Titan85
12-22-2007, 03:17 PM
I made a login script for my a cms and it worked perfectly while on my server, but when it was transfered to my clients server, it quit working. All the code is exactly the same as the code on mine, but on the clients server the login page will not execute the section of code that should process the login. The page simply reloads itself with the same content displayed.
Here is the page code:
<?php
session_start();
require('config.php');
if ( isset($_SESSION['username']) && isset($_SESSION['password']) && isset($_SESSION['ip']) ) {
$redirect = '<meta http-equiv="refresh" content="2;URL=index.php" />';
$message = 'You are already logged in as <i>'.$_SESSION['username'].'</i>, redirecting you to the home page...';
} else { $redirect = ''; $message = ''; }
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<?php echo $redirect ?>
<title><?php echo(''.$siteName.''); ?></title>
<link rel="stylesheet" href="main-style.css" type="text/css" />
</head>
<body>
<div id="frame">
<div id="border">
<div id="content">
<div id="banner"></div>
<div id="status">
<div id="icon"><img src="images/user.png" alt="" /></div>
<div id="user"><span class="user"><?php echo $_SESSION['username']; ?>:</span> <a href="logout.php">Logout</a></div>
<div id="date"><?php echo(''.date('l F j, Y').''); ?></div>
</div>
<!-- Left Area -->
<div id="left">
<div class="s_title">Login To View</div>
<div id="nav">
</div>
</div>
<!-- /Left Area -->
<div id="main">
<div class="spacer">
<?php
if ( isset($_SESSION['username']) && isset($_SESSION['password']) && isset($_SESSION['ip']) ) {
$redirect = '<meta http-equiv="refresh" content="2;URL=index.php" />';
echo('You are already logged in as <i>'.$_SESSION['username'].'</i>, redirecting you to the home page...');
} else {
// If form not sent
if (!isset($login_go)) {
?>
<div class="title">Please Login</div>
<form method="post" action="<?php echo $_SERVER['PHP_SELF'] ?>">
<table width="220" align="center">
<tr>
<td>Username:</td>
<td><input type="text" name="username" /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" name="login_go" value="Login" /></td>
</tr>
</table>
</form>
<?php
}
// If form was sent
if (isset($login_go)) {
$username = mysql_real_escape_string($_POST['username']);
$password = md5($_POST['password']);
echo("User: $username Pass: $password");
$check = mysql_query("SELECT username, password FROM `admins` WHERE username = '$username'")
or die ("Error Checking User Information! \n<br />\n" .mysql_error());
$u = mysql_fetch_array($check);
$chk = mysql_num_rows($check);
// If username bad
if ($chk < 1) { echo('<meta http-equiv="refresh" content="2;URL=login.php" /> <span style="color:#FF0000">Invalid username!</span>'); }
if ($password !== $u['password']) {
echo('<meta http-equiv="refresh" content="2;URL=login.php" /> <span style="color:#FF0000">Incorrect Password!</span>');
}
else if ($chk >= 1 && $password == $u['password']) {
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
echo('<meta http-equiv="refresh" content="2;URL=index.php" /> <div class="message">Welcome '.$_SESSION['username'].', you are now logged in and being redirected to the main page...</div>');
}
}
}
?>
</div>
</div>
<div id="footer">
<div id="copyright"><?php copyright($siteName); ?></div>
</div>
</div>
</div>
</div>
</body>
</html>
It seems that the page never executes this block of code:
if (isset($login_go)) {
$username = mysql_real_escape_string($_POST['username']);
$password = md5($_POST['password']);
echo("User: $username Pass: $password");
$check = mysql_query("SELECT username, password FROM `admins` WHERE username = '$username'")
or die ("Error Checking User Information! \n<br />\n" .mysql_error());
$u = mysql_fetch_array($check);
$chk = mysql_num_rows($check);
// If username bad
if ($chk < 1) { echo('<meta http-equiv="refresh" content="2;URL=login.php" /> <span style="color:#FF0000">Invalid username!</span>'); }
if ($password !== $u['password']) {
echo('<meta http-equiv="refresh" content="2;URL=login.php" /> <span style="color:#FF0000">Incorrect Password!</span>');
}
else if ($chk >= 1 && $password == $u['password']) {
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
echo('<meta http-equiv="refresh" content="2;URL=index.php" /> <div class="message">Welcome '.$_SESSION['username'].', you are now logged in and being redirected to the main page...</div>');
}
}
Is there any reason for this? Maybe the server doesn't like something in the code?
