05.04.2012, 21:33
Hi i setted up Whirpool and its hashing aswell. The password match when i log in game but not in the UCP.
I tried for over 1 hour to find the problem but with any results.
index.php
login.php
I tried for over 1 hour to find the problem but with any results.
index.php
PHP код:
<?php
//SELECT COUNT(*)
if(!isset($_SESSION["kasutaja"]) && !isset($_POST["name"]))
{
echo '
<form name="input" action="index.php?page=home" method="post">
<h3>Login</h3>';
if(isset($_SESSION["JLO"]))
{
echo '<p><font color="green">You have been logged out!</font></p>';
unset($_SESSION["JLO"]);
}
if($page == "stats")
{
echo "<br />
<ul>
<li><a href='?page=bans'>Bans</a></li>
<li><a href='?page=players'>Players</a></li>
<li><a href='?page=top'>Top Stats</a></li>
</ul>";
}
else
{
echo'
<p style="padding: 0 0 9px 0;"><input class="login2" type="text" name="name" placeholder="Username"</p>
<p style="padding: 0 0 9px 0;"><input class="login2" type="password" name="pass" placeholder="Password"</p>
<p><input class="login" name="login" type="submit" value="Login" /></p>
</form>';
}
}
else if(isset($_POST["name"]))
{
$kasutaja = $_POST["name"];
$pass = $_POST["pass"];
$querytxt = "SELECT * FROM accounts WHERE Name = '$kasutaja'";
$result = mysql_query($querytxt);
$nouser = mysql_num_rows($result);
$row = mysql_fetch_row($result);
if($nouser == 0)
{
if($page == "stats")
{
echo "<br />
<ul>
<li><a href='?page=bans'>Bans</a></li>
<li><a href='?page=players'>Players</a></li>
<li><a href='?page=top'>Top Stats</a></li>
</ul>";
}
else
{
echo '
<form name="input" action="index.php?page=home" method="post">
<h3>Login</h3>
<p><font color="red">User doesnt exist!</font></p>
<p style="padding: 0 0 9px 0;"><input class="login2" type="text" name="name" placeholder="Username"</p>
<p style="padding: 0 0 9px 0;"><input class="login2" type="password" name="pass" placeholder="Password"</p>
<p><input class="login" name="login" type="submit" value="Login" /></p>
</form>';
}
}
else if($pass != $row[1])
{
if($page == "stats")
{
echo "<br />
<ul>
<li><a href='?page=bans'>Bans</a></li>
<li><a href='?page=players'>Players</a></li>
<li><a href='?page=top'>Top Stats</a></li>
</ul>";
}
else
{
echo '
<form name="input" action="index.php?page=home" method="post">
<h3>Login</h3>
<p><font color="red">Wrong password!</font></p>
<p style="padding: 0 0 9px 0;"><input class="login2" type="text" name="name" placeholder="Username"</p>
<p style="padding: 0 0 9px 0;"><input class="login2" type="password" name="pass" placeholder="Password"</p>
<p><input class="login" name="login" type="submit" value="Login" /></p>
</form>';
}
}
else
{
if($page == "stats")
{
echo "<br />
<ul>
<li><a href='?page=bans'>Bans</a></li>
<li><a href='?page=players'>Players</a></li>
<li><a href='?page=top'>Top Stats</a></li>
</ul>";
}
else
{
echo "<br />
<h5>Welcome, $kasutaja!</h5>
<ul>
<li><a href='?page=ucp'>My Account</a></li>
<li><a href='?page=skin'>Change Skin</a></li>
<li><a href='?page=pass'>Change Password</a></li>
<li><a href='?page=money'>Transfer Money</a></li>
<li><a href='logout.php'>Logout</a></li>
</ul>";
}
$_SESSION["kasutaja"] = $kasutaja;
}
}
else if(isset($_SESSION["kasutaja"]))
{
$kasutaja = $_SESSION["kasutaja"];
if($page == "stats")
{
echo "<br />
<h5>Welcome, $kasutaja!</h5>
<ul>
<li><a href='?page=ucp'>My Account</a></li>
<li><a href='?page=bans'>Bans</a></li>
<li><a href='?page=players'>Players</a></li>
<li><a href='?page=top'>Top Stats</a></li>
<li><a href='logout.php'>Logout</a></li>
</ul>";
}
else
{
echo "<br />
<h5>Welcome, $kasutaja!</h5>
<ul>
<li><a href='?page=ucp'>My Account</a></li>
<li><a href='?page=skin'>Change Skin</a></li>
<li><a href='?page=pass'>Change Password</a></li>
<li><a href='?page=money'>Transfer Money</a></li>
<li><a href='logout.php'>Logout</a></li>
</ul>";
}
}
?>
</div>
</div>
<div id="content">
<?php
if($page == "home")
{
echo "<h1>Antroprox Gaming • Home</h1>
<p>Welcome to Antroprox Roleplay Homepage!
