Login page..?

[Tequila]

I'm not sure if I've mentioned this before, but the log in page does not display anything, as in http://crystalhollow.com/login.php

I've been playing with things that I've changed on my site, and cannot log back in under my own account.

This may be a problem, here is the code for my login.php page, anyone figure this one out?

PHP Code:

<?php

include("inc/functions.php");

//***************//
//  START SCRIPT //
//***************//

if($isloggedin == "yes"){

$article_title = $langislog;
$article_content = $langislogfull;

}
else{

//User is not logged in, so let's attempt to log them in...

$username = $_POST["username"];
$password = $_POST["password"];

//User is not logged in

$loginform = "<form name='form1' method='post' action='login.php'>
  <p>Username: 
    <input name='username' type='text' id='username'>
</p>
  <p>Password: 
    <input name='password' type='password' id='password'>
</p>
  <p>
    <input type='submit' name='Submit' value='Submit'>
  </p>
  <p>Don't have an account?<br>
  <a href='register.php'>Register Free</a>  </p>
  <a href='forgotpass.php'>Forgot your password?  Click Here</a>
</form>";



if($loggedinname == "" and $password == ""){
// User is viewing login form
$article_title = "Member Login:";

$article_content = $loginform;
}
else if(($username != "" and $password == "") or ($username == "" and $password != "") ){

//Something was left blank
$article_title = "Login Error:";
$article_content = "Something was left blank.  Please try logging in again.<br><br>".$loginform."";

}
else if($username != "" and $password != ""){
// Try to log the user in
$password = md5($password);

$query = "SELECT * FROM ".$prefix."users WHERE username = '$username'";
$result = @runquery($query);
$num = @mysql_numrows($result);

//Loop out code
$i=0;
while ($i < 1) {

$luser=@mysql_result($result,$i,"username");
$lpass=@mysql_result($result,$i,"password");

$i++;
}

if($username == $luser and $password == $lpass){
$article_title = "Login Successful!";
$article_content = "Welcome back ".$username.".  You are now logged in.  <a href='account.php'>Click Here to view or edit your account.</a>";


// Set the cookie
$Month = 2592000 + time();
setcookie("auser",$username,$Month);
setcookie("apass",$password,$Month);

}
else{
$article_title = "Login Failed!";
$article_content = "Sorry, we could not log you on with the details specified.  You can <a href='login.php'>try again</a> or <a href='forgotpass.php'>request a password reset.</a>";
$fail = 1;
}
}




}


//***************//
//  OUTPUT PAGE  //
//***************//

echo showpage($article_title, $article_content, $date);

?>

[Kaeliah]

I glanced over it, I don't have much time now which is why but the only thing that stuck out in my mind is the use of the loop code. there is no need for it because all usernames should be unique.

[Tequila]

Quote:

Originally Posted by Kaeliah

I glanced over it, I don't have much time now which is why but the only thing that stuck out in my mind is the use of the loop code. there is no need for it because all usernames should be unique.

See that's something that I would not have caught...

[Tequila]

Derp! I think I figured it out, see if you can find my fix here:

PHP Code:

<?php

include("inc/functions.php");

//***************//
//  START SCRIPT //
//***************//

if($isloggedin == "yes"){

$article_title = $langislog;
$article_content = $langislogfull;

}
else{

//User is not logged in, so let's attempt to log them in...

$username = $_POST["username"];
$password = $_POST["password"];

//User is not logged in
$article_title = "Log In";
$article_content = "<form name='form1' method='post' action='login.php'>
  <p>Username: 
    <input name='username' type='text' id='username'>
</p>
  <p>Password: 
    <input name='password' type='password' id='password'>
</p>
  <p>

    <input type='submit' name='Submit' value='Submit'>
  </p>
  <p>Don't have an account?<br>
  <a href='register.php'>Register Free</a>  </p>
  <a href='forgotpass.php'>Forgot your password?  Click Here</a>
</form>";



if($loggedinname == "" and $password == ""){
// User is viewing login form
$article_title = "Member Login:";

$article_content = $loginform;
}
else if(($username != "" and $password == "") or ($username == "" and $password != "") ){

//Something was left blank
$article_title = "Login Error:";
$article_content = "Something was left blank.  Please try logging in again.<br><br>".$loginform."";

}
else if($username != "" and $password != ""){
// Try to log the user in
$password = md5($password);

$query = "SELECT * FROM ".$prefix."users WHERE username = '$username'";
$result = @runquery($query);
$num = @mysql_numrows($result);

//Loop out code
$i=0;
while ($i < 1) {

$luser=@mysql_result($result,$i,"username");
$lpass=@mysql_result($result,$i,"password");

$i++;
}

if($username == $luser and $password == $lpass){
$article_title = "Login Successful!";
$article_content = "Welcome back ".$username.".  You are now logged in.  <a href='account.php'>Click Here to view or edit your account.</a>";


// Set the cookie
$Month = 2592000 + time();
setcookie("auser",$username,$Month);
setcookie("apass",$password,$Month);

}
else{
$article_title = "Login Failed!";
$article_content = "Sorry, we could not log you on with the details specified.  You can <a href='login.php'>try again</a> or <a href='forgotpass.php'>request a password reset.</a>";
$fail = 1;
}
}




}


//***************//
//  OUTPUT PAGE  //
//***************//

echo showpage($article_title, $article_content, $date);

?>

Since I'm using a customized site, this actually works, as I have no sidefeed called.