Register

If this is your first visit, please click the Sign Up now button to begin the process of creating your account so you can begin posting on our forums! The Sign Up process will only take up about a minute of two of your time.

Page 2 of 2 FirstFirst 1 2
Results 11 to 18 of 18
  1. #11
    Junior Member Jetstorm's Avatar
    Join Date
    Aug 2014
    Posts
    22
    Member #
    39972
    Yeah, sorry, about that... I was still asleep while writing it... didn't noticed you used a select instead of insert..

    PHP Code:
    <?php 
    } else { 
        require_once(
    "system/db.php"); 
        
    $mysqli = new mysqli(DB_HOSTDB_USERDB_PASSDB_NAME); 
        
    # check connection 
        
    if ($mysqli->connect_errno) { 
            echo 
    "<p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>"
            exit(); 
        } 
      
        
    $email mysqli_real_escape_string($_POST['email']); 
        
    $password mysqli_real_escape_string($_POST['password']); 
      
        
    $sql "SELECT * from users WHERE email LIKE '{$email}' AND password LIKE '{$password}' LIMIT 1"
        
    $result $mysqli->query($sql); 
        if (!
    $result->num_rows == 1) { 
            
    header ('Location:login.php?error=1'); 
        } else { 
            
    $row $result->fetch_assoc();
            
    $user_id $row['id'];
            
    $sql="UPDATE users SET lastloginip = ('$lastloginip') WHERE id = '$user_id'"
            
    header ('Location:index.php'); 
        } 

    ?>
    The code should be something like that... You're getting the current user id and updating it later if there was no error.

    Depending on your table structure if the email field is unique you can ommit the id select and do something like that instead:


    PHP Code:
    <?php 
    } else { 
        require_once(
    "system/db.php"); 
        
    $mysqli = new mysqli(DB_HOSTDB_USERDB_PASSDB_NAME); 
        
    # check connection 
        
    if ($mysqli->connect_errno) { 
            echo 
    "<p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>"
            exit(); 
        } 
      
        
    $email mysqli_real_escape_string($_POST['email']); 
        
    $password mysqli_real_escape_string($_POST['password']); 
      
        
    $sql "SELECT * from users WHERE email = '{$email}' AND password = '{$password}' LIMIT 1"
        
    $result $mysqli->query($sql); 
        if (!
    $result->num_rows == 1) { 
            
    header ('Location:login.php?error=1'); 
        } else { 
            
    $sql="UPDATE users SET lastloginip = ('$lastloginip') WHERE email = '$email'"
            
    header ('Location:index.php'); 
        } 

    ?>
    Also I've changed your select because you need the email and password values to be exact and not similar (replaced LIKE with =)
    Last edited by Jetstorm; Sep 01st, 2014 at 07:18 AM.

  2.  

  3. #12
    Senior Member
    Join Date
    Nov 2013
    Posts
    146
    Member #
    37737
    Liked
    15 times
    Awesome, it's working now! Thank you! Only problem now is the sessions are corrupt, they only seem to store the first letter of the email address which of course means nothing in the rest of the web app works.
    Any idea why?

  4. #13
    Junior Member Jetstorm's Avatar
    Join Date
    Aug 2014
    Posts
    22
    Member #
    39972
    Posting the broken code might help

  5. #14
    Senior Member
    Join Date
    Nov 2013
    Posts
    146
    Member #
    37737
    Liked
    15 times
    my problem is the session is somehow corrupt. It only shows the first letter of the email address which I'm using for unique identifier... again this is a major issue because i pull all the data based on the email of the user as that is unique, but if the email is not passed off correctly i don't even know what to do. thanks!

    PHP Code:
    $email $_SESSION["session"]; 
    then

    PHP Code:
    <h1>Welcome, <?php echo $email ?></h1>
    only shows
    PHP Code:
    Welcome
    when it should show
    PHP Code:
    Welcomechris@example.com 
    now, on the login form this is the code that makes the session:
    PHP Code:
      session_regenerate_id();
            
    $_SESSION['session'] = $email['email'];
            
    session_write_close(); 
    And this is what I have at the top of each page
    PHP Code:
    session_start();
        if(!isset(
    $_SESSION['session']) || (trim($_SESSION['session']) == '')) {
            
    header('location: login.php');
            exit();
        } 
    Last edited by noodles415; Sep 01st, 2014 at 11:38 AM.

  6. #15
    Junior Member Jetstorm's Avatar
    Join Date
    Aug 2014
    Posts
    22
    Member #
    39972
    You'll have to paste the whole login form code

  7. #16
    Senior Member
    Join Date
    Nov 2013
    Posts
    146
    Member #
    37737
    Liked
    15 times
    Quote Originally Posted by Jetstorm View Post
    You'll have to paste the whole login form code
    PHP Code:
    <?php
        ob_start
    ();
        
    session_start();
        
    $pageTitle 'Log In';
      
