc. Your being logged out because of that, hence being redirected back to the login page. If i'm wrong ignore me its late... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.