Next:
User can now Register - goes to Login page
Login fails and user is redirected to failture page.
Removed Page Access code from user profile page, logged in again, works fine so username and password are fine.
Inserted page access code again on user profile page, refreshed page, login fails.
login page
<?php
if (!isset($_SESSION)) {
session_start();
}
?>
<?php require_once('Connections/conn.php');?>
<?php require_once( "WA_SecurityAssist/Helper_PHP.php" ); ?><?php
if ((((isset($_POST["autologinoption"]))?$_POST["autologinoption"]:"") != "")) {
setcookie("AutoLoginPWD", "".((isset($_POST["userpassword"]))?$_POST["userpassword"]:"") ."", time()+(60*60*24*30), "/", "", 0);
}
?><?php
if ((((isset($_POST["autologinoption"]))?$_POST["autologinoption"]:"") != "")) {
setcookie("AutoLoginUN", "".((isset($_POST["username"]))?$_POST["username"]:"") ."", time()+(60*60*24*30), "/", "", 0);
}
?><?php
if ((((isset($_POST["remembermeoption"]))?$_POST["remembermeoption"]:"") != "")) {
setcookie("RememberMePWD", "".((isset($_POST["userpassword"]))?$_POST["userpassword"]:"") ."", time()+(60*60*24*30), "/", "", 0);
}
?><?php
if ((((isset($_POST["remembermeoption"]))?$_POST["remembermeoption"]:"") != "")) {
setcookie("RememberMeUN", "".((isset($_POST["username"]))?$_POST["username"]:"") ."", time()+(60*60*24*30), "/", "", 0);
}
?><?php
if (isset($_POST["LogIn_x"]) && !isset($_POST["remembermeoption"])) {
setcookie("RememberMePWD", "", time()+(60*60*24*30), "/", "", 0);
}
?><?php
if (isset($_POST["LogIn_x"]) && !isset($_POST["remembermeoption"])) {
setcookie("RememberMeUN", "", time()+(60*60*24*30), "/", "", 0);
}
?>
<?php
if($_SERVER["REQUEST_METHOD"] == "POST"){
$WA_Auth_Parameter = array(
"connection" => $conn,
"database" => $database_conn,
"tableName" => "students",
"columns" => explode($WA_Auth_Separator,"email".$WA_Auth_Separator."pwd"),
"columnValues" => explode($WA_Auth_Separator,"".((isset($_POST["username"]))?$_POST["username"]:"") ."".$WA_Auth_Separator."".((isset($_POST["userpassword"]))?$_POST["userpassword"]:"") .""),
"columnTypes" => explode($WA_Auth_Separator,"text".$WA_Auth_Separator."text"),
"sessionColumns" => explode($WA_Auth_Separator,"stID"),
"sessionNames" => explode($WA_Auth_Separator,"stID"),
"successRedirect" => "students_Profile.php",
"failRedirect" => "students_EmailPW.php",
"gotoPreviousURL" => TRUE,
"keepQueryString" => TRUE
);
WA_AuthenticateUser($WA_Auth_Parameter);
}
?>
<?php
if((((isset($_SESSION["stID"]) && $_SESSION["stID"] != "")?"LoggedIn":"") == "")&&(((isset($_COOKIE["AutoLoginUN"]))?$_COOKIE["AutoLoginUN"]:"") != "")&&(((isset($_COOKIE["AutoLoginPWD"]))?$_COOKIE["AutoLoginPWD"]:"") != "")){
$WA_Auth_Parameter = array(
"connection" => $conn,
"database" => $database_conn,
"tableName" => "students",
"columns" => explode($WA_Auth_Separator,"email".$WA_Auth_Separator."pwd"),
"columnValues" => explode($WA_Auth_Separator,"".((isset($_COOKIE["AutoLoginUN"]))?$_COOKIE["AutoLoginUN"]:"") ."".$WA_Auth_Separator."".((isset($_COOKIE["AutoLoginPWD"]))?$_COOKIE["AutoLoginPWD"]:"") .""),
"columnTypes" => explode($WA_Auth_Separator,"text".$WA_Auth_Separator."text"),
"sessionColumns" => explode($WA_Auth_Separator,"stID"),
"sessionNames" => explode($WA_Auth_Separator,"stID"),
"successRedirect" => "students_Profile.php",
"failRedirect" => "",
"gotoPreviousURL" => TRUE,
"keepQueryString" => TRUE
);
WA_AuthenticateUser($WA_Auth_Parameter);
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<title>Log In</title>
<link href="WA_SecurityAssist/styles/Refined_Pacifica.css" rel="stylesheet" type="text/css" />
<link href="WA_SecurityAssist/styles/Arial.css" rel="stylesheet" type="text/css" />
</head>
<body>
<div id="LogInContainer" class="WAATK">
<form action="<?php echo ($_SERVER["PHP_SELF"].(isset($_SERVER["QUERY_STRING"])?"?".htmlentities($_SERVER["QUERY_STRING"]):""));?>" method="post" name="WAATKLogInForm" id="WAATKLogInForm">
<h1>Log In</h1>
<table class="WAATKDataTable" cellpadding="0" cellspacing="0" border="0">
<tr>
<th>User name</th>
<td><input type="text" class="WAATKTextField" name="username" value="<?php echo((isset($_COOKIE["RememberMeUN"]) && isset($_COOKIE["RememberMePWD"]))?$_COOKIE["RememberMeUN"]:"") ?>" /></td>
</tr>
<tr>
<th>Password</th>
<td><input type="password" class="WAATKTextField" name="userpassword" value="<?php echo((isset($_COOKIE["RememberMePWD"]))?$_COOKIE["RememberMePWD"]:"") ?>" /></td>
</tr>
<tr>
<th class="WAATKDataTableHeader"><input type="checkbox" name="remembermeoption" <?php echo((isset($_COOKIE["RememberMeUN"]))?"checked":"") ?> value="1" /></th>
<td class="WAATKDataTableCell">Remember me</td>
</tr>
<tr>
<th class="WAATKDataTableHeader"><input type="checkbox" name="autologinoption" value="1" /></th>
<td class="WAATKDataTableCell">Auto log in</td>
</tr>
</table>
<div class="WAATKButtonRow">
<input type="image" hspace="0" vspace="0" border="0" name="LogIn" id="LogIn" value="Log In" alt="Log In" src="WA_SecurityAssist/images/Pacifica/Refined_login.gif" />
</div>
</form>
</div>
</body>
</html>