Jump to content
Larry Ullman's Book Forums

Recommended Posts

Here is the problem I have been having. I have tried numerous things to resolve it. Nothing seems to work. 

 

I have my login script from this book and I put it on a live domain to test it. And I can login fine with Internet explorer and Safari. But with Chrome and Firefox. It always fails to log me in on the first attempt, it takes 2 or sometimes 3 attempts. I am thinking of using the code from this book to build a website but I am completely clueless as to why it is doing this. I have triple-checked my code and it is like in the book. Could it be my SQL table that has a problem.

 

I tested the query in phpmyadmin in the SQL form, and it always returns the user_id. 

 

When I try to login the page kind of jumps and it redirects me to index.php without logging me in. 

I have been at this for 3 days, any help would be HIGHLY appreciated. 

Link to comment
Share on other sites

The browser you use has no connection to back-end code, which is browser-agnostic.

I seem to recall you bringing up this issue in another thread the other day, and you never really did answer the questions that me and Larry had.

 

Did you trying running the queries directly on the DB?

Did you turn error reporting on?

What steps have you taken to pinpoint the problem?

Link to comment
Share on other sites

Yes I ran the queries directly in phpmyadmin, in the SQL query box I typed out the query several times in a row and each time it returns the userid like it should. Yes I turned error reporting on. I also put echo statements on my index page to see if the $_session variable was set, it doesn't get set the first time around, it takes on the second or third attempt. I have tried numerous things like flushing my dns, and clearing my cache and cookies. Those are the steps I have taken, I don't know what else to do. I have sincerely been trying VERY hard to make this code work, I did my best to do what you and Larry suggested, but I am a beginner. 

Link to comment
Share on other sites

Here is the relevant part of my code like you asked. 

 

if ($e && $p){
$q = "SELECT UserID, Fname FROM users WHERE (Email='$e' AND Pass=SHA1('$p')) AND Active IS NULL";
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
if (@mysqli_num_rows($r) == 1){
$_SESSION = mysqli_fetch_array($r, MYSQLI_ASSOC);
mysqli_free_result($r);
mysqli_close($dbc);
$url = BASE_URL . 'index.php';
ob_end_clean();
header("Location: $url");
exit();
Link to comment
Share on other sites

Hi

Well you said to post the relevant part of my code, so that is why I only gave you the snippet of code. Here is my whole login.php page. The session_start() is in the header.html included file.

 

<?php
include ('includes/header.html');
include ('includes/config.inc.php');
$page_title = 'Login';
if ($_SERVER['REQUEST_METHOD'] == 'POST'){
require (MYSQL);
$trimmed = array_map('trim', $_POST);
if (!empty($trimmed['Email']) && filter_var($trimmed['Email'], FILTER_VALIDATE_EMAIL, FILTER_SANITIZE_EMAIL)){
$e = mysqli_real_escape_string($dbc, $_POST['Email']);
} else {
$e = FALSE;
echo '<p class="error">You forgot to enter your email address, or the email you entered is invalid.</p>';
}
if (!empty($trimmed['Pass']) && (preg_match ('/^\w{4,20}$/', $trimmed['Pass']))){
$p = mysqli_real_escape_string($dbc, $_POST['Pass']);
} else {
$p = FALSE;
echo '<p class="error">You forgot to enter your password, or the password you entered is invalid.</p>';
}
if ($e && $p){
$q = "SELECT UserID, Fname FROM users WHERE (Email='$e' AND Pass=SHA1('$p')) AND Active IS NULL";
$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
if (@mysqli_num_rows($r) == 1){
$_SESSION = mysqli_fetch_array($r, MYSQLI_ASSOC);
mysqli_free_result($r);
mysqli_close($dbc);
$url = BASE_URL . 'index.php';
ob_end_clean();
header("Location: $url");
exit();
} else {
echo '<p class="error">Either the email address and password entered do not match those on file or you have not yet activated your account.</p>';
}
} else {
echo '<p class="error">Please try again.</p>';
}
mysqli_close($dbc);
} //end of submit conditional
 
 
?>
<div class="text">
<h1>Login</h1>
<p>Your browser must allow cookies in order to log in.</p>
<form action="login.php" method="post">
<fieldset>
<p><b>Email: <input type="text" name="Email" size="20" maxlength="60" value="<?php if(isset($trimmed['Email']))echo $trimmed['Email']; ?>"/></b></p>
<p><b>Password: <input type="password" name="Pass" size="20" maxlength="20" value="<?php if(isset($trimmed['Email']))echo $trimmed['Email']; ?>"/></b></p>
<input type="submit" name="submit" value="Login!" />
</fieldset>
</form>
</div>
<? include ('includes/footer.html'); ?>
Link to comment
Share on other sites

Copy and paste the following three lines of code into various spots in your script to see what the $_SESSION superglobal is set to at those points:

echo '<pre>';
print_r($_SESSION);
echo '</pre>';

From there, you can hopefully debug everything.

Link to comment
Share on other sites

Ok I did that, the result is that I try to login and it fails the first time and it prints this out on my index.php page

Array

(
)

I placed the code you gave me twice on my login.php page and once on my index.php page.

