| Author | Message | Time |
|---|---|---|
| AC_Drkan | It will not pass the username or password from the login. [code]<?php define("Clan_Scripts", TRUE); require("dbconnection.php"); require("functions.php"); $username = $usercook; $password = $passcook; setcookie("usercook", "$username"); setcookie("passcook", "$password"); $ip = $HTTP_REMOTEADDR; $view = stripslashes($view); $view = strip_tags($view); echo("<body bgcolor=BLACK> <form action=index.php method=post> <input type=text name=username><br> <input type=password name=password><br> <input type=submit value='SUBMIT'><br>"); echo("<!-- $username \/\/ $password -->"); if (isset($username) && isset($password)) { echo("<a href=index.php?view=console>CLICK HERE</a>"); } switch($view) { case "profile": $id = stripslashes($id); $id = strip_tags($id); dispProfile($id); break; case "members": dispMembers(); break; // BEGIN ENLISTED CONSOLE case "console": if (DisplayAuthUser($username, $password, 0) == 1) { $username = stripslashes($username); $username = strip_tags($username); $result = @mysql_query("SELECT id, username FROM members WHERE username = '$username'"); extract($result); dispProfile($id); echo("<BR><BR>"); dispConsole($username); } break; case "logs": if (SilentAuthUser($username, $password, 0) == 1) { if (isset($page)) { dispLogs($username, $page); } else { displogs($username, 0); } } break; case "inbox": if (SilentAuthUser($username, $password, 0) == 1) { dispInbox($username); } break; case "sendpm": if (SilentAuthUser($username, $password, 0) == 1) { if (isset($username) && isset($receiver) && isset($message)) { sendPM($username, $receiver, $message, $ip); } else { sendPMForm(); } } break; case "logout": if (SilentAuthUser($username, $password, 0) == 1) { LogMeOut(); } break; case "changepass": if (SilentAuthUser($username, $password, 0) == 1) { if (isset($newpass) && isset($newpass2)) { changePass($username, $newpass, $newpass2); } else { changePassForm(); } } break; case "changeinfo": if (SilentAuthUser($username, $password, 0) == 1) { changeInfo($username); } break; // BEGIN WARRANT OFFICER CONSOLE case "postnews": if (SilentAuthUser($username, $password, 10) == 1) { if (isset($internal) && isset($level) && isset($subject)) { postNews($username, $internal, $level, $subject, $body, $ip); } else { postNewsForm(); } } break; case "requestupload": if (SilentAuthUser($username, $password, 10) == 1) { requestupload($username); } break; case "addmember": if (SilentAuthUser($username, $password, 10) == 1) { addmember($username); } break; case "disablemem": if (SilentAuthUser($username, $password, 10) == 1) { disablemem($username); } break; case "promote": if (SilentAuthUser($username, $password, 10) == 1) { promote($username); } break; case"demote": if (SilentAuthUser($username, $password, 10) == 1) { demote($username); } break; case "awardmedal": if (SilentAuthUser($username, $password, 10) == 1) { awardmedal($username); } break; case "revokemedal": if (SilentAuthUser($username, $password, 10) == 1) { revokemedal($username); } break; case "undisable": if (SilentAuthUser($username, $password, 10) == 1) { undisable($username); } break; // BEGIN OFFICER'S CONSOLE case "tournadd": if (SilentAuthUser($username, $password, 15) == 1) { tournadd($username); } break; case "tournremove": if (SilentAuthUser($username, $password, 15) == 1) { tournremove($username); } break; case "tournedit": if (SilentAuthUser($username, $password, 15) == 1) { tournedit($username); } break; case "scrimadd": if (SilentAuthUser($username, $password, 15) == 1) { scrimadd($username); } break; case "scrimremove": if (SilentAuthUser($username, $password, 15) == 1) { scrimremove($username); } break; case "scrimedit": if (SilentAuthUser($username, $password, 15) == 1) { scrimedit($username); } break; case "caladd": if (SilentAuthUser($username, $password, 15) == 1) { caladd($username); } break; case "calremove": if (SilentAuthUser($username, $password, 15) == 1) { calremove($username); } break; case "caledit": if (SilentAuthUser($username, $password, 15) == 1) { caledit($username); } break; // BEGIN GENERAL AND COMMANDERS CONSOLE case "memberip": if (SilentAuthUser($username, $password, 21) == 1) { memberip($username); } break; case "steamid": if (SilentAuthUser($username, $password, 21) == 1) { steamid($username); } break; case "changemember": if (SilentAuthUser($username, $password, 21) == 1) { changemember($username); } break; case "deletemember": if (SilentAuthUser($username, $password, 21) == 1) { deletemember($username); } break; case "forumopt": if (SilentAuthUser($username, $password, 21) == 1) { forumopt($username); } break; case "appupload": if (SilentAuthUser($username, $password, 21) == 1) { appupload($username); } break; case "banip": if (SilentAuthUser($username, $password, 21) == 1) { banip($username); } break; case "unbanip": if (SilentAuthUser($username, $password, 21) == 1) { unbanip($username); } break; case "caldemos": if (SilentAuthUser($username, $password, 21) == 1) { caldemos($username); } break; case "phpproxy": if (SilentAuthUser($username, $password, 21) == 1) { phpproxy($username); } break; case "lockdown": if (SilentAuthUser($username, $password, 21) == 1) { lockdown($username); } break; default: echo("<CENTER><font color=WHITE face=verdana size=2>SITE GREMLINS<br> <br>This feature is currently under development<br> OR you entered something wrong.<br><br>$view</font></CENTER>"); break; } include("footer.php"); ?>[/code] The problem is either it won't set the cookie or it won't submit the form. | June 30, 2005, 5:27 AM |
