0 
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="jmtoday" class=" no_js">
<head>
    <title>Login | JM Today </title>
    <link href="Mainstyles.css" type="text/css" rel="stylesheet" ></link>
</head>
<body>
    <?php include("header.php"); ?>
    <?php include("navbar.php"); ?>
    <div id="wrap">


        <?php 
        checklogin();
        $check=checklogin();
        if($check ==3){
            confirmcookie($_SESSION['username'], $_SESSION['password']);
        }   

        ?>

        <?php

        $conn=mysql_connect("localhost", "***", "***") or die(mysql_error());
        mysql_select_db('jmtdy', $conn) or die(mysql_error());

        function checklogin(){
            if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){

            $_SESSION['username'] = $_COOKIE['cookname'];
            $_SESSION['password'] = $_COOKIE['cookpass'];
            return 3;
            }

            elseif(isset($_POST['sublogin'])){
                if(isset($_POST['user']) && isset($_POST['pass'])){
                    $user=mysql_escape_string($_POST['user']);
                    $pass=mysql_escape_string($_POST['pass']);
                    $result=mysql_query("select password from users where username=$user and active='1'");
                }

                else{
                    die('<p class="statusmsg">You didn\'t fill in the required fields.</p>');
                }   

                if(!$result || (mysql_num_rows($result) < 1)){
                    die('<p class="statusmsg">The username you entered is incorrect, or you haven\'t yet activated your account. Please try again.</p>');
                }

                $dbarray = mysql_fetch_array($result);
                $dbarray['password']=stripslashes($dbarray['password'];
                $password=stripslashes($pass);
                if($dbarray['password'] != $password)){
                    die('<p class="statusmsg">The password is incorrect. Please try again.</p>');   
                }

                $_SESSION['username']=$user;
                $_SESSION['password']=$password;
                if(isset($_POST['remember']){
                    setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
                setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
        }
      }
        else{
            die('<p class="statusmsg"> You came here by mistake, didn\'t you? </p>');
        }
      }

      function confirmcookie($username, $password){

        $result = mysql_query("select password from users where username = '$username'");

        if(!$result || (mysql_numrows($result) < 1)){
            unset($_SESSION['username']);
            unset($_SESSION['password']);
            die('<p class="statusmsg">The username you entered is incorrect or you have set an incorrect cookie</p>');
        }

        $dbarray = mysql_fetch_array($result);
        $dbarray['password']  = stripslashes($dbarray['password']);
        $password = stripslashes($password);

        if($password!=$dbarray['password']{
            unset($_SESSION['username']);
            unset($_SESSION['password']);
            die('<p class="statusmsg">The password you entered is incorrect or you have set an incorrect cookie.</p>'); 
        }
        }



        ?>
</div>
</body>

</html>

Thanks guys, one more question. I added this piece of code right under the tag, over the tag, but it doesn't seem to show up. Could you please help me?

   <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" id="jmtoday" class=" no_js">
<head>
    <title>Login | JM Today </title>
    <link href="Mainstyles.css" type="text/css" rel="stylesheet" ></link>
</head>
<body>
<div class="container">
    <?php include("header.php"); ?>
    <?php include("navbar.php"); ?>

    <div id="wrap">


        <?php 
        $check=checklogin();
        if($check == true){
            confirmcookie($_SESSION['username'], $_SESSION['password']);
        }   

        ?>

        <?php

        $conn=mysql_connect("localhost", "***", "***") or die(mysql_error());
        mysql_select_db('jmtdy', $conn) or die(mysql_error());

        function checklogin() {
            if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){