<hr width='100%' color='#35BDF5' size='6' /><br />
This is our homepage and roleplay's server user control panel.<br /> Here you can see your in-game statistics like: Money, Skin, Faction, Bans and a lot more!
<br />You can also change your password, change your skin, transfer money to other players and more!
<br />Besides that, you can also see latest news, updates and announcements!</p>";
}
else if($page == "pass")
{
echo '<form name="input" action="?page=changed" method="post">
Current Password: <br /><input style="width: 267px; padding: 0px 0 10px 0; type="password" name="currentpassword" /> <br />
New Password: <br /><input style="width: 267px; padding: 0px 0 10px 0; type="password" name="newpass" />
New Password Confirm: <br /><input style="width: 267px; padding: 0px 0 10px 0; type="password" name="newpassconfirm" /> <br />
<input class="myButton" style="width: 267px;" type="submit" value="Submit" />
</form>';
}
else if($page == "changed")
{
if(!isset($_SESSION["kasutaja"]) && !isset($_POST["kasutaja"]))
{
echo "<p>You are not logged in!</p>";
}
else
{
$newpass = mysql_escape_string($_POST['newpass']);
$newpassconfirm = mysql_escape_string($_POST['newpassconfirm']);
$password = mysql_escape_string($_POST['currentpassword']);
$username = mysql_escape_string($_SESSION["username"]);
if($newpass != $newpassconfirm)
{
echo "Password's aren't identical, please retype them.";
echo "<meta http-equiv='Refresh' content='5;url=?page=pass' />";
}
else
{
$kasutaja = $_SESSION["kasutaja"];
$querytxt = "SELECT Password FROM accounts WHERE Name = '$kasutaja' AND Password = '$password'";
$result = mysql_query($querytxt);
if(!mysql_num_rows($result))
{
echo "Current password is incorrect.";
echo "<meta http-equiv='Refresh' content='5;url=?page=pass' />";
}
else
{
echo "Password changed.";
echo "<meta http-equiv='Refresh' content='5;url=?page=home' />";
mysql_query("UPDATE accounts SET Password = '$newpass' WHERE Name = '$kasutaja'");
}
}
}
}
PHP код:
<?php
session_start();
include("connect.php");
if(isset($_POST["nimi"]))
{
$kasutaja = $_POST["nimi"];
$pass = $_POST["parool"];
$querytxt = "SELECT * FROM accounts WHERE Name = '$kasutaja'";
$result = mysql_query($querytxt);
$nouser = mysql_num_rows($result);
$row = mysql_fetch_row($result);
if($nouser == 0)
{
echo '<div class="oskar"><font color="red">User doesent Exist!</font><form name="input">
Username: <input type="text" name="kasutaja" />
Password: <input type="password" name="parool" />
<br />
<input type="button" value="Submit" onClick="get();" />
</form></div>';
}
else if($pass != $row[1])
{
echo '<div class="oskar"><font color="red">Wrong Password!</font><br /><form name="input">
Username: <input type="text" name="kasutaja" />
Password: <input type="password" name="parool" />
<br />
<input type="button" value="Submit" onClick="get();" />
</form></div>';
}
else
{
echo "<ul class='sb_menu'>
<li><h3>Welcome, $kasutaja!</h3></li>
<li><a href='?page=ucp'>My Account</a></li>
<li><a href='logout.php'>Logout</a></li>
</ul>";
$_SESSION["kasutaja"] = $kasutaja;
}
}
?>