| Paul | I see your form action is directing to index.php, do you have the code available for that? Because if you're redirecting yourself to this same code you will need to do something in your form action like so: [code] <form action=index.php?v=2 method=post> <input type=text name=username><br> <input type=password name=password><br> <input type=submit value='SUBMIT'><br> [/code] And then create an if statement in the same page to check for action and do stuff with the passed data like so: [code] if ($v == 2) { $post_name = $HTTP_POST_VARS[username]; $post_password = $HTTP_POST_VARS[password]; // Dubug echo $post_name; echo $post_password; More code here that will do stuff with the username and password data. } [/code] This is how I would troubleshoot and work the code. Also, I would recommend sanitizing the $post_name and $post_password variables; you can't trust users entering valid data. | June 30, 2005, 7:13 PM |
| AC_Drkan | It was merely for testing purposes. THY very much for the help. I have it encrypting the data and examning it to see if the user entered a valid password if the user wanted to do anything on the site. I.E. view the console, etc.... | June 30, 2005, 9:32 PM |
| JTN Designer | Things I suggest doing as well; Changing: $view = stripslashes($view); $view = strip_tags($view); to $view = $_GET['view']; then in your switch use switch(strtolower($view)) { also $ip = $_SERVER['REMOTE_ADDR']; $_POST instead of $HTTP_POST_VARS[]; Also why store everything in one file (functions.php)? You should do an inc system, it will parse faster for you, speaking of which try to use print more when your outputting html, works a bit faster. | July 2, 2005, 5:35 AM |
| Arta | [quote author=JTN Designer link=topic=12028.msg118479#msg118479 date=1120282516] try to use print more when your outputting html, works a bit faster. [/quote] That's not true; echo is marginally faster, because it doesn't have to return a value. In practice it makes no difference. I like to avoid both; I find it easier to do this: [code] <? if(something_is_true) { ?> This condition is true. <? } ?> [/code] This avoids the need to escape slashes the whole time. In the following example, I think the second line is much more readable: [code] echo "<a href=\"" . $Array['LinkURL'] . "\">" . $Array['LinkText'] . "</a>"; ?><a href="<?=$Array['LinkURL'];?>"><?=$Array['LinkText'];?></a><? [/code] You may also wish to consider using $_REQUEST instead of $_GET and $_POST. It often makes maintenance rather easier. | July 2, 2005, 12:37 PM |
| JTN Designer | [quote author=Arta[vL] link=topic=12028.msg118494#msg118494 date=1120307869] [quote author=JTN Designer link=topic=12028.msg118479#msg118479 date=1120282516] try to use print more when your outputting html, works a bit faster. [/quote] That's not true; echo is marginally faster, because it doesn't have to return a value. In practice it makes no difference. I like to avoid both; I find it easier to do this: [code] <? if(something_is_true) { ?> This condition is true. <? } ?> [/code] This avoids the need to escape slashes the whole time. In the following example, I think the second line is much more readable: [code] echo "<a href=\"" . $Array['LinkURL'] . "\">" . $Array['LinkText'] . "</a>"; ?><a href="<?=$Array['LinkURL'];?>"><?=$Array['LinkText'];?></a><? [/code] You may also wish to consider using $_REQUEST instead of $_GET and $_POST. It often makes maintenance rather easier. [/quote] $HTTP_POST_VARS != $_REQUEST :P I was just making a correction based on his current code, although I never did think about how maintence would be a tad easier using that method. Also I've always used print for HTML/complex functions but echo for everything :) | July 2, 2005, 3:26 PM |
| Arta | [quote author=JTN Designer link=topic=12028.msg118499#msg118499 date=1120317968] $HTTP_POST_VARS != $_REQUEST :P [/quote] Huh? I didn't say it was... | July 2, 2005, 4:49 PM |
| JTN Designer | No no, the reason I said to use $_POST[] instead of $HTTP_POST_VARS[], is because the latter is an outdated version of $_POST[], and to just use that instead, not to replace it with another super global, just a revision to what he already had :) | July 2, 2005, 5:25 PM |