Kan niet inloggen ( sessies? ) - crimegame
Je voert je naam en paswoord in en hij zegt: u bent ingelogd.
Vervolgens wordt de pagina gerefreshed en kom je weer in de start pagina ( zonder menu ) en nog steeds niet ingelogd.
Wie weet hoe ik dit kan oplossen en in welk bestand ik hier anders voor moet zijn?? Zelf denk ik namelijk login.php ( hieronder gepost )
( voor iedereen begint over het gezeur en onstabiel gebeuren over crimegames ;) ik heb het grootste gedeelte zelf gemaakt en geprobeerd alles zo stabiel mogelijk te maken. Ook is de game niet standaard ;)
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
<?php /* ------------------------- */
include("_include-config.php");
if(isset($_POST['login'],$_POST['pass'])) {
$login = mysql_real_escape_string($_POST['login']);
$pass = mysql_real_escape_string($_POST['pass']);
$dbres = mysql_query("SELECT `login`,`activated` FROM `[users]` WHERE `login`='{$_POST['login']}' AND `pass`=MD5('{$_POST['pass']}')");
if(($data = mysql_fetch_object($dbres)) && $data->activated == 1) {
$validate = md5(rand(0,1000));
setcookie("login",$data->login,time()+60*60*24,"/",".demo123/");
setcookie("validate",$validate,time()+60*60*24,"/",".demo123/");
mysql_query("REPLACE INTO `[online]`(`time`,`login`,`IP`,`validate`) values(NOW(),'{$_SERVER['REMOTE_ADDR']}','{$data->login}','$validate')");
$_SESSION['login'] = $data->login;
$_SESSION['IP'] = $_SERVER['REMOTE_ADDR'];
$dbres = mysql_query("SELECT *,UNIX_TIMESTAMP(`signup`) AS `signup` FROM `[users]` WHERE `login`='{$_SESSION['login']}'");
$_SESSION['data'] = mysql_fetch_object($dbres);
}
}
else if($_GET['x'] == "logout") {
mysql_query("DELETE FROM `[online]` WHERE `login`='{$_COOKIE['login']}' AND `validate`='{$_COOKIE['validate']}' AND `IP`='{$_SERVER['REMOTE_ADDR']}'");
setcookie("login",'',time()-24*60*60,"/",".demo123/");
setcookie("validate",'',time()-24*60*60,"/",".demo123/");
unset($_SESSION['login']);
unset($_SESSION['IP']);
unset($_SESSION['data']);
}
/* ------------------------- */ ?>
include("_include-config.php");
if(isset($_POST['login'],$_POST['pass'])) {
$login = mysql_real_escape_string($_POST['login']);
$pass = mysql_real_escape_string($_POST['pass']);
$dbres = mysql_query("SELECT `login`,`activated` FROM `[users]` WHERE `login`='{$_POST['login']}' AND `pass`=MD5('{$_POST['pass']}')");
if(($data = mysql_fetch_object($dbres)) && $data->activated == 1) {
$validate = md5(rand(0,1000));
setcookie("login",$data->login,time()+60*60*24,"/",".demo123/");
setcookie("validate",$validate,time()+60*60*24,"/",".demo123/");
mysql_query("REPLACE INTO `[online]`(`time`,`login`,`IP`,`validate`) values(NOW(),'{$_SERVER['REMOTE_ADDR']}','{$data->login}','$validate')");
$_SESSION['login'] = $data->login;
$_SESSION['IP'] = $_SERVER['REMOTE_ADDR'];
$dbres = mysql_query("SELECT *,UNIX_TIMESTAMP(`signup`) AS `signup` FROM `[users]` WHERE `login`='{$_SESSION['login']}'");
$_SESSION['data'] = mysql_fetch_object($dbres);
}
}
else if($_GET['x'] == "logout") {
mysql_query("DELETE FROM `[online]` WHERE `login`='{$_COOKIE['login']}' AND `validate`='{$_COOKIE['validate']}' AND `IP`='{$_SERVER['REMOTE_ADDR']}'");
setcookie("login",'',time()-24*60*60,"/",".demo123/");
setcookie("validate",'',time()-24*60*60,"/",".demo123/");
unset($_SESSION['login']);
unset($_SESSION['IP']);
unset($_SESSION['data']);
}
/* ------------------------- */ ?>
<html>
<head>
<title>Demo123</title>
<link rel="stylesheet" type="text/css" href="">
</head>
<body style="background: #616162; margin: 0px;">
<table align="center" width=100%>
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
<?php /* ------------------------- */
if($_GET['x'] == "logout")