            $_SESSION['username'] = $_COOKIE['cookname'];
            $_SESSION['password'] = $_COOKIE['cookpass'];
            return true;
            }

            elseif(isset($_POST['sublogin'])){
                if(isset($_POST['user']) && isset($_POST['pass'])){
                    $user=mysql_escape_string($_POST['user']);
                    $pass=mysql_escape_string($_POST['pass']);
                    $result=mysql_query("select password from users where username='$user' and active='1'");
                }

                else{
                    die('<p class="statusmsg">You didn\'t fill in the required fields.</p>');
                }   

                if(!$result || (mysql_num_rows($result) < 1)){
                    die('<p class="statusmsg">The username you entered is incorrect, or you haven\'t yet activated your account. Please try again.</p>');
                }


                if($dbarray['password'] != $password){
                    die('<p class="statusmsg">The password is incorrect. Please try again.</p>');   
                }
                $dbarray = mysql_fetch_array($result);
            $dbarray['password']=stripslashes($dbarray['password']);
            $password=stripslashes($pass);
                $_SESSION['username']=$user;
                $_SESSION['password']=$password;
                if(isset($_POST['remember'])){
                    setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/");
                setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/");
        }
      }
        else{
            die('<p class="statusmsg"> You came here by mistake, didn\'t you? </p>');
        }

      } 


      function confirmcookie($username, $password){

        $result = mysql_query("select password from users where username = '$username'");

        if(!$result || (mysql_numrows($result) < 1)){
            unset($_SESSION['username']);
            unset($_SESSION['password']);
            die('<p class="statusmsg">The username you entered is incorrect or you have set an incorrect cookie</p>');
        }

        $dbarray = mysql_fetch_array($result);
        $dbarray['password']  = stripslashes($dbarray['password']);
        $password = stripslashes($password);

        if($password!=$dbarray['password']){
            unset($_SESSION['username']);
            unset($_SESSION['password']);
            die('<p class="statusmsg">The password you entered is incorrect or you have set an incorrect cookie.</p>'); 
        }
        }



        ?>
        </div>
<div class="footer"><p class="copyright">JMToday &copy; 2011</p><p class="right">A Samir Ghobril Production</p></div>
</div>
</body>

</html>

and here is Mainstyle.css for the footer:

div.footer
{
    background-color: #009933;
    padding: 0.1em;
    color: white;
    clear: left;
    }
p.copyright
{
    float: left;
    width: 320px;
    font-size: 10px;
    }
    p.right
    {
        margin-left: 190px;
        font-size: 10px;
        }
Improve this question
2
  • 2
    What is the error message you're getting? Commented Dec 22, 2010 at 17:03
  • 1
    why are you calling checklogin() immediately after you have already called it?! Commented Dec 22, 2010 at 17:09

3 Answers 3

Reset to default
1

No idea what the error is (since you haven't specified it) but try changing the SQL Query from select password from users where username=$user and active='1' to select password from users where username='$user' and active='1' (not the quotes around $user).

Also, return something better from your methods than '3'. In months time you will come back and wonder what the hell you meant by '3'.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

A closing parenthesis is missing line 51.

(The error should be displayed in your web server log).

In

  $dbarray['password']=stripslashes($dbarray['password'];

should be

  $dbarray['password']=stripslashes($dbarray['password']);
Improve this answer

1 Comment

Closing parenthesis also missing from Ln. 83, if($password!=$dbarray['password']{ should be if($password!=$dbarray['password']){
0

@Samir Ghobril: Update the portion of Mainstyles.css which you posted with these rules --

div.footer
{
    background-color: #009933;
    clear: both;
    color: white;
    overflow: hidden;
    padding: 0.1em;
}
p.copyright
{
    float: left;
    font-size: 10px;
    width: 120px;
}
p.right
{
    float: right;
    font-size: 10px;
    width: 120px;
}

You should also update your HTML <head> with

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html lang="en">
<head>
    <title>Login | JM Today </title>
    <link href="Mainstyles.css" type="text/css" rel="stylesheet">
</head>

so that it will validate for the DOCTYPE you're using.

Improve this answer

2 Comments

I did all that but it didn't help.
@Samir Ghobril: Is it still not displaying the footer at all or is there a different problem? I'm really struggling to help you because I don't have a copy of your full source-code; could you perhaps use jsfiddle.net to post a copy of the output of your site's code (view the source in your browser to get it) as well as your complete Mainstyles.css?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.