Guten Tag, ich tüdle gerade an einen Login script rum. Das Registrieren funktioniert supper aber beim einloggen zeigt er mit immer den invalid fehlen das der username und Passwort Kombination nicht passt.
Das ist das Login script:
Das ist die class.php dabei wo die eingaben verarbeitet und geprüft werden
dann gibt es noch ne db.php die verbindet sich nur zur MySQL Datenbank.
Ich hoffe ihr könnt mir helfen das wir den Fehler finden.
Danke.
Das ist das Login script:
PHP:
<?php
require_once('load.php');
if ( $_GET['action'] == 'logout' ) {
$loggedout = $j->logout();
}
$logged = $j->login('index.php');
?>
<html>
<head>
<title>Login Form</title>
<style type="text/css">
body { background: #c7c7c7;}
</style>
</head>
<body>
<div style="width: 960px; background: #fff; border: 1px solid #e4e4e4; padding: 20px; margin: 10px auto;">
<?php if ( $logged == 'invalid' ) : ?>
<p style="background: #e49a9a; border: 1px solid #c05555; padding: 7px 10px;">
The username password combination you entered is incorrect. Please try again.
</p>
<?php endif; ?>
<?php if ( $_GET['reg'] == 'true' ) : ?>
<p style="background: #fef1b5; border: 1px solid #eedc82; padding: 7px 10px;">
Your registration was successful, please login below.
</p>
<?php endif; ?>
<?php if ( $_GET['action'] == 'logout' ) : ?>
<?php if ( $loggedout == true ) : ?>
<p style="background: #fef1b5; border: 1px solid #eedc82; padding: 7px 10px;">
You have been successfully logged out.
</p>
<?php else: ?>
<p style="background: #e49a9a; border: 1px solid #c05555; padding: 7px 10px;">
There was a problem logging you out.
</p>
<?php endif; ?>
<?php endif; ?>
<?php if ( $_GET['msg'] == 'login' ) : ?>
<p style="background: #e49a9a; border: 1px solid #c05555; padding: 7px 10px;">
You must log in to view this content. Please log in below.
</p>
<?php endif; ?>
<h3>Login</h3>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
<table>
<tr>
<td>Username:</td>
<td><input type="text" name="username" /></td>
</tr>
<tr>
<td>Password:</td>
<td><input type="password" name="password" /></td>
</tr>
<tr>
<td></td>
<td><input type="submit" value="Register" /></td>
</tr>
</table>
</form>
<p>Not a member? <a href="register.php">Register here</a></p>
</div>
</body>
</html>
Das ist die class.php dabei wo die eingaben verarbeitet und geprüft werden
PHP:
function login($redirect) {
global $jdb;
if ( !empty ( $_POST ) ) {
//Clean our form data
$values = $jdb->clean($_POST);
//The username and password submitted by the user
$subname = $values['username'];
$subpass = $values['password'];
//The name of the table we want to select data from
$table = 's_users';
/*
* Run our query to get all data from the users table where the user
* login matches the submitted login.
*/
$sql = "SELECT * FROM $table WHERE user_login = '" . $subname . "'";
$results = $jdb->select($sql);
//Kill the script if the submitted username doesn't exit
if (!$results) {
die('Sorry, that username does not exist!');
}
//Fetch our results into an associative array
$results = mysql_fetch_assoc( $results );
//The registration date of the stored matching user
$storeg = $results['created_at'];
//The hashed password of the stored matching user
$stopass = $results['user_pass'];
//Recreate our NONCE used at registration
$nonce = md5('registration-' . $subname . $storeg . NONCE_SALT);
//Rehash the submitted password to see if it matches the stored hash
$subpass = $jdb->hash_password($subpass, $nonce);
//Check to see if the submitted password matches the stored password
if ( $subpass == $stopass ) {
//If there's a match, we rehash password to store in a cookie
$authnonce = md5('cookie-' . $subname . AUTH_SALT);
$authID = $jdb->hash_password($subpass, $authnonce);
//Set our authorization cookie
setcookie('joombologauth[user]', $subname, 0, '', '', '', true);
setcookie('joombologauth[authID]', $authID, 0, '', '', '', true);
//Build our redirect
$url = "http" . ((!empty($_SERVER['HTTPS'])) ? "s" : "") . "://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI'];
$redirect = str_replace('login.php', $redirect, $url);
//Redirect to the home page
header("Location: $redirect");
exit;
} else {
return 'invalid';
}
} else {
return 'empty';
}
}
dann gibt es noch ne db.php die verbindet sich nur zur MySQL Datenbank.
Ich hoffe ihr könnt mir helfen das wir den Fehler finden.
Danke.