print " <tr><td class=\"subTitle\"><b>Login</b></td></tr>\n <tr><td class=\"mainTxt\">Je bent nu uitgelogd\n <script language=\"javascript\">setTimeout('parent.window.location.reload()',500)</script></td></tr>\n";
else if($_GET['x'] == "lostpass") {
print " <tr><td class=\"subTitle\"><b>Wachtwoord vergeten</b></td></tr>\n";
if(isset($_GET['id'],$_GET['code'])) {
$dbres = mysql_query("SELECT `login` FROM `[temp]` WHERE `id`='{$_GET['id']}' AND `code`='{$_GET['code']}' AND `area`='lostpass'");
if($data = mysql_fetch_object($dbres)) {
$dbres = mysql_query("SELECT `login`,`email` FROM `[users]` WHERE `login`='{$data->login}'");
$data = mysql_fetch_object($dbres);
$newpass = rand(100000,999999);
mysql_query("UPDATE `[users]` SET `pass`=MD5('$newpass') WHERE `login`='{$data->login}'");
mysql_query("DELETE FROM `[temp]` WHERE `id`='{$_GET['id']}'");
mail($data->email,"demo123 password","Je wachtwoord is gereset, je kan nu inloggen met: $newpass","From: demo123 <noreply@demo123>\n");
print " <tr><td class=\"mainTxt\">Je nieuwe wachtwoord is ge-emailed naar {$data->email} als je hem niet in je normale postvak ontvangt kijk dan even in je ongewenste e-mail map dan staat hij daar.</td></tr>\n";
}
}
else if(isset($_POST['email'],$_POST['login'])) {
$dbres = mysql_query("SELECT `login`,`email` FROM `[users]` WHERE `login`='{$_POST['login']}' AND `email`='{$_POST['email']}'AND `activated`=1");
if($data = mysql_fetch_object($dbres)) {
$code = rand(100000,999999);
mysql_query("INSERT INTO `[temp]`(`login`,`code`,`area`,`time`) values('{$data->login}',$code,'lostpass',NOW())");
$id = mysql_insert_id();
mail($data->email,"demo123 password","Er is een aanvraag binnengekomen om je wachtwoord te resetten. Als jij dit niet hebt aangevraagd, negeer deze email dan. Heb jij dit wel gedaan, klik dan op deze link:\nhttp://www.demo123.nl/login.php?x=lostpass&id=$id&code=$code","From: demo123 <noreply@demo123>");
print " <tr><td class=\"mainTxt\">Er is een email gestuurd naar {$data->email} met verdere instructies</td></tr>\n";
}
else
print " <tr><td class=\"mainTxt\">Er is geen gebruiker met die login en e-mail</td></tr>\n";
}
print <<<ENDHTML
<tr><td class="mainTxt" align="center"><br>
<form method="post"><table>
Login: <input type="text" name="login"><BR>
E-Mail: <input type="text" name="email"><BR>
<tr><td></td> <td><input type="submit" value="Ok" style="width: 100"></td></tr>
</form></table></td></tr>
ENDHTML;
}
else if($data) {
if($data->activated == 0)
print " <tr><td class=\"mainTxt\">Je account is nog niet geactiveerd</td></tr>\n";
else
print " <tr><td class=\"subTitle\"><b>Login</b></td></tr>\n <tr><td class=\"mainTxt\">Je bent nu ingelogd\n <script language=\"javascript\">setTimeout('parent.window.location.reload()',500)</script>\n </td></tr>\n";
}
else {
print " <tr><td class=\"subTitle\"><b>Login</b></td></tr>\n";
if(isset($_POST['login'],$_POST['pass']))
print " <tr><td class=\"mainTxt\">Verkeerde login of wachtwoord</td></tr>\n";
print <<<ENDHTML
<tr><td class="mainTxt">
<form method="post"><table align="center">
<tr><td width=100>Login:</td> <td><input type="text" name="login" maxlength=16 style="width: 150;"></td></tr>
<tr><td width=100>Wachtwoord:</td> <td><input type="password" name="pass" maxlength=16 style="width: 150;"></td></tr>
<tr><td></td><td align="right"><input type="submit" name="submit" style="width: 100;" value="Login"></td></tr>
</table></form>
</td></tr>
<tr><td class="mainTxt" align="center"><a href="login.php?x=lostpass">Wachtwoord vergeten?</a></td></tr>
ENDHTML;
}
/* ------------------------- */ ?>
if($_GET['x'] == "logout")
print " <tr><td class=\"subTitle\"><b>Login</b></td></tr>\n <tr><td class=\"mainTxt\">Je bent nu uitgelogd\n <script language=\"javascript\">setTimeout('parent.window.location.reload()',500)</script></td></tr>\n";
