Hello everyone! I've been having issues with a script me and a co-worker created for a system that I'm developing so that people can register and manage their shifts for a convention:
<?php
// starts a session, this must be before ANY output is sent to the browser, including whitespace and stuff from other includes. each page where you want to access session data, use this.
session_start();
//db connect
$con = mysql_connect('localhost', 'houkoco_voluntee', '3598') or die('I cannot connect to the database because: ' . mysql_error());
mysql_select_db("houkoco_volunteer") or die( "Unable to select database.");
$nickname = $_POST['nickname']; // convert post vars to local vars
$pw = $_POST['pw'];
$query = "SELECT * FROM users WHERE nickname='$nickname'"; // check db for users w/ the entered nickname
$result = mysql_query($query); // this runs our query and gives us a 'result set'
// the function below checks to see how many rows were returned, if its more than 0, then the user entered exists in the database, so we want to check the pw.
if (mysql_num_rows($result) > 0) {
// this puts our information that was returned from the database into an array
$userinfo = mysql_fetch_assoc($result);
// this is the pw for the entered user that is in the database, see how you can access this from the result set by using the array name $userinfo, and then the column name as the index
$actual_pw = $userinfo['pw'];
if ($pw == "$actual_pw") { // if what they entered matches whats in the database
$_SESSION['loggedin'] = true; // set them as being logged in
} else {
$_SESSION['loggedin'] = false; // this should default to false, but just in case we'll set to false if the pws dont match
$error = 'WRONG PASSWORD. Please try again.'; // realistically you'd wanna tell the user their pw sucks, so this is what we'd do for now
}
} else { // if there were no rows returned, which means that user doesn't exist
$error = 'That nickname does not exist, try again';
}
if ($_SESSION['loggedin']) {
?>
This is some spiffy secret logged in only data.
<a href="index.php">Log out!</a>
<?php
}
?>
That's the code, for some reason its totally ignoring the security aspect. What I mean is that the code logs anyone in. I can make up a bogus name and password and it still logs me in as if it was a valid password or name. Can someone help point out the error in this code so I can move on? I've been trying to figure it out for nearly two days now.:confused: