Jump to content

Recommended Posts

Posted

Some things to look at:

($err !== false ? '<div class="error">'.$err.'</div>' : null);

This is likely why it's broken. You need to use an IF statement. The ? : format requires PHP 5.4, which is not available on Stevie (which has 5.3.8). You will need to go through your code and rewrite these as IF statements. The conditional should also be != not !==. I personally would use !empty($err) instead.

 

if(empty($uname) || empty($pass) || empty($uname) && empty($pass)) $err .= $t['er_login'];

No need for the "empty($uname) && empty($pass)" part in these IF statements. As soon as one of them is empty, it's true, and the other one doesn't matter.

 

md5(input($_POST['pass']));

Use SHA1. You also should salt your passwords.

  • Like 1
Posted

Am I did mistakes in this line?

$db->query("SELECT * FROM `users` WHERE (`nick` = '". $uname ."' OR `email` = '". $uname ."') AND `pass` = '". $pass ."'")->num_rows

even though the inputs was correct, error will displayed and said that the username doesn't exist

i have tried it with registered username..

What was my mistakes? :(

Posted

That query won't find the user if the password is wrong. I generally do two queries, one to find the username, then one to check the password. That way I can tell if the user doesn't exist or if their password is just wrong.

 

Other than that, the issue may be with the num_rows being on the end.

 

What class is $db an instance of? In all the examples I've seen, the normal mysqli class doesn't let you put num_rows on the end like that. I usually see something like: $somevariable = $db->num_rows; though if($db->num_rows > 0) { /* Do Something */ } might be better for your use.

Posted

Do you mean I have to create a variable for query like

$v = $db->query("SELECT * FROM `users` WHERE (`nick` = '". $uname ."' OR `email` = '". $uname ."') AND `pass` = '". $pass ."'");

and then use it like

if($v->num_rows == 1) //something

am i right? :)

Posted

Hi,

i am so confuse about logout system. Every time i try, and every time too it produce an failure.

I have db connection file, classes file, and function file which i have included it in a file called config.php. And then i include config.php in logout file but i shows error like:

Warning: Cannot modify header information - headers already sent by (output started at /home1/mhr2/public_html/system/db.php:13) in /home1/mhr2/public_html/logout.php on line

12

the code is

<?php
require_once "config.php"; 
if(user::logged())
{
setcookie('uid', '', (time()-3600), '/');
setcookie('pass', '', (time()-3600), '/');
$_SESSION['uid'] = false;
$_SESSION['pass'] = false;
session_destroy();
header('location: /');
} else { header('location: /'); }
?>

and then i have tried to make a changes, but it shows error like:

Warning: session_destroy() [ function.session-destroy]: Trying to destroy uninitialized session in /home1/mhr2/public_html/logout.php on line 6

Warning: Cannot modify header information - headers already sent by (output started at /home1/mhr2/public_html/logout.php:6) in /home1/mhr2/public_html/logout.php on line 7

and the code is:

<?php
setcookie('uid', '', (time()-3600), '/');
setcookie('pass', '', (time()-3600), '/');
$_SESSION['uid'] = false;
$_SESSION['pass'] = false;
session_destroy();
header('location: /');
?>

please help me. I dont know where the mistakes is :(

Posted

The headers already sent error is because setcookie() is just like the header() function. You can't use it once output has been sent. In your case, that output is being sent by whatever is on line 13 of db.php (the output is probably an error of some sort since DB classes don't usually produce screen output unless they're not working properly).

 

The session_destroy() error is because you didn't start your session. You have to initialize it using session_start() before you can destroy it.

Posted

I think logout file need files like db.php and classes.php which will make me can check the condition in:

if(user::logged())
{ //destroy
header('location: /');
} else { header('location: /'); }

because user::logged() need classes.php file and classes.php file need db.php file. Is i am did mistakes in creating db.php file?

Here is it:

<?php
// make a connection to database

define('host', 'localhost');
define('user', 'dbuser');
define('pass', 'password');
define('db', 'dbname');

$db = new mysqli(host, user, pass, db);
if($db->connect_error){
die('Failed to connect: '. $db->connect_errno .'-'. $db->connect_error);
}
?>

this is the code in line 10 - 13:

if($db->connect_error){
die('Failed to connect: '. $db->connect_errno .'-'. $db->connect_error);
}
?>

am i did some output here?

Posted

Ok the problem solved now. By adding this line in db.php file

else return null;

i thought that if the db connection was connected perfectly, it won't outputting anything, so i not putting "else".

And yeah, Thank you for guiding me :)

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...