ub3rl33t php problems

Status
Not open for further replies.
Macemore

Macemore

Circumcised pineapples
Aug 26, 2011
1,681
819
No matter what, the login will be false even when it shouldn't.

PHP: 
<?php
define('awesome', '1');
include('../inc.php');
mysql_connect($host, $usr, $pwd);
mysql_select_db($db);
 
if(isset($_POST['user'], $_POST['pass'])) {
$user = mysql_real_escape_string(htmlentities(stripslashes($_POST['user'])));
$pass = sha1($_POST['pass']);
 
$log = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = `{$user}` AND `password` = `{$pass}`") or die(mysql_error());
$tell = mysql_result($log, 0);
}
 
if($tell == 0) {
 echo "Incorrect login, <a href='index.php'>go back</a>";
} else {
 $_SESSION['loggedin'] = '1';
 echo "Successfully logged in, <a href='admin.php'>go to admin</a>";
}
 
?>

Any help?
 
Sort by date Sort by votes
Sledmore

Sledmore

Chaturbate Livestreamer
Staff member
FindRetros Moderator
Jul 24, 2010
5,202
3,957
Try this?

PHP: 
<?php
define('awesome', '1');
include('../inc.php');
mysql_connect($host, $usr, $pwd);
mysql_select_db($db);
 
if(isset($_POST['user']), isset($_POST['pass'])) {
$user = mysql_real_escape_string(htmlentities(stripslashes($_POST['user'])));
$pass = sha1($_POST['pass']);
 
$log = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = `{$user}` AND `password` = `{$pass}`") or die(mysql_error());
$tell = mysql_result($log, 0);
}
 
if($tell == 0) {
 echo "Incorrect login, <a href='index.php'>go back</a>";
} else {
 $_SESSION['loggedin'] = '1';
 echo "Successfully logged in, <a href='admin.php'>go to admin</a>";
}
 
?>
 
Upvote 0 Downvote
Macemore

Macemore

Circumcised pineapples
Aug 26, 2011
1,681
819
Sledmore said:
Try this?

PHP: 
<?php
define('awesome', '1');
include('../inc.php');
mysql_connect($host, $usr, $pwd);
mysql_select_db($db);
 
if(isset($_POST['user']), isset($_POST['pass'])) {
$user = mysql_real_escape_string(htmlentities(stripslashes($_POST['user'])));
$pass = sha1($_POST['pass']);
 
$log = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = `{$user}` AND `password` = `{$pass}`") or die(mysql_error());
$tell = mysql_result($log, 0);
}
 
if($tell == 0) {
echo "Incorrect login, <a href='index.php'>go back</a>";
} else {
$_SESSION['loggedin'] = '1';
echo "Successfully logged in, <a href='admin.php'>go to admin</a>";
}
 
?>
Click to expand...
At first I got "unexpected , on line 7" so I changed it to
if(isset($_POST['user']) and isset($_POST['pass'])) {
then it just was incorrect.
 
Upvote 0 Downvote
Sledmore

Sledmore

Chaturbate Livestreamer
Staff member
FindRetros Moderator
Jul 24, 2010
5,202
3,957
Mace said:
At first I got "unexpected , on line 7" so I changed it to
if(isset($_POST['user']) and isset($_POST['pass'])) {
then it just was incorrect.
Click to expand...

<?php
define('awesome', '1');
include('../inc.php');
mysql_connect($host, $usr, $pwd);
mysql_select_db($db);

if ($_POST['user'] && $_POST['pass']) {
$user = mysql_real_escape_string(htmlentities(stripslashes($_POST['user'])));
$pass = sha1($_POST['pass']);

$log = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = `{$user}` AND `password` = `{$pass}`") or die(mysql_error());
$tell = mysql_result($log, 0);
}

if($tell == 0) {
echo "Incorrect login, <a href='index.php'>go back</a>";
} else {
$_SESSION['loggedin'] = '1';
echo "Successfully logged in, <a href='admin.php'>go to admin</a>";
}

?>

Might wanna before that do, 'if (isset($_POST['buttoname']))'
 
Upvote 0 Downvote
Macemore

Macemore

Circumcised pineapples
Aug 26, 2011
1,681
819
Sledmore said:
<?php
define('awesome', '1');
include('../inc.php');
mysql_connect($host, $usr, $pwd);
mysql_select_db($db);

if ($_POST['user'] && $_POST['pass']) {
$user = mysql_real_escape_string(htmlentities(stripslashes($_POST['user'])));
$pass = sha1($_POST['pass']);

$log = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = `{$user}` AND `password` = `{$pass}`") or die(mysql_error());
$tell = mysql_result($log, 0);
}

if($tell == 0) {
echo "Incorrect login, <a href='index.php'>go back</a>";
} else {
$_SESSION['loggedin'] = '1';
echo "Successfully logged in, <a href='admin.php'>go to admin</a>";
}

?>

Might wanna before that do, 'if (isset($_POST['buttoname']))'
Click to expand...
I changed it to:
PHP: 
<?php
define('awesome', '1');
include('../inc.php');
mysql_connect($host, $usr, $pwd);
mysql_select_db($db);
 
if(isset($_POST['user'])) {
if(isset($_POST['pass'])) {
$user = mysql_real_escape_string(htmlentities(stripslashes($_POST['user'])));
$pass = sha1($_POST['pass']);
 
$log = mysql_query("SELECT COUNT(`user_id`) FROM `users` WHERE `username` = `{$user}` AND `password` = `{$pass}`") or die(mysql_error());
$tell = mysql_result($log, 0);
} else {
echo 'You must specify a password';
}
} else {
echo 'You must specify a username';
}
 
if($tell == 0) {
echo "Incorrect login, <a href='index.php'>go back</a>";
} else {
$_SESSION['loggedin'] = '1';
echo "Successfully logged in, <a href='admin.php'>go to admin</a>";
}
 
?>
then it gave me "You must specify a username"
instead of name= I had id= on the form. works now, thanks guys.
 
Upvote 0 Downvote
Status
Not open for further replies.

Users who are viewing this thread

Total: 2 (members: 0, guests: 2)
☀️  Switch to Light Theme

Latest posts

Top