• Welcome to Valhalla Legends Archive.
 

PHP Error?

Started by AC_Drkan, June 30, 2005, 12:27 AM

Previous topic - Next topic

AC_Drkan

It will not pass the username or password from the login.

<?phpdefine("Clan_Scripts", TRUE);require("dbconnection.php");require("functions.php");$username = $usercook;$password = $passcook;setcookie("usercook", "$username");setcookie("passcook", "$password");$ip = $HTTP_REMOTEADDR;$view = stripslashes($view);$view = strip_tags($view);echo("<body bgcolor=BLACK>	<form action=index.php method=post>		<input type=text name=username><br>		<input type=password name=password><br>		<input type=submit value='SUBMIT'><br>");	echo("<!-- $username \/\/ $password -->");if (isset($username) && isset($password)) {	echo("<a href=index.php?view=console>CLICK HERE</a>");}switch($view) {	case "profile":		$id = stripslashes($id);		$id = strip_tags($id);		dispProfile($id);		break;	case "members":		dispMembers();		break;	// BEGIN ENLISTED CONSOLE	case "console":		if (DisplayAuthUser($username, $password, 0) == 1) {			$username = stripslashes($username);			$username = strip_tags($username);			$result = @mysql_query("SELECT id, username FROM members WHERE username = '$username'");			extract($result);			dispProfile($id);			echo("<BR><BR>");			dispConsole($username);		}		break;	case "logs":		if (SilentAuthUser($username, $password, 0) == 1) {			if (isset($page)) {				dispLogs($username, $page);			} else {				displogs($username, 0);			}		}		break;	case "inbox":		if (SilentAuthUser($username, $password, 0) == 1) {			dispInbox($username);		}		break;	case "sendpm":		if (SilentAuthUser($username, $password, 0) == 1) {			if (isset($username) && isset($receiver) && isset($message)) {				sendPM($username, $receiver, $message, $ip);			} else {				sendPMForm();			}		}		break;	case "logout":		if (SilentAuthUser($username, $password, 0) == 1) {			LogMeOut();		}		break;	case "changepass":		if (SilentAuthUser($username, $password, 0) == 1) {			if (isset($newpass) && isset($newpass2)) {				changePass($username, $newpass, $newpass2);			} else {				changePassForm();			}		}		break;	case "changeinfo":		if (SilentAuthUser($username, $password, 0) == 1) {			changeInfo($username);		}		break;	// BEGIN WARRANT OFFICER CONSOLE	case "postnews":		if (SilentAuthUser($username, $password, 10) == 1) {			if (isset($internal) && isset($level) && isset($subject)) {				postNews($username, $internal, $level, $subject, $body, $ip);			} else {				postNewsForm();			}		}		break;	case "requestupload":		if (SilentAuthUser($username, $password, 10) == 1) {			requestupload($username);		}		break;	case "addmember":		if (SilentAuthUser($username, $password, 10) == 1) {			addmember($username);		}		break;	case "disablemem":		if (SilentAuthUser($username, $password, 10) == 1) {			disablemem($username);		}		break;	case "promote":		if (SilentAuthUser($username, $password, 10) == 1) {			promote($username);		}		break;	case"demote":		if (SilentAuthUser($username, $password, 10) == 1) {			demote($username);		}		break;		case "awardmedal":		if (SilentAuthUser($username, $password, 10) == 1) {			awardmedal($username);		}		break;	case "revokemedal":		if (SilentAuthUser($username, $password, 10) == 1) {			revokemedal($username);		}		break;	case "undisable":		if (SilentAuthUser($username, $password, 10) == 1) {			undisable($username);		}		break;	// BEGIN OFFICER'S CONSOLE	case "tournadd":		if (SilentAuthUser($username, $password, 15) == 1) {			tournadd($username);		}		break;	case "tournremove":		if (SilentAuthUser($username, $password, 15) == 1) {			tournremove($username);		}		break;	case "tournedit":		if (SilentAuthUser($username, $password, 15) == 1) {			tournedit($username);		}		break;	case "scrimadd":		if (SilentAuthUser($username, $password, 15) == 1) {			scrimadd($username);		}		break;	case "scrimremove":		if (SilentAuthUser($username, $password, 15) == 1) {			scrimremove($username);		}		break;	case "scrimedit":		if (SilentAuthUser($username, $password, 15) == 1) {			scrimedit($username);		}		break;	case "caladd":		if (SilentAuthUser($username, $password, 15) == 1) {			caladd($username);		}		break;	case "calremove":		if (SilentAuthUser($username, $password, 15) == 1) {			calremove($username);		}		break;	case "caledit":		if (SilentAuthUser($username, $password, 15) == 1) {			caledit($username);		}		break;	// BEGIN GENERAL AND COMMANDERS CONSOLE	case "memberip":		if (SilentAuthUser($username, $password, 21) == 1) {			memberip($username);		}		break;	case "steamid":		if (SilentAuthUser($username, $password, 21) == 1) {			steamid($username);		}		break;	case "changemember":		if (SilentAuthUser($username, $password, 21) == 1) {			changemember($username);		}		break;	case "deletemember":		if (SilentAuthUser($username, $password, 21) == 1) {			deletemember($username);		}		break;	case "forumopt":		if (SilentAuthUser($username, $password, 21) == 1) {			forumopt($username);		}		break;	case "appupload":		if (SilentAuthUser($username, $password, 21) == 1) {			appupload($username);		}		break;		case "banip":		if (SilentAuthUser($username, $password, 21) == 1) {			banip($username);		}		break;	case "unbanip":		if (SilentAuthUser($username, $password, 21) == 1) {			unbanip($username);		}		break;	case "caldemos":		if (SilentAuthUser($username, $password, 21) == 1) {			caldemos($username);		}		break;	case "phpproxy":		if (SilentAuthUser($username, $password, 21) == 1) {			phpproxy($username);		}		break;	case "lockdown":		if (SilentAuthUser($username, $password, 21) == 1) {			lockdown($username);		}		break;	default:		echo("<CENTER><font color=WHITE face=verdana size=2>SITE GREMLINS<br>			<br>This feature is currently under development<br>			OR you entered something wrong.<br><br>$view</font></CENTER>");		break;}include("footer.php");?>