 

After trying to login 2 or 3 times it succeeds and then it prints this out.

Array
(
[userID] => 268
[Fname] => Graham
)

Link to comment
Share on other sites

I am including my header.html file, maybe the problem is in there. 

 

<?php
ob_start();
session_start();
?>
<!doctype html>
<html>
<head>
<meta charset="utf-8">
<script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script>
<link rel="stylesheet" type="text/css" href="css/styles.css" />
<title><?php if (isset($page_title)) echo $page_title; ?></title>
<meta name="description" content="<?php if (isset($description)){ echo $description; }?>">
<meta name="keywords" content="<?php if (isset($keywords)){echo $keywords; }?>">
<script type="text/javascript">
 
$(document).ready(function(){
 
$("#menu li").hover(function(){
$(this).children(":hidden").slideDown();
 
},function(){
$(this).parent().find("ul").slideUp();
 
});
 
});
 
</script>
</head>
 
<body>
<div id="container">
<div id="logo">
<img src="images/invisible.jpg" border="0" alt="Invisible">
</div>
<div id="menu">
<ul>
<li><a href="#">About</a>
<ul>
<li class="sub"><a href="how_it_works.php">How It Works</a></li>
<li class="sub"><a href="link_placement.php">Link Placement</a></li>
<li class="sub"><a href="verifying_your_links.php">Verifying Links</a></li>
<li class="sub"><a href="link_partners.php">Link Partners</a></li>
<li class="sub"><a href="terms.php">Terms and Conditions</a></li>
</ul>
</li>
 
<li><a href="#">Account Management</a>
<ul>
 
<?php
if (isset($_SESSION['UserID'])){
                        echo '<li class="sub"><a href="logout.php">Logout</a></li>';
                        echo '<li class="sub"><a href="add_url.php?id=' . $_SESSION['UserID'] . '">Add Your Url</a></li>';
                        echo '<li class="sub"><a href="directory.php">Directory of Sites</a></li>';
                        echo '<li class="sub"><a href="view_sites.php?id=' . $_SESSION['UserID'] . '">View/Edit Urls</a></li>';
                        echo '<li class="sub"><a href="edit_account.php?id=' . $_SESSION['UserID'] . '">Edit Account</a></li>';
                        echo '<li class="sub"><a href="change_password.php">Change Password</a></li>';
                    } else {
                        echo '<li class="sub"><a href="login.php">Login</a></li>';
                        echo '<li class="sub"><a href="register.php">Register</a></li>';
                    } 
                    ?>
<li class="sub"><a href="forgot_password.php">Forgot Password</a></li>
</ul>
</li>
<li><a href="register.php">Register</a></li>
<li><a href="contact.php">Contact Us</a></li>
 
 
</ul>
<div align="center" id="sidebar">
<?php include('includes/ads.php'); ?>
</div>
</div>
Link to comment
Share on other sites

When there is a failed login attempt it redirects the user to index.php. The page kind of jumps when the redirect happens, it looks peculiar, not a normal redirect. When there is a successful login the user is also redirected to index.php, but this time without the page kind of jumping. 

Link to comment
Share on other sites

Well, I can tell you for sure that the first time someone logs in, the $_SESSION variable is not being properly set. That's the only explanation.

 

I would guess that the issue is in login.php, but I can't say for sure. I'd maybe temporarily remove the redirect from the login.php script, post to it, and then use the three lines of code I recommended above to check the status of the $_SESSION variable throughout the script.

 

Hopefully, you can get it from there.

Link to comment
Share on other sites

Hi, Yes the url changes after the login attempt. If I type thisistheurl.com in the browser and login the page jumps and redirects to www.thisistheurl.com with a successful login. I tried modifying the BASEURL to http://thisistheurl.com. And now if I type thisistheurl.com in the browser and login, it always works on the first attempt. But if I type www.thisistheurl.com it doesn't work. How can I fix this so it works either way. 

Link to comment
Share on other sites

That's your problem then. The cookie isn't being maintained from thisistheurl.com to www.thisistheurl.com or vice versa. Now you need to figure out what your server or code is doing that it keeps changing the URL.

Link to comment
Share on other sites

To solve the problem I had to add some code to my .htaccess file. The base url I am using to redirect users to my index.php page when they login is http://www.thisistheurl.com . When users type variations of this to get to my site before logging in, my login script doesn't work correctly on Chrome and Firefox. The code I had to add forces the url to change to www.thisistheurl.com even if someone gets to the website by typing in http://thisistheurl.com or thisistheurl.com. The code I had to add was

#Force www:

RewriteEngine on
RewriteCond %{HTTP_HOST} ^exampleurl.com [NC]
RewriteRule ^(.*)$ http://www.exampleurl.com/$1 [L,R=301,NC]
 
Without this code my login script doesn't work correctly. My login.php script is pretty much copied out of this book. I am hoping that this post is helpful to others who build a live site with the code that is provided in the book. Thanks to the Admin Administrators who helped me solve this, without your help I don't think I would of been able. thank you
Link to comment
Share on other sites

 Share

×
×
  • Create New...