PHP admin log on thingy?

Butters · 23 Oct 2007 at 20:07

Cool, thought i'd changed that but I hadnt saved before uploading.

Excuse me for being dumb but which of the 'username' and 'passwords' do I need to change?

marc2003 · 23 Oct 2007 at 20:09

Butters · 23 Oct 2007 at 20:14

marc2003 said:
eh?

Code:

<?php
session_start();

mysql_connect('localhost', 'mark1e', '*******');
mysql_select_db('mark1e);

function clean($value) {
	if(get_magic_quotes_gpc()) $value = stripslashes($value);
	return trim(mysql_real_escape_string($value));
}

if($_POST['login'] && $_POST['do i change this?'] && $_POST['do i change this]) {
        $username = clean($_POST['do i change this']);
        $password = md5($_POST['do i change this']);
        $result = mysql_query("SELECT username FROM admin WHERE username = '$username' AND password = '$password'");
        if(mysql_num_rows($result) == 1) {
                $_SESSION['do i change this'] = $username;
		header("Location: admin.php");
                exit;
        } else {
                $error = '<p>sorry, wrong username/password.</p>';
        }
}
?>

See above where I've written (do I change this). pls dont hate me!

marc2003 · 23 Oct 2007 at 20:20

no don't change those. they have to match the names they are given in the form

<input type="text" name="username"> corresponds with $_POST['username']
etc

i already told you the only thing you have to change is the table/column names in the sql query if it doesn't match your setup.

Butters · 23 Oct 2007 at 20:37

marc2003 said:
no don't change those. they have to match the names they are given in the form

<input type="text" name="username"> corresponds with $_POST['username']
etc

i already told you the only thing you have to change is the table/column names in the sql query if it doesn't match your setup.

Cool,

one more and I think I'm done

What reference does the if($_POST['login'] have?

marc2003 · 23 Oct 2007 at 20:41

Butters said:
Cool,

one more and I think I'm done

What reference does the if($_POST['login'] have?

short memory? what did i just say about $_POST variables corresponding to an input name on the form?

Butters · 23 Oct 2007 at 20:58

marc2003 said:
short memory? what did i just say about $_POST variables corresponding to an input name on the form?

The button?

Butters · 23 Oct 2007 at 21:55

Marc, how can I make it so that the password I enter in the HTML form appears as an Asterix (*)?

Thanks

marc2003 · 24 Oct 2007 at 03:46

Butters said:
The button?

have a gold star.

Butters said:
Marc, how can I make it so that the password I enter in the HTML form appears as an Asterix (*)?

Thanks

it already does.

Butters · 24 Oct 2007 at 09:56

marc2003 said:
have a gold star.

it already does.

Umm, it doesnt. I can clearly see what I'm typing as I type it

marc2003 · 24 Oct 2007 at 10:07

Butters said:
Umm, it doesnt. I can clearly see what I'm typing as I type it

look at the input type.

<input type="text" name="username">
<input type="password" name="password">

check all my posts above and going back to the other thread i linked to, the input type is set correctly.

if you're hosting the page online, let me see it.

Butters · 24 Oct 2007 at 10:15

Sorted, found the problem.

Thanks Marc, you're a legend.