MyBB Community Forums

MyBB Community Forums > Community > General Discussion > Web Development and Administration > [SOLVED] Using the login Details via App
Full Version: [SOLVED] Using the login Details via App
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2 3 4 5 6 7

deve48

2012-01-24, 11:45 PM
Invalid login my code looks like this now:

// Check membername and HWID
$query = "SELECT member, hwid FROM loginlist WHERE member = '$username'";
$result = mysql_query($query);
if ($result && mysql_num_rows($result)) {
$row = mysql_fetch_array($result);
if ($row['hwid']!=$hwid) {
print_r($row);
die();
echo "INVALID LOGIN";
exit;

Tom K.

2012-01-24, 11:47 PM
In that snippet there change:

$query = "SELECT member, hwid FROM loginlist WHERE member = '$username'";
To:
$query = "SELECT member, hwid FROM loginlist WHERE member = '{$username}'";
Smile

deve48

2012-01-24, 11:51 PM
Invalid login my code looks now like this :

// Check membername and HWID
$query = "SELECT member, hwid FROM loginlist WHERE member = '{$username}'";
$result = mysql_query($query);
if ($result && mysql_num_rows($result)) {
$row = mysql_fetch_array($result);
if ($row['hwid']!=$hwid) {
print_r($row);
die();
echo "INVALID LOGIN";
exit;

I have changed the last echo "INVALID LOGIN"; to echo "INVALID LOGIN2"; now it says INVALID LOGIN2

Tom K.

2012-01-24, 11:54 PM
Try changing mysql_fetch_array to mysql_fetch_assoc() Smile

deve48

2012-01-24, 11:56 PM
Invalid Login2

code looks like this now :

// Check membername and HWID
$query = "SELECT member, hwid FROM loginlist WHERE member = '{$username}'";
$result = mysql_query($query);
if ($result && mysql_num_rows($result)) {
$row = mysql_fetch_assoc();
if ($row['hwid']!=$hwid) {
echo "INVALID LOGIN1";
exit;

Tom K.

2012-01-24, 11:57 PM
It needs to be mysql_fetch_assoc($result) Toungue

deve48

2012-01-24, 11:59 PM
Invalid Login2

code looks like this :

// Check membername and HWID
$query = "SELECT member, hwid FROM loginlist WHERE member = '{$username}'";
$result = mysql_query($query);
if ($result && mysql_num_rows($result)) {
$row = mysql_fetch_assoc($result);
if ($row['hwid']!=$hwid) {
echo "INVALID LOGIN1";
exit;

Tom K.

2012-01-25, 12:00 AM
Ok, post your full code in php tags again Smile

deve48

2012-01-25, 12:01 AM
(2012-01-25, 12:00 AM)Tom K. Wrote: [ -> ]Ok, post your full code in php tags again Smile
 <?php

error_reporting(0);

// Database settings
$host      = 'localhost';        
$user      = '';         
$password  = '';        
$database  = '';        
$conn = mysql_connect($host,$user,$password) or die ('Error connecting to MySQL database.');
$conn = mysql_select_db($database) or die ('Error selecting database.');

$hwid = mysql_real_escape_string($_GET['hwid']);
if ($hwid == '') {$hwid='?';}
$author = mysql_real_escape_string($_GET['author']);
$username = mysql_real_escape_string($_GET['username']);
$password = mysql_real_escape_string($_GET['password']);
//get the user info
$query = "SELECT * FROM mybb_users WHERE LOWER(username) = '{$username}';"; 
//make it into a mysql_assoc_array
$result= mysql_query($query);
$resultarr = mysql_fetch_assoc($result);
$salt = $resultarr['salt'];
$hash = md5(md5($password.$salt).$salt);

//check your hash against the one in the table
if ($resultarr['hash'] == $hash)
{
    // Check membername and HWID 
    $query = "SELECT member, hwid FROM loginlist WHERE member = '{$username}'"; 
    $result = mysql_query($query);
if ($result && mysql_num_rows($result)) {
$row = mysql_fetch_assoc($result);
if ($row['hwid']!=$hwid) {
echo "INVALID LOGIN1";
exit;
        }
    }
    // Update loginlist
    $ip = $_SERVER['REMOTE_ADDR'];
    $lastday = $firstday = time();
    $cntr = 1;
   $author = $author;
    $query = "SELECT member, ip, author, cntr FROM loginlist WHERE member = '$username' AND ip = '$ip'";
    $result = mysql_query($query);
    if ($result && mysql_num_rows($result)) {
        $row = mysql_fetch_array($result);
        $row[cntr] += 1;
        $lastday = time();
        $row[author] = $author;
        $query = "UPDATE loginlist SET lastday = '$lastday', cntr = '$row[cntr], author = '$row[author]' WHERE member = '$username' AND ip = '$ip'";
        $result=mysql_query($query);
    } else {
        $query="INSERT INTO loginlist (member, hwid, ip, lastday, firstday, cntr, block) VALUES ('$username', '$hwid', '$ip', '$lastday', '$firstday', '$cntr', '$author', '0')";
        $result=mysql_query($query);            
    }    
    // Check if IP address is blocked
    $query = "SELECT * FROM loginlist WHERE ip = '$ip'";
    $result = mysql_query($query);
    if ($result && mysql_num_rows($result) == 1) {
        $row = mysql_fetch_array($result);
        if ($row[block] == 1) {
            echo "INVALID LOGIN2";    
            exit;
        }
    }
    echo "VALID LOGIN";
} else {
    echo "INVALID LOGIN3";
} 
?>

Tom K.

2012-01-25, 12:05 AM
Ok this bit:
 // Check if IP address is blocked
    $query = "SELECT * FROM loginlist WHERE ip = '$ip'";
    $result = mysql_query($query);
    if ($result && mysql_num_rows($result) == 1) {
        $row = mysql_fetch_array($result);
        if ($row[block] == 1) {
            echo "INVALID LOGIN2";    
            exit;
        }

Replace with this:
 // Check if IP address is blocked
    $query = "SELECT * FROM loginlist WHERE ip = '{$ip}' LIMIT 1;";
    $result = mysql_query($query);
    if ($result) {
        $row = mysql_fetch_assoc($result);
        if ($row['block'] == 1) {
            echo "INVALID LOGIN2";    
            exit;
        }
Pages: 1 2 3 4 5 6 7
MyBB Community Forums > Community > General Discussion > Web Development and Administration > [SOLVED] Using the login Details via App