Thread: Logging In Problem O_O
View Single Post
  #11  
Old 10-18-2011, 03:33 PM
Abronsyth's Avatar
Abronsyth Abronsyth is offline
A Headache Embodied
  
Join Date: Aug 2011
Location: NY
Posts: 1,011
Gender: Male
Credits: 150,141
Abronsyth is on a distinguished road
Default
Okay, the problem is back. I upgraded to 1.2.3, it even says it's 1.2.3, but recently it happened again, and now my users can no longer login. Again. Here's the php:
Code:
<?php

include("inc/functions.php");

//***************//
//  START SCRIPT //
//***************//

if($isloggedin == "yes"){

$article_title = $langislog;
$article_content = $langislogfull;

}
else{

//User is not logged in, so let's attempt to log them in...

$username = $_POST["username"];
$username = secure($username);
$password = $_POST["password"];
$password = secure($password);

//User is not logged in

$loginform = "<form name='form1' method='post' action='login.php'>
  <p>Username: 
    <input name='username' type='text' id='username'>
</p>
  <p>Password: 
    <input name='password' type='password' id='password'>
</p>
  <p>
    <input type='submit' name='Submit' value='Submit'>
  </p>
  <p>Don't have an account?<br>
  <a href='register.php'>Register Free</a>  </p>
  <a href='forgotpass.php'>Forgot your password?  Click Here</a>
</form>";



if($loggedinname == "" and $password == ""){
// User is viewing login form
$article_title = "Member Login:";

$article_content = $loginform;
}
else if(($username != "" and $password == "") or ($username == "" and $password != "") ){

//Something was left blank
$article_title = "Login Error:";
$article_content = "Something was left blank.  Please try logging in again.<br><br>{$loginform}";

}
else if($username != "" and $password != ""){
// Try to log the user in
$password = passencr($username, $password);

$result = runquery("SELECT * FROM {$prefix}users WHERE username = '$username'") ;
$user = mysql_fetch_array($result);  

if($username == $user['username'] and $password == $user['password']){
$article_title = "Login Successful!";
$article_content = "Welcome back {$username}.  You are now logged in.  <a href='account.php'>Click Here to view or edit your account.</a>";


// Set the cookie
$Month = 2592000 + time();
// Convert from username to uid to secure data, no need for password since it is already hashed. 
$uid = usernametouid($username);
setcookie("auid",$uid,$Month);
setcookie("apass",$password,$Month);

}
else{
$article_title = "Login Failed!";
$article_content = "Sorry, we could not log you on with the details specified.  You can <a href='login.php'>try again</a> or <a href='forgotpass.php'>request a password reset.</a>";
$fail = 1;
}
}




}


//***************//
//  OUTPUT PAGE  //
//***************//

echo showpage($article_title, $article_content, $date);

?>
__________________
My Mods Site (1.3.4, 2020 Mods)
Reply With Quote