Cookies gemmes ikke!
Hejsa allesammen.Jeg er gået igang med at udvikle et habbo fansite i PHP/MySQL. jeg er bare stødt ind i det problem, at cookies ikke bliver gemt! (Jeg går ud fra at det er en kodefejl, da det ikke virker i 3 forskellige browsere hvori cookies virker på alle andre sider).
Selve problemet er, at når man prøver at logge ind, med rigtig username og passoword, skriver den at man er logget ind som [brugernavn], videresender en til forsiden - men man er ikke logget ind, selvom man burde være det! Scriptet har virket tidligere, men jeg må have lavet en fejl jeg ikke kan spotte under en redigering...
Jeg ville blive rigtig glad hvis nogen kunne spotte fejlen. Hvis nogen vil se siden i aktion, findes siden på http://mevu.dk/habzacenter
index.php
[code]
<?php
ob_start();
include "mysql_connect.php";
include "config.php";
include "functions.php";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title><?php echo $site[title]; ?> - Forside</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="global.css" rel="stylesheet" type="text/css" />
<link rel="stylesheet" type="text/css" href="anylinkmenu.css" />
<script type="text/javascript" src="menucontents.js"></script>
<script type="text/javascript" src="anylinkmenu.js"></script>
</head>
<body>
<div id="container">
<div id="banner">
<img src="http://mevu.dk/habzacenter/volter_text.php?text=<?php echo $site[title]; ?>" style="padding-left: 15px;padding-top: 32px;">
</div>
<div id="radio_stats">
<?php include "user_stats.php"; ?>
</div>
<div id="navigation"><?php include "nav.php"; ?></div>
<div id="left_side">
//Her inkluderes left.php, hvori filen med login systemet
//inkluderes i
<?php include "left.php"; ?>
</div>
<div id="content">
<img src="_images/_content/content.php?t=<?php echo $site[title]; ?>">
<div id="content_mid">
<img src="images/frank/frank_opendoor.gif" style="float:right;margin:0 10px 0 0;" />
<p>Velkommen til <strong>HabzaCenter</strong>, et uofficielt dansk, fansite til den kendte chat, Habbo Hotel. Vi tilbyder vores brugere nyheder og artikler, et debat forum, Habbo guides, konkurrencer og et godt community, som målrettet går<br> efter, at der skal være plads til alle.
<br><br><br><br>
<img src="images/frank/frank_14.gif" style="float:left;margin:0 10px 0 0;" />
Hvis dette er dit første besøg på siden, kan du oprette en bruger ved at <a href="register.php">trykke her. </a><br>
Ellers kan du logge ind på siden til venstre.<br><br>
<strong>God fornøjelse med siden.</strong></p>
</div>
<div id="content_bot"></div>
</div>
<div id="right_side">
<?php include "right.php"; ?>
</div>
</div>
<div id="footer"></div>
</body>
<script type="text/javascript">
//anylinkcssmenu.init("menu_anchors_class") //Pass in the CSS class of anchor links (that contain a sub menu)
anylinkcssmenu.init("menuanchorclass")
</script>
</html>
<?php
ob_flush();
?>
[/code]
config.php
[code]
<?php
$config = mysql_fetch_array(mysql_query("SELECT * FROM config"));
$site[title] = $config["title"];
$site[url] = $config["url"];
$site[admin] = $config["admin"];
$site[forum] = $config["forum"];
$site[forumlink] = $config["forumlink"];
$site[email] = $config["email"];
$site[maintainance] = $config["maintainance"];
$site[installed] = $config["installed"];
$site[an] = $config["admin_notes"];
$stats[users] = mysql_num_rows(mysql_query("SELECT * FROM users"));
$stats[news] = mysql_num_rows(mysql_query("SELECT * FROM news"));
$stats[news_comments] = mysql_num_rows(mysql_query("SELECT * FROM news_comments"));
$stats[spotlight] = mysql_num_rows(mysql_query("SELECT * FROM spotlight"));
$user = mysql_fetch_array(mysql_query("SELECT * FROM users WHERE `id` = '$_COOKIE[habsys_id]'"));
if($user["id"]){
if($_COOKIE['habsys_password'] == md5($user["password_u"])){
if($_COOKIE['habsys_sec'] == md5($user["ip"])){
$in = mysql_fetch_array(mysql_query("SELECT * FROM users WHERE `id` = '$_COOKIE[habsys_id]'"));
}
}
}
if($site[maintainance] == '1' && $in["rank"] !== 'Administrator'){
header("Location: maintainance.php");
}
?>
[/code]
functions.php
[code]
<?php
function validEmail($email){
if(preg_match("/^[^@]*@[^@]*\.[^@]*$/", $email)) {
return true;
}else{
return false;
}
}
function userRow($id,$row){
$user = strip_tags(mysql_real_escape_string($id));
$user = mysql_query("SELECT * FROM users WHERE `id` = '$user'");
if(mysql_num_rows($user) == 0){
return 'Denne bruger eksisterer ikke!';
}else{
$array = mysql_fetch_array($user);
return $array[$row];
}
}
function userID($username){
$user = strip_tags(mysql_real_escape_string($username));
$user = mysql_query("SELECT * FROM users WHERE `username` = '$user'");
if(mysql_num_rows($user) == 0){
return 'Denne bruger eksisterer ikke!';
}else{
$q = mysql_fetch_array($user);
return $q["id"];
}
}
function userUpdate($id,$row,$new){
