Thanx for the quick Response, however as I put those two commands something else stops working. I will copy and paste my original login.php file, if possible just point me whr do u want me to put those commands:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<?php
// set your infomation.
$dbhost='****';
$dbusername='****';
$dbuserpass='****';
$dbname='****';
// Connects to your Database
mysql_connect($dbhost,$dbusername,$dbuserpass) or die(mysql_error());
mysql_select_db($dbname) or die(mysql_error());
//Checks if there is a login cookie
if(isset($_COOKIE['ID_my_site'])) {
//if there is, it logs you in and directes you to the members page
$username = $_COOKIE['ID_my_site'];
$pass = $_COOKIE['Key_my_site'];
$check = mysql_query("SELECT * FROM USERS WHERE username = '$username'") or die(mysql_error());
while($info = mysql_fetch_array( $check )) {
if ($pass != $info['password']) {}
else {
header("Location: members.php");
}
}
}
//if the login form is submitted
if (isset($_POST['submit'])) {
// if form has been submitted, makes sure they filled it in
if(!$_POST['username'] | !$_POST['pass']) {
die('You did not fill in a required field.');
}
// checks it against the database
if (!get_magic_quotes_gpc()) {
$_POST['email'] = addslashes($_POST['email']);
}
$check = mysql_query("SELECT * FROM USERS WHERE username = '".$_POST['username']."'") or die(mysql_error());
//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0) {
die('That user does not exist in our database.<a href=index.php>Click Here to Register</a>');
}
session_start();
if(($_SESSION['security_code'] == $_POST['security_code']) && (!empty($_SESSION['security_code'])) ) {
// Insert you code for processing the form here, e.g emailing the submission, entering it into a database.
unset($_SESSION['security_code']);
} else {
// Insert your code for showing an error message here
die("Wrong Code");
}
while($info = mysql_fetch_array( $check )) {
$_POST['pass'] = stripslashes($_POST['pass']);
$info['password'] = stripslashes($info['password']);
$_POST['pass'] = md5($_POST['pass']);
//gives error if the password is wrong
if ($_POST['pass'] != $info['password']) {
die('Incorrect password, please try again.');
}
else {
// if login is ok then we add a cookie
$_POST['username'] = stripslashes($_POST['username']);
$hour = time() + 3600;
setcookie(ID_my_site, $_POST['username'], $hour);
setcookie(Key_my_site, $_POST['pass'], $hour);
//then redirect them to the members area
header("Location: members.php");
}
}
}
else {
// if they are not logged in
?>
<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">
<table border="0">
<tr><td colspan=2><h1>Login</h1></td></tr>
<tr><td>Username:</td><td>
<input type="text" name="username" maxlength="60">
</td></tr>
<tr><td>Password:</td><td>
<input type="password" name="pass" maxlength="10">
</td></tr>
<tr><td>Enter Code:</td><td>
<input type="text" name="security_code" id="security_code" maxlength="10">
</td></tr>
<tr><td colspan="2" align="left">
<img src="CaptchaSecurityImages.php?width=100&height=30&characters=5" alt="captcha">
</td></tr>
<tr><td colspan="2" align="right">
<input type="submit" name="submit" value="Login">
</td></tr>
<tr><td colspan="2" align="left">
<a href=registration.php> New User Sign in Here </a>
</td></tr>
</table>
</form>
<?php
}
?>
More specifically Captcha image is not being generated after enetering the ob_start() and ob_flush command.
Kindly have a look at the code and lemme know....
Thanx in advance