Hello there, I am just trying to create a script and users need to log-in with the details in "login.php" and the info will be forwarded to "./lib/authorize.php" using the "POST" method and here's the code snippet for the "authorize.php" file: PHP: <?phpif(!isset($_GET['do'])){ die();}else{ switch ($_GET['do']){ case logout: setcookie('ooht-session-start', '', time()-3600, "/", $_SERVER['HTTP_HOST']); setcookie('ooht-session-ip', '', time()-3600, "/", $_SERVER['HTTP_HOST']); setcookie('ooht-authorize-id', '', time()-3600, "/", $_SERVER['HTTP_HOST']); header('Location: ../login.php'); break; case login: $user_login_request = $_POST['name']; $pass_login_request = $_POST['authorize_code']; include('config.php'); $DB_connect_zero = mysql_connect($xenCODE_OOHT_DB_server, $xenCODE_OOHT_DB_user, $xenCODE_OOHT_DB_pass); $DB_connect = mysql_select_db($xenCODE_OOHT_DB_name, $DB_connect_zero); $DB_query = mysql_query("SELECT * FROM ooht_users WHERE users_name = `$user_login_request`"); $DB_field = mysql_fetch_array($DB_query); if($user_login_request != $DB_field['users_name']){ echo "There's no such username!"; }else{ if($DB_field['users_password'] != sha1(sha1($pass_login_request).$DB_field['users_salt'])){ echo "Username and password doesn't match!"; }else{ if($_POST['remember'] == "on"){ $cookie_life = 60*60*24*30; }else{ $cookie_life = 60*60*1; } $session_start_time = time(); setcookie('ooht-name', $user_login_request, time()+60*60*24*30, "/", $_SERVER['HTTP_HOST']); setcookie('ooht-session-start', $session_start_time, time()+$cookie_life, "/", $_SERVER['HTTP_HOST']); setcookie('ooht-session-ip', sha1($_SERVER["REMOTE_ADDR"]), time()+$cookie_life, "/", $_SERVER['HTTP_HOST']); setcookie('ooht-authorize-id', md5(sha1($user_login_request).$session_start_time.sha1($_SERVER['REMOTE_ADDR'])), time()+$cookie_life, "/", $_SERVER['HTTP_HOST']); header('Location: ../index.php'); } } break; }} ?> I tried debugging the code but no result, only a blank page :|
Shouldn't you use $_POST['do'] instead of $_GET['do'] as you said you pass variables through post method ? Can you post the code of login.php so that we can verify it further?
I once changed it to POST, didn't work so moved back to GET Here's the code of my "login.php" Code: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Please Authorize yourself to access this section</title> <link rel="shortcut icon" type="image/x-icon" href="./favicon.ico"> <link href="css/main.css" rel="stylesheet" type="text/css" /> <link href="http://fonts.googleapis.com/css?family=Cuprum" rel="stylesheet" type="text/css" /> <script src="js/jquery-1.4.4.js" type="text/javascript"></script> <script type="text/javascript" src="js/spinner/jquery.mousewheel.js"></script> <script type="text/javascript" src="js/spinner/ui.spinner.js"></script> <script type="text/javascript" src="http://ajax.googleapis.com/ajax/libs/jqueryui/1.8/jquery-ui.min.js"></script> <script type="text/javascript" src="js/fileManager/elfinder.min.js"></script> <script type="text/javascript" src="js/wysiwyg/jquery.wysiwyg.js"></script> <script type="text/javascript" src="js/wysiwyg/wysiwyg.image.js"></script> <script type="text/javascript" src="js/wysiwyg/wysiwyg.link.js"></script> <script type="text/javascript" src="js/wysiwyg/wysiwyg.table.js"></script> <script type="text/javascript" src="js/flot/jquery.flot.js"></script> <script type="text/javascript" src="js/flot/jquery.flot.pie.js"></script> <script type="text/javascript" src="js/flot/excanvas.min.js"></script> <script type="text/javascript" src="js/dataTables/jquery.dataTables.js"></script> <script type="text/javascript" src="js/dataTables/colResizable.min.js"></script> <script type="text/javascript" src="js/forms/forms.js"></script> <script type="text/javascript" src="js/forms/autogrowtextarea.js"></script> <script type="text/javascript" src="js/forms/autotab.js"></script> <script type="text/javascript" src="js/forms/jquery.validationEngine-en.js"></script> <script type="text/javascript" src="js/forms/jquery.validationEngine.js"></script> <script type="text/javascript" src="js/colorPicker/colorpicker.js"></script> <script type="text/javascript" src="js/uploader/plupload.js"></script> <script