Hi, There a problem with my login code. When you enter the correct username and password your supposed to be directed to a new page. It was working before but for some reasons which I cant debug, It doesnt now.
here is the code for index.php
here is the code for the login
can anyone review my code and direct me to the cause of the problem ... Thanks in advance![:)]()
here is the code for index.php
<?php session_start();
require_once 'functions\\cleaners.php';
require_once "functions\PRIMI_login.php";
define ( 'LOGOUT_LOC','logout.php' );
define ( 'MENU','users/index.php' );
if (isset($_POST['ace_username'])){
$_POST['ace_username'] = clean_username($_POST['ace_username']);
}
if (isset($_POST['ace_password'])){
$_POST['ace_password'] = clean_password($_POST['ace_password']);
}
if ( isset($_POST['ace_password']) && isset($_POST['ace_username']) ){
if (login ( $_POST['ace_username'], $_POST['ace_password'])){
header( 'Location: users/index.php' );
}
}
?>
<!DOCTYPE html>
<html>
<head>
<script type="text/javascript" src="javascripts/jquery_1_8_3.js"></script>
<script>
function validateForm( form ){
if ( form.ace_username.value == '' ||
form.ace_password.value == '' ){
document.getElementById("login_message").innerHTML = "Pakikumpleto!";
}
else {
document.getElementById("login_message").innerHTML = "";
document.login_f1.submit();
}
}
function pasuser( form ) {
validateForm( form );
}
</script>
<script type="text/javascript" language="javascript">
function convertEnterToTab() {
if(event.keyCode==13) {
pasuser( form );
event.keyCode = 9;
}
}
document.onkeydown = convertEnterToTab;
</script>
<link rel="stylesheet" type="text/css" href="styles/front_page.css">
<script type="text/javascript" src="javascripts/gui.js"></script>
<link rel="stylesheet" type="text/css" href="styles/modal.css">
</head>
<body>
<div>
<div class='header'>
<?php
if ( isset($_SESSION['person']['username']) ){
?>
<span class='con_login'>
<a href='<?php echo MENU; ?>' class='r_font'>Menu </a>
<img src='line.png' style='height:15px;'/>
<a class='activate_modal r_font' name='login_form' href="#" style='text-decoration: none'> Logout</a>
<div id='mask' class='close_modal'></div>
<div id='login_form' class='modal_window'>
<center>
<form method='post' action='<?php echo LOGOUT_LOC; ?>' >
<center>
<tr><td>Are you sure?</td></tr>
</center>
<tr>
<td><input style="float:right; margin-right:40px; margin-top:20px; height:24px; width:60px;" name="yes" type="submit" value="Yes"/></td>
</form>
<td><input style="float:right; margin-top:20px; margin-right:4px; height:24px; width:60px;" name="no" type="submit" value="No" class="close_modal"/></td>
</tr>
</center>
</div>
</span>
<span><?php echo $_SESSION['person']['username']?></span>
<?php
}else{
?>
<span class='con_login'>
<a class='activate_modal s_font' name='login_form' href='#' style='text-decoration: none' >Login</a>
<div id='mask' class='close_modal'></div>
<div id='login_form' class='modal_window'>
<img src='x.png' class='btn1_close close_modal'/>
<img src='ace.jpg' style='height:60px; margin-left:95px;'/>
<div><form action="<?php echo $_SERVER['PHP_SELF']; ?>" name='login_f1' method='post' >
<div><label for="ace_username" ><span id="login_username_label" >Username:</span></label><input class='add' name='ace_username' id='ace_username' type='text' placeholder='Type here'/></div>
<div><label for="ace_password" ><span id="login_password_label" >Password:</span></label><input class='add' name='ace_password' id="ace_password" type='password' placeholder='Type here'/></div>
<div>
<input size="20" name="submit_login" style='margin-left:80px; margin-top:20px; height:26px; width:60px;' type='button' onclick="pasuser( form )" value='Login'/>
<input size="20" style='margin-top:20px; height:26px; width:60px;' type='Reset'/>
</div>
</form></div>
<center><div id="login_message" style='margin-top:20px'></div></center>
</div>
</span><?php
}
?></div>
<div class='welcome_banner'><center><h1>Welcome Visitors</h1></center>
</div>
<div class='welcome_banner'><center><h1>Place active links for visitors here.</h1></center>
<?php
echo sha1('v');
//$salt = '$2a$';
//echo crypt('halo9665', $salt);
?>
</div>
</div>
</body>
</html>
here is the code for the login
<?php
define('PEOPLE_DB','people');
require_once 'DBconnect.php';
function initialize_user ( $user_id ){
session_unset();
$_SESSION['person']['id'] = $user_id;
// query to get user data
$link = primi_connect_mysql();
mysql_select_db( PEOPLE_DB , $link );
$input_query = ' SELECT users_account.USERNAME AS username , ';
$input_query.= ' users_account.ACCESS_RIGHT AS access , ';
$input_query.= ' users_summary.FIRSTNAME AS first_name , ';
$input_query.= ' users_summary.LASTNAME AS last_name , ';
$input_query.= ' users_summary.MIDDLENAME AS middle_name ';
$input_query.= ' FROM users_account , users_summary , access_right ';
$input_query.= ' WHERE users_summary.ID = users_account.USERS_SUMMARY AND ';
$input_query.= ' users_account.ACCESS_RIGHT = access_right.id AND ';
$input_query.= ' users_account.ID = "'.$user_id.'" AND ';
$input_query.= ' users_account.SUSPENDED = "0" ; ';
$query = mysql_query ( $input_query, $link);
// if error in query return error message
if ( $query == null ){
return 'Error: Can\'t execute query.';
}
$num_row = mysql_num_rows ( $query );
if ($num_row < 1){
return 'Error: User was not found, no longer exist, suspended or the access right was revoked.';
}
else if ($num_row > 1) {
return 'Error: Invalid user. Please contact your system administrator.';
}
// load into sessions;
$row = mysql_fetch_array( $query );
$_SESSION['person'] = $row;
// query access rights
$input_query = ' SELECT * FROM access_right WHERE ID = "'.$_SESSION['person']['access'].'" ; ';
$query = mysql_query ( $input_query , $link );
$row = mysql_fetch_assoc( $query );
$_SESSION['access'] = $row;
}
function login( $user, $password ){
$link = primi_connect_mysql();
mysql_select_db( PEOPLE_DB );
echo $password;
$password = sha1($password);
echo $password;
$query = mysql_query(" SELECT ID
FROM users_account
WHERE USERNAME = '$user'
AND PASSWORD = '$password'; ") or die( mysql_error() );
$total = mysql_num_rows( $query );
if ($total == 1){
$user_id = mysql_fetch_row ( $query );
echo initialize_user ($user_id[0]);
return True;
}
else {
return False;
}
}
?>
can anyone review my code and direct me to the cause of the problem ... Thanks in advance