$user = strip_tags(mysql_real_escape_string($id));
$user = mysql_query("SELECT * FROM users WHERE `id` = '$user'");
if(mysql_num_rows($user) == 0){
return 'Denne bruger eksisterer ikke!';
}else{
mysql_query("UPDATE `users` SET `".$row."` = '".$new."' WHERE `id` = '".$id."'");
}
}
function userDelete($id){
$user = strip_tags(mysql_real_escape_string($id));
$user = mysql_query("SELECT * FROM users WHERE `id` = '$user'");
if(mysql_num_rows($user) == 0){
return 'Denne bruger eksisterer ikke!';
}else{
$r = mysql_fetch_array($user);
mysql_query("DELETE FROM users WHERE `username` = '".$r[username]."");
}
}
function userExistsID($id){
$user = strip_tags(mysql_real_escape_string($id));
$user = mysql_query("SELECT * FROM users WHERE `id` = '$user'");
if(mysql_num_rows($user) == 0){
return false;
}else{
return true;
}
}
function userExists($id){
$user = strip_tags(mysql_real_escape_string($id));
$user = mysql_query("SELECT * FROM users WHERE `username` = '$user'");
if(mysql_num_rows($user) == 0){
return false;
}else{
return true;
}
}
function emailUsed($email){
$email = strip_tags(mysql_real_escape_string($email));
$email = mysql_query("SELECT * FROM users WHERE `email` = '$email'");
if(mysql_num_rows($email) == 0){
return false;
}else{
return true;
}
}
function cutString($string, $length){
$strl = strlen($string);
$strl = $length - $strl;
$sub = substr($string, "0", $strl). "...";
return $sub;
}
?>
[/code]
left.php
[code]
<img src="_images/_blue/blue.php?t=Seneste Artikler">
<div id="blue_mid">
<?php
$latest10 = mysql_query("SELECT * FROM news ORDER BY `id` DESC LIMIT 10");
if(mysql_num_rows($latest10) == 0){
echo 'There are no news topics!';
}else{
while($l10 = mysql_fetch_array($latest10)){
$id = $l10["id"];
$title = $l10["title"];
$comments = $l10["comments"];
$author = $l10["author"];
$username = userRow($author, 'username');
echo '<a href="article.php?id='.$id.'" title="Author: '.$username.' | Comments: '.$comments.'">'.$title.'</a><br>';
}
}
?>
</div>
<div id="blue_bot"></div>
<img src="_images/_green/green.php?t=Bruger System">
<div id="green_mid">
<?php include "usersystem.php"; ?>
</div>
<div id="green_bot"></div><br>
<img src="_images/_blue/blue.php?t=Nyttige links">
<div id="blue_mid">
<a href="disclaimer.php">Ansvarsfraskrivelse</a>
</div>
<div id="blue_bot"></div>
[/code]
Usersystem.php - Det er heri selve cookiesne er!
[code]
<?php
if($in["username"]){
if($in["messages"] == '0'){
$msg = '0';
}else{
$msg = '<strong>'.$in["messages"].'</strong>';
}
echo '<center><a href="profile.php?id='.$in["id"].'"><strong>'.$in["username"].'</strong></a><br>
<a href="editpassword.php">Skift Password</a> | <a href="editemail.php">Skift E-Mail</a><br>
<a href="editprofile.php">Redigér Profil</a><br>
<a href="pm.php" class="menuanchorclass" rel="anylinkmenu1">Beskeder ('.$msg.')</a><br>
<a href="logout.php">Log ud</a>';
if($in["rank"] == 'Administrator'){
echo '<br><a href="admincp.php">Admin Panel</a>';
}
}else{
if($_POST[login]){
$username = strip_tags(mysql_real_escape_string($_POST['username']));
$password = strip_tags(mysql_real_escape_string($_POST['password']));
$ip = strip_tags($_SERVER['REMOTE_ADDR']);
if(!$username){
$error .= '<li>Du skal indtaste dit brugernavn.</li>';
}
if(!$password){
$error .= '<li>Du skal indtaste dit password.</li>';
}
if(!$error){
$user = mysql_query("SELECT * FROM users WHERE `username` = '$username'");
if(mysql_num_rows($user) == 0){
echo '<li>Brugeren eksisterer ikke!</li>';
}else{
$r = mysql_fetch_array($user);
if($r["password"] == md5($password)){
setcookie("habsys_password", md5($password), time() + 60*60*24*5);
setcookie("habsys_sec", md5($ip), time() + 60*60*24*5);
setcookie("habsys_id", $r["id"], time() + 60*60*24*5);
setcookie("habsys_last_visit", date("j M Y - G:i", strtotime("+2 hours")), time()+60*60*24*5);
echo 'Du er nu logget ind som <strong>'.$r["username"].'</strong>.
<meta http-equiv="refresh" content="1;index.php">';
}else{
echo 'Forkert password!';
}
}
}else{
echo 'Du kunne ikke logge ind, da følgende fejl opstod:<ul>'.$error.'</ul>';
}
}
echo '<form method="post">
<input type="text" name="username" id="username" value="';if($username){ echo $username; }else{ echo 'Brugernavn...'; } echo '" onfocus="java script:username();" onblur="java script:username();" size="25" maxlength="30"><br>
<input type="password" name="password" id="password" value="password..." onfocus="java script:password();" onblur="java script:password();" size="25" maxlength="40"><br>
<input type="submit" name="login" value="Log Ind">
</form>
<a href="register.php">Registrer</a> | <a href="forgot.php">Glemt Login?</a>';
}
?>
[/code]
Tilsyneladende kan man ikke se alt koden her på siden, men hvis i markerer teksten og kopierer det over i fx notepad burde i kunne se det hele ;)
På forhånd mange tak.
- Freddie