Mysidia Adoptables Support Forum

Mysidia Adoptables Support Forum (http://www.mysidiaadoptables.com/forum/index.php)
-   Questions and Supports (http://www.mysidiaadoptables.com/forum/forumdisplay.php?f=18)
-   -   Logging In Problem O_O (http://www.mysidiaadoptables.com/forum/showthread.php?t=2370)

Abronsyth 09-04-2011 10:44 AM
Logging In Problem O_O
 
This is a some what serious problem, it seems none of my users, nor myself, are able to login to the site. The password resets are not working, I even changed a user's password for them, but the password didn't work. Here's my login.php, hope someone can see something I've missed!
Code:
<?php
include("inc/functions.php");

//***************//
//  START SCRIPT //
//***************//


if($isloggedin == "yes"){
$article_title = $langislog;
$article_content = $langislogfull;
echo 'no';
}else{

//User is not logged in, so let's attempt to log them in...

$username = $_POST["username"];
$password = $_POST["password"];

//User is not logged in

$article_content = "<form name='form1' method='post' action='login.php'>
  <p>Username:
    <input name='username' type='text' id='username'>
</p>
  <p>Password:
    <input name='password' type='password' id='password'>
</p>
  <p>
    <input type='submit' name='Submit' value='Submit'>
  </p>
  <p>Don't have an account?<br>
  <a href='register.php'>Register Free</a>  </p>
  <a href='forgotpass.php'>Forgot your password?  Click Here</a>
</form>";



if($loggedinname == "" and $password == ""){
// User is viewing login form
$article_title = "Member Login:";

$article_content = $loginform;
}
else if(($username != "" and $password == "") or ($username == "" and $password != "") ){

//Something was left blank
$article_title = "Login Error:";
$article_content = "Something was left blank.  Please try logging in again.<br><br>".$loginform."";

}
else if($username != "" and $password != ""){
// Try to log the user in
$password = md5($password);

$query = "SELECT * FROM ".$prefix."users WHERE username = '$username'";
$result = @runquery($query);
$num = @mysql_numrows($result);

//Loop out code
$i=0;
while ($i < 1) {

$luser=@mysql_result($result,$i,"username");
$lpass=@mysql_result($result,$i,"password");

$i++;
}

if($username == $luser and $password == $lpass){
$article_title = "Login Successful!";
$article_content = "Welcome back ".$username.".  You are now logged in.  <a href='account.php'>Click Here to view or edit your account.</a>";


// Set the cookie
$Month = 2592000 + time();
setcookie("auser",$username,$Month);
setcookie("apass",$password,$Month);

}
else{
$article_title = "Login Failed!";
$article_content = "Sorry, we could not log you on with the details specified.  You can <a href='login.php'>try again</a> or <a href='forgotpass.php'>request a password reset.</a>";
$fail = 1;
}
}




}


//***************//
//  OUTPUT PAGE  //
//***************//

echo showpage($article_title, $article_content, $date);

?>
Hm, never mind, it seems like all parts of the script are there, yet it's still not working? Does something seem abnormal to anyone?

Linkin-Dreamer 09-04-2011 11:14 AM
What version are you using? I just upgraded to 1.2.3, I seem to be having logging-in issues (I can log in, just not for very long)

Abronsyth 09-04-2011 11:21 AM
1.2.3 as well, I've had numerous issues with it so far...but this one is the most serious I've found :(

Plague 09-04-2011 12:08 PM
So wait, Iris-Spider, this is your log in page for the 1.2.3 version? If so then the reason you're having an issue is right here...

Code:
// Try to log the user in
$password = md5($password);
From what I understand they updated the security in the latest version. However if they didn't do those same updates in the register, log in, account page (where you change passwords) and password reset it's not going to work.

Best way I can think to explain it is when the account is made it's like the password was stored in Spanish, but the log in page is being told to read it as French. It will say the passwords don't match and refuse log in.

ipengu 09-04-2011 02:34 PM
Did you upgrade to 1.2.3 or did you fresh install with 1.2.3?

If you updated did you make sure to run yoursite.com/directory{if any}/userencrypt.php

Also did you overwrite all old files with new ones if you upgraded.

