Current time: 04-19-2014, 02:51 PM Hello There, Guest! (LoginRegister)


Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[SOLVED] Using the login Details via App
01-24-2012, 10:13 PM
Post: #11
RE: Using the login Details via App
(01-24-2012 10:08 PM)Tom K. Wrote:  If you use the code I posted. You need to obviously execute the queries I posted Smile

That code will work fine Smile
when I use your code only I get error

Code:
Parse error: syntax error, unexpected T_IF


but the thing is I need to fix my login page to work .what do I need to change on my page ?
Find all posts by this user
Quote this message in a reply
01-24-2012, 10:25 PM
Post: #12
RE: Using the login Details via App
You'll need to modify my code a bit so the queries are actually executed. Let me see your code with my code merged Smile I it's an unexpected T_IF then its likely you've missed a ";" Smile

Quote:Golf and alcohol don't mix, that's why I don't drink and drive!
Video Tutorials: Installing MyBB | Upgrading MyBB
Visit this user's website Find all posts by this user
Quote this message in a reply
01-24-2012, 10:29 PM
Post: #13
RE: Using the login Details via App
(01-24-2012 10:25 PM)Tom K. Wrote:  You'll need to modify my code a bit so the queries are actually executed. Let me see your code with my code merged Smile I it's an unexpected T_IF then its likely you've missed a ";" Smile

This is all my code , and doesnt work .

Code:
<?php

error_reporting(0);
// Database settings
$host      = 'localhost';        
$user      = '';    
$password  = '';        
$database  = '';      

$conn = mysql_connect($host,$user,$password) or die ('Error connecting to MySQL database.');
$conn = mysql_select_db($database) or die ('Error selecting database.');

$hwid = mysql_real_escape_string($_GET['hwid']);
if ($hwid == '') {$hwid='?';}
$author = mysql_real_escape_string($_GET['author']);
$username = mysql_real_escape_string($_GET['username']);
$password = mysql_real_escape_string($_GET['password']);
$query = "SELECT * FROM mybb_users WHERE username = '" . $user = validate_password_from_username($username,$password) . "'";
$result = mysql_query($query);

if (mysql_num_rows($result) == 1){
    // Check membername and HWID
    $query = "SELECT member, hwid FROM loginlist WHERE member = '$username'";
    $result = mysql_query($query);
    if ($result && mysql_num_rows($result)) {
        $row = mysql_fetch_array($result);
        if ($row[hwid]!=$hwid) {
            echo "INVALID LOGIN";
            exit;
        }
    }
    // Update loginlist
    $ip = $_SERVER['REMOTE_ADDR'];
    $lastday = $firstday = time();
    $cntr = 1;
   $author = $author;
    $query = "SELECT member, ip, author, cntr FROM loginlist WHERE member = '$username' AND ip = '$ip'";
    $result = mysql_query($query);
    if ($result && mysql_num_rows($result)) {
        $row = mysql_fetch_array($result);
        $row[cntr] += 1;
        $lastday = time();
        $row[author] = $author;
        $query = "UPDATE loginlist SET lastday = '$lastday', cntr = '$row[cntr], author = '$row[author]' WHERE member = '$username' AND ip = '$ip'";
        $result=mysql_query($query);
    } else {
        $query="INSERT INTO loginlist (member, hwid, ip, lastday, firstday, cntr, block) VALUES ('$username', '$hwid', '$ip', '$lastday', '$firstday', '$cntr', '$author', '0')";
        $result=mysql_query($query);            
    }    
    // Check if IP address is blocked
    $query = "SELECT * FROM loginlist WHERE ip = '$ip'";
    $result = mysql_query($query);
    if ($result && mysql_num_rows($result) == 1) {
        $row = mysql_fetch_array($result);
        if ($row[block] == 1) {
            echo "INVALID LOGIN";    
            exit;
        }
    }
    echo "VALID LOGIN";
} else {
    echo "INVALID LOGIN";
}

?>


I just changed this line but wrong I know:

Code:
$query = "SELECT * FROM mybb_users WHERE username = '" . $user = validate_password_from_username($username,$password) . "'";
Find all posts by this user
Quote this message in a reply
01-24-2012, 10:57 PM (This post was last modified: 01-24-2012 10:58 PM by Tom K..)
Post: #14
RE: Using the login Details via App
You kind of merged mine and Paul's code.

