Login...Problem

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Napravio sam ja bazu, ali sada izbaca gresku u 55 redu... Napravio sam i tabelu u okvirute baze, sadrzi id, usrname, password... sve je ok, napravio sam nowog korisnika i te podatke ukucao u login stranu i opet izbaci tu gresku.... Ewo skripte...

<?PHP
//**NOTE: No space can exist before <?PHP above or it will mess up the headers***

//**REQUIRED SETUP OPTIONS...SET VALUES 1-5 TO BEGIN USING BASICLOGIN BY CHANGING VALUES IN QUOTES. WE ADVISE AGAINST CHANGING THE VARIABLE NAMES

//**STEP 1: What is the name of your site? I.E. basiclogin.com
$sitename = "basiclogin.com";

//**STEP 2: What is the site domain for emails? No Just something.com
$email_domain = "basiclogin.com";

//**STEP 3: What is the full path to the folder where the login script is located? I.E. yoursite.com/login_app
$domain = "http://www.basiclogin.com";

//**STEP 4: SET DATABASE CONNECTION VARIABLES:
$db_host = "localhost";
$db_username = "Your_username";
$db_password = "Your_password";
$db = "Your_database";

//**OPTIONS___________________________________________________________________________________________________________________________

//**OPTION: Where does a successful login redirect to? Default is a router page that redirects according to permissions rules...but can be anywhere
$successful_login_url = "router.php";

//**OPTION: Where should the Router send users with various permission levels?
$level_5_url = "admin_index.php";
$level_4_url = "admin_index.php";
$level_3_url = "admin_index.php";
$level_2_url = "admin_index.php";
$level_1_url = "sample_page.php";

//**OPTION: Where does an unsuccessful login rediredt to?
$failed_login = "login_failed.php";

//**OPTION: What is the cookie name...can be anything...no whitespaces or special characters
$cookiename = "BasicLogin";

//**OPTION: Forgot Password Email Parameters:
$from_email = "admin@$email_domain";
$reply_to_email = "admin@$email_domain";
$return_path_email = "bounce@$email_domain";

//**OPTION: What is the subject of the email that you send to someone who forgot their password?
$forgot_password_email_subject = "Your $sitename password";


//**NO NEED TO CHANGE THIS
$email_4_pw_email = $_REQUEST['email'];

if($email_4_pw_email !==''){

// connect to the server
mysql_connect( $db_host, $db_username, $db_password )
or die( "Error! Could not connect to database: " . mysql_error() );

// select the database
mysql_select_db( $db )
or die( "Error! Could not select the database: " . mysql_error() );

//The following Query Gets password from database for email if called for

$query = "SELECT * FROM users WHERE `email` LIKE '$email_4_pw_email'";

$numresults=mysql_query($query);
$numrows=mysql_num_rows($numresults);

// get results
$result = mysql_query($query) or die("Couldn't execute query");

// now you can display the results returned
while ($row= mysql_fetch_array($result)) {

$email= $row["email"];
$password = $row["password"];
$password_hint = $row["password_hint"];

//Debug: echo "<br><br>Password:$password<br><br>";

if($password_hint!==''){

//**OPTION: YOU CAN EDIT THE COPY IN THESE EMAILS IF YOU WANT. THIS ONE IS FOR PEOPLE WHO HAVE A PASSWORD HINT

$forgot_password_email = "<font size='2' face='Verdana, Arial, Helvetica, sans-serif'>This is the password manager at <b>$sitename</b>. We do not store passwords...only encrypted data. <br><br>Here is a password hint that you provided when you set up your account: $password_hint<br><br>If that helps, then you can <a href='$domain/login_app.php'>try again</a> without resetting your password<br><br>

<br>If you still can't remember then please <a href='$domain//reset_password.php?email=$email&password=$password'>Click Here</a> to reset your password. Clicking this link will assign an encrypted, temporary password for added security. The process can easily be repeated if you experience difficutlties.<br><br> Best Regards - The Database</font>";
}
else
{

//**OPTION: THIS ONE IS FOR PEOPLE WHO DON'T HAVE A PASSWORD HINT

$forgot_password_email = "<font size='2' face='Verdana, Arial, Helvetica, sans-serif'>This is the password manager at <b>$sitename</b>. We do not store passwords...only encrypted data.<br>
<br>Please <a href='$domain/reset_password.php?email=$email&password=$password'>Click Here</a> to reset your password. Clicking this link will assign an encrypted, temporary password for added security. The process can easily be repeated if you experience difficutlties.<br><br> Best Regards - The Database</font>";
}

}}

//**OPTION: THAT'S ALL FOR NOW. MORE OPTIONS MAY BE ADDED LATER. WE'LL LET YOU KNOW. OTHERWISE, FEEL FREE TO ADD YOUR OWN!
?>

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Citat:
$db_username = "Your_username";
$db_password = "Your_password";
$db = "Your_database";


Moras ovo da popunis, ako nisi mjenjao podesavanja i ako se dobro sjecam, def username za XAMPP je root, kao i sifra (root), a ime baze moras ti da uneses, ono koje si naveo pri kreiranju iste.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

U tome i jeste problem, jer sam ja definisao username i password kao (root), baza mi se zove korisnici, i nju sam kreirao i podesio... ali opet ista prica i nece da radi....

Warning: mysql_connect() [function.mysql-connect]: Access denied for user 'root'@'localhost' (using password: YES) in C:\xampp\xampp\htdocs\myWeb\login_config.php on line 54
Error! Could not connect to database: Access denied for user 'root'@'localhost' (using password: YES)

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ne znam sta da ti kazem, idi ovdje

http://localhost/security/

I prekopiraj statuse ovdje.

I probaj da se ulogujes na phpmyadmin sa tim podacima, ako ti tu nece da se uloguje, ili ne unosis dobro podatke ili si nesto promjenio, pa si zaboravio.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

ma brate jednostavno napravi novog usera i novi pass i to je to.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Popravio sam nekako onaj problem... Ali javio se drugi, ja stavim username i password u kodu kao sto jeste, i ukucam to u mojoj login strani i naravno napravim u bazi, ali stalno se stampa poruka iz koga, da username i pass nisu tacni....

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Gde si tacno menjao pass? Direktno u bazi ili??
Jesi proverio da pass nije kriptovan MD5?
Ako jeste onda preko baze ne mozes tako da menajs, mislim moze ali je to vec matematika ....

Registruj se kao novi user preko forme obrisi stari racun i postavi dozvole GRANT da imas sva odobrenja...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ivan Stojmenovic ::
Jesi proverio da pass nije kriptovan MD5?

Nije valjda da koristis samo MD5? Nemoj samo MD5 koristi i SHA1 tj. njihovu konvoluciju... Ako ti se neko dokopa baze relativno lako moze da ti nadje sifre korisnika.. Napravi se jednostavan programcic koji ce da ima standardne sifre i uporedjivace.. A ako bas volis md5 onda mu stavi nesto ovako da jos vise sakrijes sifre: md5("zdravo" . $pass . "svima"); i uvek stavi da bude na 32 bita....

@marko24h uzmi lepo i kreni da ucis... po svemu sudeci ne znas sta je baza, ne znas osnovne f-je za konektovanje na bazu i tako te pocetne stvari... lepo kreni od pocetka.. za pocetak kreni odavde da citas redom poincare.matf.bg.ac.rs/~jelenagr//uwit/php1.htm ....

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

@peca89bg
Citat:
Nije valjda da koristis samo MD5?

Naravno da ne. Kada sebi radim nesto to je sasvim druga prica. A sta njemu da sada objasnjavam kada nezna.

Uostalom to mi prvo palo na pamet