wolstech Posted May 26, 2016 Share Posted May 26, 2016 Some things to look at: ($err !== false ? '<div class="error">'.$err.'</div>' : null); This is likely why it's broken. You need to use an IF statement. The ? : format requires PHP 5.4, which is not available on Stevie (which has 5.3.8). You will need to go through your code and rewrite these as IF statements. The conditional should also be != not !==. I personally would use !empty($err) instead. if(empty($uname) || empty($pass) || empty($uname) && empty($pass)) $err .= $t['er_login']; No need for the "empty($uname) && empty($pass)" part in these IF statements. As soon as one of them is empty, it's true, and the other one doesn't matter. md5(input($_POST['pass'])); Use SHA1. You also should salt your passwords. 1 Quote Link to comment Share on other sites More sharing options...
Mhari Posted May 26, 2016 Author Share Posted May 26, 2016 Ok i will apply your advicesand thank you so much Quote Link to comment Share on other sites More sharing options...
Mhari Posted May 26, 2016 Author Share Posted May 26, 2016 Am I did mistakes in this line?$db->query("SELECT * FROM `users` WHERE (`nick` = '". $uname ."' OR `email` = '". $uname ."') AND `pass` = '". $pass ."'")->num_rowseven though the inputs was correct, error will displayed and said that the username doesn't existi have tried it with registered username..What was my mistakes? Quote Link to comment Share on other sites More sharing options...
wolstech Posted May 26, 2016 Share Posted May 26, 2016 That query won't find the user if the password is wrong. I generally do two queries, one to find the username, then one to check the password. That way I can tell if the user doesn't exist or if their password is just wrong. Other than that, the issue may be with the num_rows being on the end. What class is $db an instance of? In all the examples I've seen, the normal mysqli class doesn't let you put num_rows on the end like that. I usually see something like: $somevariable = $db->num_rows; though if($db->num_rows > 0) { /* Do Something */ } might be better for your use. Quote Link to comment Share on other sites More sharing options...
Mhari Posted May 27, 2016 Author Share Posted May 27, 2016 Do you mean I have to create a variable for query like$v = $db->query("SELECT * FROM `users` WHERE (`nick` = '". $uname ."' OR `email` = '". $uname ."') AND `pass` = '". $pass ."'");and then use it likeif($v->num_rows == 1) //somethingam i right? Quote Link to comment Share on other sites More sharing options...
Mhari Posted May 27, 2016 Author Share Posted May 27, 2016 Ok solved. Thank you so much Quote Link to comment Share on other sites More sharing options...
Mhari Posted May 27, 2016 Author Share Posted May 27, 2016 Hi,i am so confuse about logout system. Every time i try, and every time too it produce an failure.I have db connection file, classes file, and function file which i have included it in a file called config.php. And then i include config.php in logout file but i shows error like:Warning: Cannot modify header information - headers already sent by (output started at /home1/mhr2/public_html/system/db.php:13) in /home1/mhr2/public_html/logout.php on line 12the code is<?php require_once "config.php"; if(user::logged()) { setcookie('uid', '', (time()-3600), '/'); setcookie('pass', '', (time()-3600), '/'); $_SESSION['uid'] = false; $_SESSION['pass'] = false; session_destroy(); header('location: /'); } else { header('location: /'); } ?>and then i have tried to make a changes, but it shows error like:Warning: session_destroy() [ function.session-destroy]: Trying to destroy uninitialized session in /home1/mhr2/public_html/logout.php on line 6Warning: Cannot modify header information - headers already sent by (output started at /home1/mhr2/public_html/logout.php:6) in /home1/mhr2/public_html/logout.php on line 7and the code is:<?php setcookie('uid', '', (time()-3600), '/'); setcookie('pass', '', (time()-3600), '/'); $_SESSION['uid'] = false; $_SESSION['pass'] = false; session_destroy(); header('location: /'); ?>please help me. I dont know where the mistakes is Quote Link to comment Share on other sites More sharing options...
wolstech Posted May 27, 2016 Share Posted May 27, 2016 The headers already sent error is because setcookie() is just like the header() function. You can't use it once output has been sent. In your case, that output is being sent by whatever is on line 13 of db.php (the output is probably an error of some sort since DB classes don't usually produce screen output unless they're not working properly). The session_destroy() error is because you didn't start your session. You have to initialize it using session_start() before you can destroy it. Quote Link to comment Share on other sites More sharing options...
Mhari Posted May 28, 2016 Author Share Posted May 28, 2016 I think logout file need files like db.php and classes.php which will make me can check the condition in:if(user::logged()) { //destroy header('location: /'); } else { header('location: /'); }because user::logged() need classes.php file and classes.php file need db.php file. Is i am did mistakes in creating db.php file?Here is it:<?php // make a connection to database define('host', 'localhost'); define('user', 'dbuser'); define('pass', 'password'); define('db', 'dbname'); $db = new mysqli(host, user, pass, db); if($db->connect_error){ die('Failed to connect: '. $db->connect_errno .'-'. $db->connect_error); } ?>this is the code in line 10 - 13:if($db->connect_error){ die('Failed to connect: '. $db->connect_errno .'-'. $db->connect_error); } ?> am i did some output here? Quote Link to comment Share on other sites More sharing options...
Mhari Posted May 28, 2016 Author Share Posted May 28, 2016 Ok the problem solved now. By adding this line in db.php fileelse return null;i thought that if the db connection was connected perfectly, it won't outputting anything, so i not putting "else".And yeah, Thank you for guiding me Quote Link to comment Share on other sites More sharing options...
wolstech Posted May 28, 2016 Share Posted May 28, 2016 You're welcome 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.