Try this (untested and written on my iPad Smile)


This bit:
PHP Code:
$host"localhost";       
$user      
'';     
$password  
'';         
$database  
'';       

$conn 
mysql_connect($host,$user,$password) or die ('Error connecting to MySQL database.');
$conn mysql_select_db($database) or die ('Error selecting database.');

$hwid mysql_real_escape_string($_GET['hwid']);
if (
$hwid == '') {$hwid='?';}
$author mysql_real_escape_string($_GET['author']);
$username mysql_real_escape_string($_GET['username']);
$password mysql_real_escape_string($_GET['password']);
//get the user info
$query = "SELECT * FROM mybb_users WHERE LOWER(username) = {$username};";
//make it into a mysql_assoc_array
$resultmysql_query($query);
$resultarr mysql_fetch_assoc($result);
$salt = $resultarr['salt'];
$hash = md5(md5($password.$salt).$salt);

//check your hash against the one in the table
if ($resultarr['hash'] == $hash)
{
    // Check membername and HWID 
    $query "SELECT member, hwid FROM loginlist WHERE member = '$username'";
    $result mysql_query($query);
    if ($result && mysql_num_rows($result)) {
        $row mysql_fetch_array($result);
        if ($row[hwid]!=$hwid) {
            echo "INVALID LOGIN";
            exit;
        }
    }
    // Update loginlist
    $ip $_SERVER['REMOTE_ADDR'];
    $lastday $firstday time();
    $cntr 1;
   $author $author;
    $query "SELECT member, ip, author, cntr FROM loginlist WHERE member = '$username' AND ip = '$ip'";
    $result mysql_query($query);
    if ($result && mysql_num_rows($result)) {
        $row mysql_fetch_array($result);
        $row[cntr] += 1;
        $lastday time();
        $row[author] = $author;
        $query "UPDATE loginlist SET lastday = '$lastday', cntr = '$row[cntr], author = '$row[author]' WHERE member = '$username' AND ip = '$ip'";
        $result=mysql_query($query);
    } else {
        $query="INSERT INTO loginlist (member, hwid, ip, lastday, firstday, cntr, block) VALUES ('$username', '$hwid', '$ip', '$lastday', '$firstday', '$cntr', '$author', '0')";
        $result=mysql_query($query);            
    
}    
    
// Check if IP address is blocked
    $query "SELECT * FROM loginlist WHERE ip = '$ip'";
    $result mysql_query($query);
    if ($result && mysql_num_rows($result) == 1) {
        $row mysql_fetch_array($result);
        if ($row[block] == 1) {
            echo "INVALID LOGIN";    
            exit
;
        }
    }
    echo "VALID LOGIN";
} else {
    echo "INVALID LOGIN";


Quote:Golf and alcohol don't mix, that's why I don't drink and drive!
Video Tutorials: Installing MyBB | Upgrading MyBB
Visit this user's website Find all posts by this user
Quote this message in a reply
01-24-2012, 11:01 PM
Post: #15
RE: Using the login Details via App
nope it says invalid login , by the way I use link like this : http://mysite.com/login.php?username=myn...ord=mypass hope that is correct
Find all posts by this user
Quote this message in a reply
01-24-2012, 11:07 PM
Post: #16
RE: Using the login Details via App
Change the last "INVALID LOGIN" to "INVLAID LOGIN TEST" Smile then we'll know why it is failing Wink

Quote:Golf and alcohol don't mix, that's why I don't drink and drive!
Video Tutorials: Installing MyBB | Upgrading MyBB
Visit this user's website Find all posts by this user
Quote this message in a reply
01-24-2012, 11:09 PM
Post: #17
RE: Using the login Details via App
now it says "INVLAID LOGIN TEST"
Find all posts by this user
Quote this message in a reply
01-24-2012, 11:12 PM
Post: #18
RE: Using the login Details via App
Ok, so we know it's failing the mybb login. Replace this:
PHP Code:
$resultarr = mysql_fetch_assoc($result); 

With this:
PHP Code:
$resultarr = mysql_fetch_assoc($result);
print_r($resultarr);
die(); 

Smile also, your table IS called mybb_users isn't it?

Quote:Golf and alcohol don't mix, that's why I don't drink and drive!
Video Tutorials: Installing MyBB | Upgrading MyBB
Visit this user's website Find all posts by this user
Quote this message in a reply
01-24-2012, 11:14 PM
Post: #19
RE: Using the login Details via App
(01-24-2012 11:12 PM)Tom K. Wrote:  Ok, so we know it's failing the mybb login. Replace this:
PHP Code:
$resultarr = mysql_fetch_assoc($result); 

With this:
PHP Code:
$resultarr = mysql_fetch_assoc($result);
print_r($resultarr);
die(); 

Smile also, your table IS called mybb_users isn't it?

yes mybb_users called. Now I have a blank page it doesnt say valid or invalid
Find all posts by this user
Quote this message in a reply
01-24-2012, 11:15 PM
Post: #20
RE: Using the login Details via App
Ok, that's good. We now know that the query is empty. This is probably because the username is invalid Smile

Are you sure the username is correct?

Quote:Golf and alcohol don't mix, that's why I don't drink and drive!
Video Tutorials: Installing MyBB | Upgrading MyBB
Visit this user's website Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us | MyBB | Return to Top | Return to Content | Lite (Archive) Mode | RSS Syndication