We've had teh same setup for over 2 years that has been working flawlessly - 2 days ago it suddenly stopped working. Host has upgraded to PHP 5.2.5, but says 4 should still function fine. Their tech support has been unable to help. All I can think of is that some of the login code is no longer functioning with the new PHP, but I'm not familiar enough with the stuff to figure it out after much searching and reading.
When a user tries to log in, it just returns the "invalid email/password" message (
www.cathletics.com/subscribers/login.php).
auth.php is below. Any ideas or suggestions would be much appreciated. Thanks.
PHP Code:
<? session_start();
$this_page = getenv("REQUEST_URI"); // gets full file path (/whatever/whatever.php)
require("connect.php");
// convert email and password from _POST or _SESSION
if($_POST["email"])
{
$email=$_POST["email"];
$pass=$_POST["pass"];
}
elseif($_SESSION["email"])
{
$email=$_SESSION["email"];
$pass=$_SESSION["pass"];
}
// start and register session variables
$_SESSION['email'] = $email;
$_SESSION['pass'] = $pass;
// ATTEMPT TO VIEW PAGE NOT LOGGED IN
if($email=="" || $pass==""){
session_destroy();
require("http://www.cathletics.com/_inc/section1.inc");
?><title>Subscriber Login</title><?
require("http://www.cathletics.com/_inc/section2.inc");
?><img src="/images/ptitles/ptitle-subscriberLogin.gif"><br><?
require("http://www.cathletics.com/_inc/section3.inc");
?>
<table width="100%" cellpadding="20" cellspacing="0" border="0">
<tr>
<td>
<strong>You must log in to view this page.</strong>
<br><br><a href="javascript:launch_forgotpword();">(Did you forget your password?)</a>
<br><br><br>
</td>
<td ><? include("http://www.cathletics.com/_inc/login_form.inc"); ?></td>
</tr>
</table>
<?
require("http://www.cathletics.com/_inc/section4.inc");
exit;
}
else{
$result=mysql_query("SELECT * FROM subscribers WHERE email='" . $email . "' and password='" . $pass . "'");
$num=mysql_numrows($result);
// print login form and exit if failed.
if($num < 1){
session_destroy();
require("http://www.cathletics.com/_inc/section1.inc");
?><title>Subscriber Login</title><?
require("http://www.cathletics.com/_inc/section2.inc");
?><img src="/images/ptitles/ptitle-subscriberLogin.gif"><br><?
require("http://www.cathletics.com/_inc/section3.inc");
?>
<table width="100%" cellpadding="20" cellspacing="4" border="0">
<tr>
<td>
Invalid email / password. Please try again.
<br><br><a href="javascript:launch_forgotpword();">(Did you forget your password?)</a>
</td>
<td><? include("http://www.cathletics.com/_inc/login_form.inc"); ?></td>
</tr>
</table>
<?
require("http://www.cathletics.com/_inc/section4.inc");
exit;
}
else{
$query_memberinfo = "SELECT * FROM subscribers WHERE email='" . $email . "' and password='" . $pass . "'";
$result_memberinfo = mysql_query($query_memberinfo);
$authID = mysql_result($result_memberinfo,0,"subscriberID");
$authSubType = mysql_result($result_memberinfo,0,"subType");
$authName = mysql_result($result_memberinfo,0,"name");
$authFirst = explode(" ",$authName);
$authFirstName = $authFirst[0];
$authLastName = $authFirst[1];
$authEmail = mysql_result($result_memberinfo,0,"email");
$authPass = mysql_result($result_memberinfo,0,"password");
if($authSubType=='Subscriber'){
$authPhone = mysql_result($result_memberinfo,0,"phone");
$authAddress = mysql_result($result_memberinfo,0,"address");
$authCity = mysql_result($result_memberinfo,0,"city");
$authState = mysql_result($result_memberinfo,0,"state");
$authZip = mysql_result($result_memberinfo,0,"zip");
$authCountry = mysql_result($result_memberinfo,0,"country");
$authFirstIssue = mysql_result($result_memberinfo,0,"firstIssue");
$authLastIssue = mysql_result($result_memberinfo,0,"lastIssue");
$authSubDate = mysql_result($result_memberinfo,0,"subDate");
}
// LOG VISTS
mysql_query("INSERT INTO subscriberLogin VALUES ('', now(), '$authID')");
}
}
mysql_close();
?>