The problem is either it won't set the cookie or it won't submit the form.
"The Arguments of Today Result in the Wars of Tomorrow" - Quote By Muah.
<@Logan> I spent a minute looking at my own code by accident.
<@Logan> I was thinking "What the hell is this guy doing?"

<kow`> "There are 10 types of people in the world... those who understand binary and those who don't."
<SpaceRain> That's only 2 types of people, kow.
<SpaceRain> STUPID


<[TN]FBMachine> i got kicked out of barnes and noble once for moving all the bibles into the fiction section

God i love Bash.org.

Paul

I see your form action is directing to index.php, do you have the code available for that? Because if you're redirecting yourself to this same code you will need to do something in your form action like so:


<form action=index.php?v=2 method=post>
<input type=text name=username><br>
<input type=password name=password><br>
<input type=submit value='SUBMIT'><br>


And then create an if statement in the same page to check for action and do stuff with the passed data like so:


if ($v == 2) {

$post_name = $HTTP_POST_VARS[username];
$post_password = $HTTP_POST_VARS[password];

// Dubug
echo $post_name;
echo $post_password;

More code here that will do stuff with the username and password data.

}


This is how I would troubleshoot and work the code. Also, I would recommend sanitizing the $post_name and $post_password variables; you can't trust users entering valid data.

AC_Drkan

It was merely for testing purposes.

THY very much for the help.

I have it encrypting the data and examning it to see if the user entered a valid password if the user wanted to do anything on the site. I.E. view the console, etc....
"The Arguments of Today Result in the Wars of Tomorrow" - Quote By Muah.
<@Logan> I spent a minute looking at my own code by accident.
<@Logan> I was thinking "What the hell is this guy doing?"

<kow`> "There are 10 types of people in the world... those who understand binary and those who don't."
<SpaceRain> That's only 2 types of people, kow.
<SpaceRain> STUPID


<[TN]FBMachine> i got kicked out of barnes and noble once for moving all the bibles into the fiction section

God i love Bash.org.

JTN Designer

Things I suggest doing as well;

Changing: $view = stripslashes($view);
$view = strip_tags($view);

to $view = $_GET['view'];

then in your switch use switch(strtolower($view)) {

also $ip = $_SERVER['REMOTE_ADDR'];

$_POST instead of $HTTP_POST_VARS[];

Also why store everything in one file (functions.php)? You should do an inc system, it will parse faster for you, speaking of which try to use print more when your outputting html, works a bit faster.
(advertising deleted by forum administrator)

Arta

Quote from: JTN Designer on July 02, 2005, 12:35 AM
try to use print more when your outputting html, works a bit faster.

That's not true; echo is marginally faster, because it doesn't have to return a value. In practice it makes no difference. I like to avoid both; I find it easier to do this:


<?

if(something_is_true)
{
    ?> This condition is true. <?
}

?>


This avoids the need to escape slashes the whole time. In the following example, I think the second line is much more readable:


echo "<a href=\"" . $Array['LinkURL'] . "\">" . $Array['LinkText'] . "</a>";
?><a href="<?=$Array['LinkURL'];?>"><?=$Array['LinkText'];?></a><?


You may also wish to consider using $_REQUEST instead of $_GET and $_POST. It often makes maintenance rather easier.

JTN Designer

Quote from: Arta[vL] on July 02, 2005, 07:37 AM
Quote from: JTN Designer on July 02, 2005, 12:35 AM
try to use print more when your outputting html, works a bit faster.

That's not true; echo is marginally faster, because it doesn't have to return a value. In practice it makes no difference. I like to avoid both; I find it easier to do this:


<?

if(something_is_true)
{
    ?> This condition is true. <?
}

?>


This avoids the need to escape slashes the whole time. In the following example, I think the second line is much more readable:


echo "<a href=\"" . $Array['LinkURL'] . "\">" . $Array['LinkText'] . "</a>";
?><a href="<?=$Array['LinkURL'];?>"><?=$Array['LinkText'];?></a><?


You may also wish to consider using $_REQUEST instead of $_GET and $_POST. It often makes maintenance rather easier.

$HTTP_POST_VARS != $_REQUEST :P I was just making a correction based on his current code, although I never did think about how maintence would be a tad easier using that method. Also I've always used print for HTML/complex functions but echo for everything :)
(advertising deleted by forum administrator)

Arta

Quote from: JTN Designer on July 02, 2005, 10:26 AM
$HTTP_POST_VARS != $_REQUEST :P

Huh? I didn't say it was...

JTN Designer

No no, the reason I said to use $_POST[] instead of $HTTP_POST_VARS[], is because the latter is an outdated version of $_POST[], and to just use that instead, not to replace it with another super global, just a revision to what he already had :)
(advertising deleted by forum administrator)