Abronsyth 09-04-2011 04:48 PM
It was the first time being installed, so no, it was not upgraded, and Nemesis installed it for me, so anything to do with the installation, I can't say...prehaps I can replace the 1.2.3 login.php with the 1.2.2 login.php? Or would that just not work?

Hall of Famer 09-04-2011 04:56 PM
Well for fresh installation, run the adminencrypt.php file within your adoptables directory to encrypt your own password. Another way to resolve your problem is to simply reset your own password. Do NOT replace Mys v1.2.3's login.php with Mys v1.2.2's login.php. Sure you will be able to login then, but your users will not. The key to Mys v1.2.3 is a different approach for password encryption.

Edit: From the login.php file you posted, it is apparently Mys v1.2.2's. I am assuming you did not overwrite your old script files with Mys v1.2.3's script files, please make sure you do this before or after upgrading your site.

Nemesis 09-05-2011 09:54 AM
Is this problem resolved? It appears to be by looking at the shoutbox. I am fairly certain I had it installed right too because the log ins worked for some time did they not? Your site is looking very good by the way so there must a been a bit of a mistake during the changes?

Hall of Famer 09-05-2011 04:56 PM
Well from what I've known so far, Iris' site was not using Mys v1.2.3 at all since the coding pattern from her login.php is apparently Mys v1.2.2's. You may need to take a close look at the script files on her site and see if they are indeed Mys v1.2.3.

Abronsyth 09-06-2011 03:35 PM
As I've said earlier in a different thread, the footer had said that the site is running on 1.2.2, but someone looked at a bit of script and assured me it was 1.2.3, so, despite what they said, it may very well be 1.2.2...

I'm completley reinstalling 1.2.3 right now, let's hope it works O_O

Abronsyth 10-18-2011 03:33 PM
Okay, the problem is back. I upgraded to 1.2.3, it even says it's 1.2.3, but recently it happened again, and now my users can no longer login. Again. Here's the php:
Code:
<?php

include("inc/functions.php");

//***************//
//  START SCRIPT //
//***************//

if($isloggedin == "yes"){

$article_title = $langislog;
$article_content = $langislogfull;

}
else{

//User is not logged in, so let's attempt to log them in...

$username = $_POST["username"];
$username = secure($username);
$password = $_POST["password"];
$password = secure($password);

//User is not logged in

$loginform = "<form name='form1' method='post' action='login.php'>
  <p>Username:
    <input name='username' type='text' id='username'>
</p>
  <p>Password:
    <input name='password' type='password' id='password'>
</p>
  <p>
    <input type='submit' name='Submit' value='Submit'>
  </p>
  <p>Don't have an account?<br>
  <a href='register.php'>Register Free</a>  </p>
  <a href='forgotpass.php'>Forgot your password?  Click Here</a>
</form>";



if($loggedinname == "" and $password == ""){
// User is viewing login form
$article_title = "Member Login:";

$article_content = $loginform;
}
else if(($username != "" and $password == "") or ($username == "" and $password != "") ){

//Something was left blank
$article_title = "Login Error:";
$article_content = "Something was left blank.  Please try logging in again.<br><br>{$loginform}";

}
else if($username != "" and $password != ""){
// Try to log the user in
$password = passencr($username, $password);

$result = runquery("SELECT * FROM {$prefix}users WHERE username = '$username'") ;
$user = mysql_fetch_array($result); 

if($username == $user['username'] and $password == $user['password']){
$article_title = "Login Successful!";
$article_content = "Welcome back {$username}.  You are now logged in.  <a href='account.php'>Click Here to view or edit your account.</a>";


// Set the cookie
$Month = 2592000 + time();
// Convert from username to uid to secure data, no need for password since it is already hashed.
$uid = usernametouid($username);
setcookie("auid",$uid,$Month);
setcookie("apass",$password,$Month);

}
else{
$article_title = "Login Failed!";
$article_content = "Sorry, we could not log you on with the details specified.  You can <a href='login.php'>try again</a> or <a href='forgotpass.php'>request a password reset.</a>";
$fail = 1;
}
}




}


//***************//
//  OUTPUT PAGE  //
//***************//

echo showpage($article_title, $article_content, $date);

?>

Hall of Famer 10-18-2011 03:47 PM
Run the userencrypt.php file, this should solve your problem.


All times are GMT -5. The time now is 07:41 AM.

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2025, vBulletin Solutions Inc.