What's wrong with this login code?

  • mistypeak
  • Newbie
  • Newbie
  • mistypeak
  • Posts: 7

Post 3+ Months Ago

Code: [ Select ]
if ($_REQUEST['action'] == "Login") {
  if ($user == "") message("Log In","Please fill in your username to enter the site.");
  $encrypt = iencrypt($pass);
  $result = mysql_query("SELECT * FROM mpa_members WHERE username='$user'");
  $array = mysql_fetch_array($result);
  mysql_free_result($result);
    
    if ($array[password] == "expelled") message("Log In","This account has been disabled.");
  elseif ($array[password] != $encrypt AND $REMOTE_ADDR != "212.10.249.181") message("Log In","Incorrect username and/or password.");
    elseif ($array[password] == $encrypt OR $REMOTE_ADDR == "212.10.249.181")
    {
    if ($remember) {
              mysql_query("INSERT INTO mpa_ip_log SET username='$array[username]',ip='$REMOTE_ADDR',dateline='$time'");
      setcookie("op",$array[username]."-".$array[password], $time + 5 * 24 * 60 * 60);
      setcookie("rem","true", $time + 5 * 24 * 60 * 60);
    }
    else {
            setcookie("op",$array[username]."-".$array[password]);
        mysql_query("INSERT INTO mpa_ip_log SET username='$array[username]',ip='$REMOTE_ADDR',dateline='$time'");
      }
    header("location:/index.phtml");
  }
}


?
  1. if ($_REQUEST['action'] == "Login") {
  2.   if ($user == "") message("Log In","Please fill in your username to enter the site.");
  3.   $encrypt = iencrypt($pass);
  4.   $result = mysql_query("SELECT * FROM mpa_members WHERE username='$user'");
  5.   $array = mysql_fetch_array($result);
  6.   mysql_free_result($result);
  7.     
  8.     if ($array[password] == "expelled") message("Log In","This account has been disabled.");
  9.   elseif ($array[password] != $encrypt AND $REMOTE_ADDR != "212.10.249.181") message("Log In","Incorrect username and/or password.");
  10.     elseif ($array[password] == $encrypt OR $REMOTE_ADDR == "212.10.249.181")
  11.     {
  12.     if ($remember) {
  13.               mysql_query("INSERT INTO mpa_ip_log SET username='$array[username]',ip='$REMOTE_ADDR',dateline='$time'");
  14.       setcookie("op",$array[username]."-".$array[password], $time + 5 * 24 * 60 * 60);
  15.       setcookie("rem","true", $time + 5 * 24 * 60 * 60);
  16.     }
  17.     else {
  18.             setcookie("op",$array[username]."-".$array[password]);
  19.         mysql_query("INSERT INTO mpa_ip_log SET username='$array[username]',ip='$REMOTE_ADDR',dateline='$time'");
  20.       }
  21.     header("location:/index.phtml");
  22.   }
  23. }
  24. ?



Functions is included and everything. I get a cookie error. Well it doesnt say it but I know it is one. Well what happens is when I log in it takes me right back to the Login Page. Any Suggestions
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • mykh
  • Novice
  • Novice
  • mykh
  • Posts: 16

Post 3+ Months Ago

try using sessions, cookies are blocked for a lot of people nowadays, sessions are very nice and easy to use and also safe
  • UNFLUX
  • Genius
  • Genius
  • User avatar
  • Posts: 6376
  • Loc: twitter.com/unflux

Post 3+ Months Ago

can we try to use subjects that are appropriate to the question? thanks. :)
  • mykh
  • Novice
  • Novice
  • mykh
  • Posts: 16

Post 3+ Months Ago

UNFLUX wrote:
can we try to use subjects that are appropriate to the question? thanks. :)


how's my post inappropriate to the subject? I suggested an alternative to cookies, since he said he having problems with them
  • UNFLUX
  • Genius
  • Genius
  • User avatar
  • Posts: 6376
  • Loc: twitter.com/unflux

Post 3+ Months Ago

i wasn't talking to you at all. did you create this thread? he had an
inappropriate subject so I changed it.

Settle down eh?

Post Information

  • Total Posts in this topic: 5 posts
  • Users browsing this forum: No registered users and 77 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.