Thanks in advance
Here is the page code:
<?php
session_start();
require('config.php');
if ( isset($_SESSION['username']) && isset($_SESSION['password']) && isset($_SESSION['ip']) ) {
$redirect = '<meta http-equiv="refresh" content="2;URL=index.php" />';
$message = 'You are already logged in as <i>'.$_SESSION['username'].'</i>, redirecting you to the home page...';
} else { $redirect = ''; $message = ''; }
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<?php echo $redirect ?>
<title><?php echo(''.$siteName.''); ?></title>
<link rel="stylesheet" href="main-style.css" type="text/css" />
</head>
<body>
<div id="frame">
<div id="border">
<div id="content">
<div id="banner"></div>
<div id="status">
<div id="icon"><img src="images/user.png" alt="" /></div>
<div id="user"><span class="user"><?php echo $_SESSION['username']; ?>:</span> <a href="logout.php">Logout</a></div>
<div id="date"><?php echo(''.date('l F j, Y').''); ?></div>
</div>
<!-- Left Area -->
<div id="left">
<div class="s_title">Login To View</div>
<div id="nav">
</div>
</div>
<!-- /Left Area -->
<div id="main">
<div class="spacer">
<?php
if ( isset($_SESSION['username']) && isset($_SESSION['password']) && isset($_SESSION['ip']) ) {
$redirect = '<meta http-equiv="refresh" content="2;URL=index.php" />';
echo('You are already logged in as <i>'.$_SESSION['username'].'</i>, redirecting you to the home page...');
} else {
// If form not sent
if (!isset($login_go)) {
?>
<div class="title">Please Login</div>
<form method="post" action="<?php echo $_SERVER['PHP_SELF'] ?>">
<table width="220" align="center">
<tr>
<td>Username:</td>
<td><input type="text" name="username" /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td colspan="2" align="center"><input type="submit" name="login_go" value="Login" /></td>
</tr>
</table>
</form>
<?php
}
// If form was sent
if (isset($login_go)) {
$username = mysql_real_escape_string($_POST['username']);
$password = md5($_POST['password']);
echo("User: $username Pass: $password");
$check = mysql_query("SELECT username, password FROM `admins` WHERE username = '$username'")
or die ("Error Checking User Information! \n<br />\n" .mysql_error());
$u = mysql_fetch_array($check);
$chk = mysql_num_rows($check);
// If username bad
if ($chk < 1) { echo('<meta http-equiv="refresh" content="2;URL=login.php" /> <span style="color:#FF0000">Invalid username!</span>'); }
if ($password !== $u['password']) {
echo('<meta http-equiv="refresh" content="2;URL=login.php" /> <span style="color:#FF0000">Incorrect Password!</span>');
}
else if ($chk >= 1 && $password == $u['password']) {
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
echo('<meta http-equiv="refresh" content="2;URL=index.php" /> <div class="message">Welcome '.$_SESSION['username'].', you are now logged in and being redirected to the main page...</div>');
}
}
}
?>
</div>
</div>
<div id="footer">
<div id="copyright"><?php copyright($siteName); ?></div>
</div>
</div>
</div>
</div>
</body>
</html>
It seems that the page never executes this block of code:
if (isset($login_go)) {
$username = mysql_real_escape_string($_POST['username']);
$password = md5($_POST['password']);
echo("User: $username Pass: $password");
$check = mysql_query("SELECT username, password FROM `admins` WHERE username = '$username'")
or die ("Error Checking User Information! \n<br />\n" .mysql_error());
$u = mysql_fetch_array($check);
$chk = mysql_num_rows($check);
// If username bad
if ($chk < 1) { echo('<meta http-equiv="refresh" content="2;URL=login.php" /> <span style="color:#FF0000">Invalid username!</span>'); }
if ($password !== $u['password']) {
echo('<meta http-equiv="refresh" content="2;URL=login.php" /> <span style="color:#FF0000">Incorrect Password!</span>');
}
else if ($chk >= 1 && $password == $u['password']) {
$_SESSION['username'] = $username;
$_SESSION['password'] = $password;
$_SESSION['ip'] = $_SERVER['REMOTE_ADDR'];
echo('<meta http-equiv="refresh" content="2;URL=index.php" /> <div class="message">Welcome '.$_SESSION['username'].', you are now logged in and being redirected to the main page...</div>');
}
}
Is there any reason for this? Maybe the server doesn't like something in the code?
Thanks in advance