Sorry Jason, still cant get it to work. The error message is not visible now, but is not showing with an incorrect entry
I have posted most of the page code below;
<?php
if (!isset($_SESSION)) {
session_start();
}
?>
<?php require_once('../Connections/lsdogs.php');?>
<?php require_once( "../WA_SecurityAssist/Helper_PHP.php" ); ?><?php
if ((((isset($_POST["autologinoption"]))?$_POST["autologinoption"]:"") != "")) {
setcookie("AutoLoginPWD", "".((isset($_POST["userpassword"]))?$_POST["userpassword"]:"") ."", time()+(60*60*24*30), "/", "", 0);
}
?><?php
if ((((isset($_POST["autologinoption"]))?$_POST["autologinoption"]:"") != "")) {
setcookie("AutoLoginUN", "".((isset($_POST["username"]))?$_POST["username"]:"") ."", time()+(60*60*24*30), "/", "", 0);
}
?><?php
if ((((isset($_POST["remembermeoption"]))?$_POST["remembermeoption"]:"") != "")) {
setcookie("RememberMePWD", "".((isset($_POST["userpassword"]))?$_POST["userpassword"]:"") ."", time()+(60*60*24*30), "/", "", 0);
}
?><?php
if ((((isset($_POST["remembermeoption"]))?$_POST["remembermeoption"]:"") != "")) {
setcookie("RememberMeUN", "".((isset($_POST["username"]))?$_POST["username"]:"") ."", time()+(60*60*24*30), "/", "", 0);
}
?><?php
if (isset($_POST["LogIn_x"]) && !isset($_POST["remembermeoption"])) {
setcookie("RememberMePWD", "", time()+(60*60*24*30), "/", "", 0);
}
?><?php
if (isset($_POST["LogIn_x"]) && !isset($_POST["remembermeoption"])) {
setcookie("RememberMeUN", "", time()+(60*60*24*30), "/", "", 0);
}
?>
<?php
if(isset($_POST["LogIn_x"])){
$WA_Auth_Parameter = array(
"connection" => $lsdogs,
"database" => $database_lsdogs,
"tableName" => "users",
"columns" => explode($WA_Auth_Separator,"un".$WA_Auth_Separator."pw"),
"columnValues" => explode($WA_Auth_Separator,"".((isset($_POST["username"]))?$_POST["username"]:"") ."".$WA_Auth_Separator."".((isset($_POST["userpassword"]))?$_POST["userpassword"]:"") .""),
"columnTypes" => explode($WA_Auth_Separator,"text".$WA_Auth_Separator."text"),
"sessionColumns" => explode($WA_Auth_Separator,"id".$WA_Auth_Separator."f_name".$WA_Auth_Separator."s_name".$WA_Auth_Separator."unit".$WA_Auth_Separator."auth".$WA_Auth_Separator."web_admin".$WA_Auth_Separator."position".$WA_Auth_Separator."lsdogs_sec".$WA_Auth_Separator."unit_admin".$WA_Auth_Separator."a_co".$WA_Auth_Separator."assessor".$WA_Auth_Separator."lsdogs_chair".$WA_Auth_Separator."lsdogs_tre".$WA_Auth_Separator."un".$WA_Auth_Separator."pw"),
"sessionNames" => explode($WA_Auth_Separator,"id".$WA_Auth_Separator."f_name".$WA_Auth_Separator."s_name".$WA_Auth_Separator."unit".$WA_Auth_Separator."auth".$WA_Auth_Separator."web_admin".$WA_Auth_Separator."position".$WA_Auth_Separator."lsdogs_sec".$WA_Auth_Separator."unit_admin".$WA_Auth_Separator."a_co".$WA_Auth_Separator."assessor".$WA_Auth_Separator."lsdogs_chair".$WA_Auth_Separator."lsdogs_tre".$WA_Auth_Separator."un".$WA_Auth_Separator."pw"),
"successRedirect" => "index.php",
"failRedirect" => "Log_In.php",
"gotoPreviousURL" => TRUE,
"keepQueryString" => TRUE
);
WA_AuthenticateUser($WA_Auth_Parameter);
}
?>
<?php
if((((isset($_SESSION["id"]) && $_SESSION["id"] != "")?"LoggedIn":"") == "")&&(((isset($_COOKIE["AutoLoginUN"]))?$_COOKIE["AutoLoginUN"]:"") != "")&&(((isset($_COOKIE["AutoLoginPWD"]))?$_COOKIE["AutoLoginPWD"]:"") != "")){
$WA_Auth_Parameter = array(
"connection" => $lsdogs,
"database" => $database_lsdogs,
"tableName" => "users",
"columns" => explode($WA_Auth_Separator,"un".$WA_Auth_Separator."pw"),
"columnValues" => explode($WA_Auth_Separator,"".((isset($_COOKIE["AutoLoginUN"]))?$_COOKIE["AutoLoginUN"]:"") ."".$WA_Auth_Separator."".((isset($_COOKIE["AutoLoginPWD"]))?$_COOKIE["AutoLoginPWD"]:"") .""),
"columnTypes" => explode($WA_Auth_Separator,"text".$WA_Auth_Separator."text"),
"sessionColumns" => explode($WA_Auth_Separator,"id".$WA_Auth_Separator."f_name".$WA_Auth_Separator."s_name".$WA_Auth_Separator."unit".$WA_Auth_Separator."position".$WA_Auth_Separator."auth".$WA_Auth_Separator."web_admin".$WA_Auth_Separator."lsdogs_sec".$WA_Auth_Separator."unit_admin".$WA_Auth_Separator."a_co".$WA_Auth_Separator."assessor".$WA_Auth_Separator."lsdogs_chair".$WA_Auth_Separator."lsdogs_tre".$WA_Auth_Separator."un".$WA_Auth_Separator."pw"),
