Login script?

MSFanBoy

BSOD
Messages
190
My login script suddenly stopped working after I started trying to incorporate md5...any ideas?

Code:
<center>
<?php

session_start();

// connect to the mysql database server.
include('inc/connect.php');

if ($_POST['username']) {
//did they supply a password and username
$username=$_POST['username'];
$pass=md5('$_POST['pass']')
if ($pass==NULL) {
echo "No password given.";
}else{
$query = mysql_query("SELECT username,pass FROM users WHERE username = '$username'") or die(mysql_error());
$data = mysql_fetch_array($query);
if($data['pass'] != $pass) {
echo "The supplied login is incorrect";
}else{
$query = mysql_query("SELECT username,pass FROM users WHERE username = '$username'") or die(mysql_error());
$row = mysql_fetch_array($query);
$_SESSION["s_username"] = $row['username'];
echo "You have successfully logged in as ".$_SESSION['s_username']." and can go to the index <a href='index.php'>here</a>.";
}
}
}
?>
<h1>Login</h1>
<form action='login.php' method='POST'>
<table style='border:1px solid #000000;'>
<tr>
<td align='right'>
Username: <input type='text' size='15' maxlength='25' name='username'>
</td>
</tr>
<tr>
<td align='right'>
Password: <input type='password' size='15' maxlength='25' name='pass'>
</td>
</tr>
<tr>
<td align='center'>
<input type="submit" value="Login">
</td>
</tr>
<tr>
<td align='center'>
<a href='register.php'>Register Here</a>
</td>
</tr>
</table>
</form>
</center>
This is the error:
Parse error: parse error, unexpected T_STRING in /home/tcp/public_html/dl/usersystem/login.php on line 12

And line 12 is this:
$pass=md5('$_POST['pass']')
 
Messages
1,072
Well, if you want to use mine here.But this is a very basic script. It dosent connect so a server and just uses 1 pass.

Code:
<div class="fw-text"> <!-- ParagraphBodyStart --><td><font face="Trebuchet MS, Verdana, Arial" size="2"><!-- ParagraphBodyStart --><SCRIPT>
function passWord() {
var testV = 1;
var pass1 = prompt('Please Enter Your Password',' ');
while (testV < 3) {
if (!pass1) 
history.go(-1);
if (pass1.toLowerCase() == "password") {
alert('Access Granted');
window.open('http://');
break;
} 
testV+=1;
var pass1 = 
prompt('Access Denied','Password');
window.open('http://');
}
if (pass1.toLowerCase()!="password" & testV ==3) 
history.go(-1);
return " ";
} 
</SCRIPT>
<CENTER>
<FORM>
<input type="button" value="Enter Secret Area" onClick="passWord()">
</FORM>
</CENTER><!-- ParagraphBodyEnd --></font></td><!-- ParagraphBodyEnd --> </div>
 

MSFanBoy

BSOD
Messages
190
That would be impossible for me to use with a registration system...I need it to connect to a database and pull the encrypted passwords..etc...

Not to mention it's javascript :p

My script works fine without the md5 hash part.
 

root

Site Team
Staff member
Messages
8,181
Location
UK
$pass=md5('$_POST['pass']')

should be

$pass=md5('$_POST['pass']');

you missed the semi colon.
 
Top