type="text/javascript" src="js/uploader/plupload.html5.js"></script> <script type="text/javascript" src="js/uploader/plupload.html4.js"></script> <script type="text/javascript" src="js/uploader/jquery.plupload.queue.js"></script> <script type="text/javascript" src="js/ui/progress.js"></script> <script type="text/javascript" src="js/ui/jquery.jgrowl.js"></script> <script type="text/javascript" src="js/ui/jquery.tipsy.js"></script> <script type="text/javascript" src="js/ui/jquery.alerts.js"></script> <script type="text/javascript" src="js/jBreadCrumb.1.1.js"></script> <script type="text/javascript" src="js/cal.min.js"></script> <script type="text/javascript" src="js/jquery.collapsible.min.js"></script> <script type="text/javascript" src="js/jquery.ToTop.js"></script> <script type="text/javascript" src="js/jquery.listnav.js"></script> <script type="text/javascript" src="js/jquery.sourcerer.js"></script> <script type="text/javascript" src="js/custom.js"></script> </head> <body> <!-- Top navigation bar --> <div id="topNav"> <div class="fixed"> <div class="wrapper"> <div class="backTo"><a href="http://www.thewebmonsters.net/" title=""><img src="images/icons/topnav/mainWebsite.png" alt="" /><span>Main website</span></a></div> <div class="userNav"> </div> <div class="fix"></div> </div> </div> </div> <!-- Login form area --> <div class="loginWrapper"> <div class="loginLogo"><img src="images/Logo.png" alt="Our Own Hosting Tool!, by Mr. Goodie2Shoes & Styx" style="max-width:320px;" /></div> <div class="loginPanel"> <div class="head"><h5 class="iUser">Authorize Yourself First!</h5></div> <form action="./lib/authorize.php" id="valid" class="mainForm" method="post"> <fieldset> <div class="loginRow noborder"> <label for="req1">Username:</label> <div class="loginInput"><input type="text" name="name" class="validate[required]" id="req1" value="<?php if(!isset($_COOKIE['ooht-name'])){echo "";}else{ echo $_COOKIE['ooht-name'];} ?>" /></div> <div class="fix"></div> </div> <div class="loginRow"> <label for="req2">Password:</label> <div class="loginInput"><input type="password" name="authorize_code" class="validate[required]" id="req2" /></div> <div class="fix"></div> </div> <div class="loginRow"> <div class="rememberMe"><input type="checkbox" id="check2" name="remember" /><label>Remember me</label></div> <input type="submit" value="Log me in" class="greyishBtn submitForm" /> <div class="fix"></div> </div> </fieldset> </form> </div> </div> <!-- Footer --> <div id="footer"> <div class="wrapper"> <span>Copyright, © <?php echo date('Y'); ?>. All rights reserved. <strong><a href="http://www.thewebmonsters.net/threads/migration-and-automated-p2h-system.173/" target="_blank" title="Our Own Hosting Tool">Our Own Hosting Tool</a></strong> by <a href="http://www.thewebmonsters.net/members/mr-goodie2shoes.1/" target="_blank" title="Mr. Goodie2Shoes from The WebMonsters' Network"><strong>Mr. Goodie2Shoes</strong></a> & <a href="http://www.thewebmonsters.net/members/styx.2/" target="_blank" title="Styx from The WebMonsters' Network"><strong>Styx</strong></a>. <span style="position:relative; display:block; float:right; margin-top:-10px;">IP logged: <strong><?php echo $_SERVER['REMOTE_ADDR'] ?></strong></span></span> </div> </div> </body> </html> FYI, there's no problem in this file... I tested it on a different file which had the username and password with itself and it worked... I think there's a flaw in my MySQL coding...
Your form doesn't send any GET value named "do", so since it isn't set, its not working. Try checking $_POST['name'] instead of $_GET['do']. Also make sure you set values for $xenCODE_OOHT_DB_server and other database info variables. Nevermind, i think its set by default in Xenforo probably.
oops... like I mentioned earlier, I re-made the coding... okay, just amended it, no luck and btw, its not related to xenForo its a standalone script...
Just though its related to Xenforo as it had XenCODE. Also, i can't see where you set values to database variables. So, when you use mysql_connect() where will it gets values for the variables inside it?
Nah. What i asked is, you used variables like $xenCODE_OOHT_DB_server but you never assigned any values to them.