"sessionNames" => explode($WA_Auth_Separator,"id".$WA_Auth_Separator."f_name".$WA_Auth_Separator."s_name".$WA_Auth_Separator."unit".$WA_Auth_Separator."position".$WA_Auth_Separator."auth".$WA_Auth_Separator."web_admin".$WA_Auth_Separator."lsdogs_sec".$WA_Auth_Separator."unit_admin".$WA_Auth_Separator."a_co".$WA_Auth_Separator."assessor".$WA_Auth_Separator."lsdogs_chair".$WA_Auth_Separator."lsdogs_tre".$WA_Auth_Separator."un".$WA_Auth_Separator."pw"),
"successRedirect" => "index.php",
"failRedirect" => "Log_In.php",
"gotoPreviousURL" => TRUE,
"keepQueryString" => TRUE
);
WA_AuthenticateUser($WA_Auth_Parameter);
}
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$colname_un = "-1";
if (isset($_POST['username'])) {
$colname_un = (get_magic_quotes_gpc()) ? $_POST['username'] : addslashes($_POST['username']);
}
mysql_select_db($database_lsdogs, $lsdogs);
$query_un = sprintf("SELECT un FROM users WHERE un = %s", GetSQLValueString($colname_un, "text"));
$un = mysql_query($query_un, $lsdogs) or die(mysql_error());
$row_un = mysql_fetch_assoc($un);
$totalRows_un = mysql_num_rows($un);
$colname_pw = "-1";
if (isset($_POST['userpassword'])) {
$colname_pw = (get_magic_quotes_gpc()) ? $_POST['userpassword'] : addslashes($_POST['userpassword']);
}
mysql_select_db($database_lsdogs, $lsdogs);
$query_pw = sprintf("SELECT pw FROM users WHERE pw = %s", GetSQLValueString($colname_pw, "text"));
$pw = mysql_query($query_pw, $lsdogs) or die(mysql_error());
$row_pw = mysql_fetch_assoc($pw);
$totalRows_pw = mysql_num_rows($pw);
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
<head> Code Deleted</head>
<body>
<>Menu and Header Deleted<>
<div id="LogInContainer" class="WAATK">
<form action="<?php echo ($_SERVER["PHP_SELF"].(isset($_SERVER["QUERY_STRING"])?"?".htmlentities($_SERVER["QUERY_STRING"]):""));?>" method="post" name="WAATKLogInForm" id="WAATKLogInForm">
<h1>Log In</h1>
<table class="WAATKDataTable" cellpadding="0" cellspacing="0" border="0">
<tr>
<th>User name</th>
<td><input type="text" class="WAATKTextField" name="username" value="<?php echo((isset($_COOKIE["RememberMeUN"]) && isset($_COOKIE["RememberMePWD"]))?$_COOKIE["RememberMeUN"]:"") ?>"/>
<?php if ($_SERVER["REQUEST_METHOD"] == "POST") { ?>
<?php if ($totalRows_un > 0) { // Show if recordset not empty ?>
<span class="style1">Username not recognised</span>
<?php } // Show if recordset not empty ?>
<?php } ?>
</td>
</tr>
<tr>
<th>Password</th>
<td><input type="password" class="WAATKTextField" name="userpassword" value="<?php echo((isset($_COOKIE["RememberMePWD"]))?$_COOKIE["RememberMePWD"]:"") ?>" />
<?php if ($_SERVER["REQUEST_METHOD"] == "POST") { ?>
<?php if ($totalRows_pw > 0) { // Show if recordset not empty ?>
<span class="style1">Password not recognised</span>
<?php } // Show if recordset not empty ?>
<?php } ?>
</td>
</tr>
<tr>
<th class="WAATKDataTableHeader"><input type="checkbox" name="remembermeoption" <?php echo((isset($_COOKIE["RememberMeUN"]))?"checked":"") ?> value="1" /></th>
<td class="WAATKDataTableCell">Remember me</td>
</tr>
<tr>
<th class="WAATKDataTableHeader"><input type="checkbox" name="autologinoption" value="1" /></th>
<td class="WAATKDataTableCell">Auto log in</td>
</tr>
<tr>
<th class="WAATKDataTableHeader"> </th>
<td class="WAATKDataTableCell">
<?php if ($_SERVER["REQUEST_METHOD"] == "POST") { ?>
<?php if ($totalRows_pw > 0) { // Show if recordset not empty ?>
<a href="Email_PW.php"> Forgotten Password </a>
<?php } // Show if recordset not empty ?>
<?php } ?>
</td>
</tr>
</table>
<div class="WAATKButtonRow">
<input type="image" hspace="0" vspace="0" border="0" name="LogIn" id="LogIn" value="Log In" alt="Log In" src="../WA_SecurityAssist/images/Pacifica/Refined_login.png" />
</div>
</form>
</div>
<!-- InstanceEndEditable --></div>
</div>
<div id="footer"></div>
</body>
<!-- InstanceEnd --></html>
<?php
mysql_free_result($un);
mysql_free_result($pw);
?>