A little coding question

[:Lively]

tried all them, and it aint workin

[loserWILL]

What's the URL?

[ThisNameWillDo!]

Yes, please tell us the URL so we can check this.

- Vince.

[:Lively]

http://www.blazeradio.nationvoice.co.../minilogin.php

user: demo
pass: demo

you'll notice when u log in it displays http://www.blazeradio.nationvoice.co...niprofile.php?name=$realuser


it shud b sayin name=demo

(log out n log back in if u dun see the login page)

[loserWILL]

Did you use the code I posted?

[:Lively]

yep i tried that, with $username instead

[loserWILL]

Did you copy and paste the exact code I posted?

[:Lively]

err no, wos there something else?

[loserWILL]

Yes, there was. Copy and paste the following code, exactly.

PHP Code:

<?php
if(@file_exists("installer.php"))
{
header("Location: installer.php?stage=1");
}
session_start();
include("includes/functions.php");
include("includes/config.php");

// Check for login
if($_GET['inside'] == "yes" || isset($_SESSION['username']) && isset($_SESSION['password']) && !$_SESSION['level'] == "banned") {
##### CHECK FOR FIRST-TIME USER #####
$checker = mysql_fetch_array(mysql_query("SELECT * FROM users WHERE username = '$_SESSION[username]'"));
$username = $_POST['username'];

if($checker['firsttime'] == "") {
header('location: miniprofile.php?firstime=yes');
die();
} else {
header('location: miniprofile.php?name=$username');
die();
}
}


elseif($_GET['method'] == "login") {

$username = $_POST['username'];
$password = $_POST['password'];

if(empty($username) || empty($password)) {
header('location: minilogin.php?error=2');
die();
}




// Clean out and encrypt strings

$username = clean($username);
$password = encrypt($password);

// We have encrypted and cleaned the strings.

$check = mysql_query("SELECT * FROM users WHERE username = '$username'");
while($rows = mysql_fetch_array($check)) {
$realpass = $rows[password];
$level = $rows[level];
$realuser = $rows[username];
}

$rows3 = mysql_num_rows($check);


if($rows3 == "0") {
header('location: minilogin.php?error=1');
die();
}

if($password == $realpass) {
// Set the sessions
$_SESSION['username'] = $realuser;
$_SESSION['password'] = $password;
$_SESSION['level'] = $level;

##### CHECK FOR FIRST-TIME USER #####
$checker = mysql_fetch_array(mysql_query("SELECT * FROM users WHERE username = '$_SESSION[username]'"));

if($checker['firsttime'] == "") {
header('location: miniprofile.php?firstime=yes');
die();
} elseif($_SESSION[level] == "banned") {
header('location: minilogin.php?banned=true');
} else {
header('location: minilogin.php?inside=yes');
die();
}
}
else {
session_destroy();
header('location: minilogin.php?error=1');
die();
}



}
?>
<?
if(isset($_SESSION['username']) && isset($_SESSION['password']) && isset($_SESSION['level'])) {
header('location: miniprofile.php');
die();
}
?>

<link href="../default.css" rel="stylesheet" type="text/css" />

<center>
<form method="post" action="?method=login">
<br>Username:<br />
<input name="username" type="text" id="username" onChange="check(this.value)" /><div id="results"></div>

<br />
Password:<br />
<label>
<input name="password" type="password" id="password" />
</label>
<br />
<br />
<label>
<input type="submit" name="Submit" value="Login" />
</label>
</form>



<?php
if($_GET['error'] == "1") {
echo(" </div>
<div id=\"error\">");
echo("<font color='#FF0000'><b>Error:</b> Invalid username and/or password<br>");
echo(" <br></div>");
}
elseif($_GET['error'] == "2") {
echo(" </div>
<div id=\"error\">");
echo("<font color='#FF0000'><b>Error:</b> You must fill in both fields<br>");
echo(" <br></div>");
}
elseif($_GET['banned'] == "true") {
echo(" </div>
<div id=\"error\">");
echo("<font color='#FF0000'><b>Error:</b> Your account is disabled or banned!<br>");
echo(" <br></div>");
}
else {
echo(" <br></div>");
}
?>
<a href="register.php" target="home">Register</a><br>
<a href="retreivepass.php" target="home">Forgot your password?</a>

</body>

</html>

[:Lively]

no doesn't work