else if($_GET['x'] == "lostpass") {
print " <tr><td class=\"subTitle\"><b>Wachtwoord vergeten</b></td></tr>\n";
if(isset($_GET['id'],$_GET['code'])) {
$dbres = mysql_query("SELECT `login` FROM `[temp]` WHERE `id`='{$_GET['id']}' AND `code`='{$_GET['code']}' AND `area`='lostpass'");
if($data = mysql_fetch_object($dbres)) {
$dbres = mysql_query("SELECT `login`,`email` FROM `[users]` WHERE `login`='{$data->login}'");
$data = mysql_fetch_object($dbres);
$newpass = rand(100000,999999);
mysql_query("UPDATE `[users]` SET `pass`=MD5('$newpass') WHERE `login`='{$data->login}'");
mysql_query("DELETE FROM `[temp]` WHERE `id`='{$_GET['id']}'");
mail($data->email,"demo123 password","Je wachtwoord is gereset, je kan nu inloggen met: $newpass","From: demo123 <noreply@demo123>\n");
print " <tr><td class=\"mainTxt\">Je nieuwe wachtwoord is ge-emailed naar {$data->email} als je hem niet in je normale postvak ontvangt kijk dan even in je ongewenste e-mail map dan staat hij daar.</td></tr>\n";
}
}
else if(isset($_POST['email'],$_POST['login'])) {
$dbres = mysql_query("SELECT `login`,`email` FROM `[users]` WHERE `login`='{$_POST['login']}' AND `email`='{$_POST['email']}'AND `activated`=1");
if($data = mysql_fetch_object($dbres)) {
$code = rand(100000,999999);
mysql_query("INSERT INTO `[temp]`(`login`,`code`,`area`,`time`) values('{$data->login}',$code,'lostpass',NOW())");
$id = mysql_insert_id();
mail($data->email,"demo123 password","Er is een aanvraag binnengekomen om je wachtwoord te resetten. Als jij dit niet hebt aangevraagd, negeer deze email dan. Heb jij dit wel gedaan, klik dan op deze link:\nhttp://www.demo123.nl/login.php?x=lostpass&id=$id&code=$code","From: demo123 <noreply@demo123>");
print " <tr><td class=\"mainTxt\">Er is een email gestuurd naar {$data->email} met verdere instructies</td></tr>\n";
}
else
print " <tr><td class=\"mainTxt\">Er is geen gebruiker met die login en e-mail</td></tr>\n";
}
print <<<ENDHTML
<tr><td class="mainTxt" align="center"><br>
<form method="post"><table>
Login: <input type="text" name="login"><BR>
E-Mail: <input type="text" name="email"><BR>
<tr><td></td> <td><input type="submit" value="Ok" style="width: 100"></td></tr>
</form></table></td></tr>
ENDHTML;
}
else if($data) {
if($data->activated == 0)
print " <tr><td class=\"mainTxt\">Je account is nog niet geactiveerd</td></tr>\n";
else
print " <tr><td class=\"subTitle\"><b>Login</b></td></tr>\n <tr><td class=\"mainTxt\">Je bent nu ingelogd\n <script language=\"javascript\">setTimeout('parent.window.location.reload()',500)</script>\n </td></tr>\n";
}
else {
print " <tr><td class=\"subTitle\"><b>Login</b></td></tr>\n";
if(isset($_POST['login'],$_POST['pass']))
print " <tr><td class=\"mainTxt\">Verkeerde login of wachtwoord</td></tr>\n";
print <<<ENDHTML
<tr><td class="mainTxt">
<form method="post"><table align="center">
<tr><td width=100>Login:</td> <td><input type="text" name="login" maxlength=16 style="width: 150;"></td></tr>
<tr><td width=100>Wachtwoord:</td> <td><input type="password" name="pass" maxlength=16 style="width: 150;"></td></tr>
<tr><td></td><td align="right"><input type="submit" name="submit" style="width: 100;" value="Login"></td></tr>
</table></form>
</td></tr>
<tr><td class="mainTxt" align="center"><a href="login.php?x=lostpass">Wachtwoord vergeten?</a></td></tr>
ENDHTML;
}
/* ------------------------- */ ?>
</table>
</body>
</html>
Maar ik kon vanmiddag nog wel zelf inloggen op mijn site, nu heb ik net het volgende gedaan:
Internet Tools: Privacy: Advance: en overwrite automatisch cookies uitgevinkt en opeens kan ik niet meer inloggen ( weet niet of dat dat er ook iets mee te maken heeft?
Er zijn nog geen reacties op dit bericht.