    $lastloginip $_SERVER['REMOTE_ADDR'];
        if (!isset(
    $_POST['submit'])){
    ?>
        <!DOCTYPE html>
    <html lang="en">
      <head>
        <meta charset="utf-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <meta name="description" content="">
        <meta name="author" content="">
        <link rel="shortcut icon" href="favicon.ico">
        <title>Helpdesk - <?php echo $pageTitle ?></title>
        <link href="css/bootstrap.min.css" rel="stylesheet">
        <!-- <link href="css/bootstrap-theme.min.css" rel="stylesheet"> -->
        <!--<link href="css/stylesheet.css" rel="stylesheet">-->
        <link href="css/datepicker.css" rel="stylesheet">
        <script type="text/javascript" src="http://code.jquery.com/jquery-2.1.1.min.js"></script>
        <script language="JavaScript" src="js/bootstrap-datepicker.js"></script>
        <script language="JavaScript" src="js/bootstrap.min.js"></script>
        <link rel="stylesheet" href="//code.jquery.com/ui/1.11.0/themes/smoothness/jquery-ui.css">
        <script src="//code.jquery.com/jquery-1.10.2.js"></script>
        <script src="//code.jquery.com/ui/1.11.0/jquery-ui.js"></script>

        <style>
          body {
            padding-top: 40px;
            padding-bottom: 40px;
            background-color: #eee;
            background-image: url('img/loginbg.png');
          }

          .form-signin {
            max-width: 330px;
            padding: 15px;
            margin: 0 auto;
          }
          .form-signin .form-signin-heading,
          .form-signin .checkbox {
            margin-bottom: 10px;
          }
          .form-signin .checkbox {
            font-weight: normal;
          }
          .form-signin .form-control {
            position: relative;
            height: auto;
            -webkit-box-sizing: border-box;
               -moz-box-sizing: border-box;
                    box-sizing: border-box;
            padding: 10px;
            font-size: 16px;
          }
          .form-signin .form-control:focus {
            z-index: 2;
          }
          .form-signin input[type="email"] {
            margin-bottom: -1px;
            border-bottom-right-radius: 0;
            border-bottom-left-radius: 0;
          }
          .form-signin input[type="password"] {
            margin-bottom: 10px;
            border-top-left-radius: 0;
            border-top-right-radius: 0;
          }

          .form-signin-heading {
            color: #FFFFFF;
          }
        </style>

        <!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
        <!--[if lt IE 9]>
          <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
          <script src="https://oss.maxcdn.com/libs/respond.js/1.4.2/respond.min.js"></script>
        <![endif]-->
      </head>
      <body>

      <div class="container">
      <form class="form-signin" role="form" action="<?=$_SERVER['PHP_SELF']?>" method="post">
        <center><h2 class="form-signin-heading">Helpdesk</h2></center>
        <?php
            
    if (isset($_GET['error'])) {
                echo 
    "<div class=\"alert alert-warning\" role=\"alert\">Login failed, please try again.</div>";
            }

        
    ?>
        <input type="email" class="form-control" name="email" placeholder="Email" required autofocus>
        <input type="password" class="form-control" name="password" placeholder="Password" required>
        <button class="btn btn-lg btn-primary btn-block" name="submit" type="submit">Submit</button>
      </form>

    </div> <!-- /container -->
      </body>
    </html>
    <?php
    } else {
        require_once(
    "system/db.php");
        
    $mysqli = new mysqli(DB_HOSTDB_USERDB_PASSDB_NAME);
        
    # check connection
        
    if ($mysqli->connect_errno) {
            echo 
    "<p>MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}</p>";
            exit();
        }

        
    $email mysqli_real_escape_string($mysqli $_POST['email']);  
        
    $password mysqli_real_escape_string($mysqli $_POST['password']);  

          
    $salt "microtime()";
        
    $password md5($salt.$password);
     
        
    $loginsql "SELECT * from users WHERE email = '{$email}' AND password = '{$password}' LIMIT 1";
        
    $loginresult $mysqli->query($loginsql);
        if (!
    $loginresult->num_rows == 1) {
            
    header ('Location:login.php?error=1');
        } else {
            
          
    $ipsql="UPDATE users SET lastloginip = ('$lastloginip') WHERE email = '$email'";
          
    $mysqli->query($ipsql);  
            
    header ('Location:index.php');
            
    session_regenerate_id();
            
    $_SESSION['session'] = $email['email'];
            
    session_write_close();
        }
    }
    ?>

  8. #17
    Junior Member Jetstorm's Avatar
    Join Date
    Aug 2014
    Posts
    22
    Member #
    39972
    PHP Code:
            session_regenerate_id(); 
            
    $_SESSION['session'] = $email['email']; 
            
    session_write_close(); 
    should go before
    PHP Code:
    header ('Location:index.php'); 
    also
    PHP Code:
    $_SESSION['session'] = $email['email']; 
    should become
    PHP Code:
    $_SESSION['session'] = $email

  9. #18
    Senior Member
    Join Date
    Nov 2013
    Posts
    146
    Member #
    37737
    Liked
    15 times
    yay i did the second part and it worked thanks!


Page 2 of 2 FirstFirst 1 2

Remove Ads

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
All times are GMT -6. The time now is 03:54 PM.
Powered by vBulletin® Version 4.2.3
Copyright © 2021 vBulletin Solutions, Inc. All rights reserved.
vBulletin Skin By: PurevB.com