je suis allex et je suis nouveau sur ce forum
je voudrais vous faire part d'un petit soucis que je rencontre l'hors de l'enregistrement de membres;
le code de securité ne s'affiche pas. Mais quand je fais un clic doit sur le petit carre avec une crois rouge
en faisant proprieté je vois le code: http://monsite.co.cc/bgimage.php?num=e97ee, le code est bien e97ee mais ne s'affiche pas sur la page - Est ce que quelqu'un peut m'aider svp?
je pense que c'est au niveau de :"turing code" Mais je ny connais pas grande chose a part bidouiller, je ne voudrais pas faire de betises Merci d'avance pour votre aide
Voici une portion de code de la page: signin.php
<?
session_start();
require 'include/connect.php';
$mode=$_POST[mode];
$user=$_POST['txtUsername'];
$pass=$_POST['txtPassword'];
$rand_no=$_SESSION[rand_no];
$turing_no=$_POST['code'];
$ip_address=$_SERVER['REMOTE_ADDR'];
$url=$_POST['url'];
$seccode=$_POST['seccode'];
$item_id=$_POST['item_id'];
if($mode=="check")
{
$url=$_GET['url'];
$item_id=$_GET['item_id'];
$sql="select user_name,password,last_login_date from user_registration where user_name='$user' ";
$result=mysql_query($sql);
$tot=mysql_num_rows($result);
if($tot==0)
{
$select_sql="select * from error_message where err_id =53";
$select_tab=mysql_query($select_sql);
$select_row=mysql_fetch_array($select_tab);
$msg=$select_row[err_msg];
// $msg="Invalid User Name" ;
}
else
{
$sql1="select user_name,password,user_id,last_login_date,ip_address from user_registration where user_name='$user' and password='$pass'";
$result1=mysql_query($sql1);
if(mysql_num_rows($result1)==0)
{
$select_sql="select * from error_message where err_id =52";
$select_tab=mysql_query($select_sql);
$select_row=mysql_fetch_array($select_tab);
$msg=$select_row[err_msg];
// $msg="Invalid Password";
}
else if($seccode!=$turing_no)
{
$select_sql="select * from error_message where err_id =85";
$select_tab=mysql_query($select_sql);
$select_row=mysql_fetch_array($select_tab);
$msg=$select_row[err_msg];
// $msg="please Enter Correct Turing Code";
}
else
{
$ip_block=$result1[ip_address];
$ip_sql="select * from blocked_ip where blocked_ip ='$ip_block'";
$ip_res=mysql_query($ip_sql);
$ip_rows=mysql_num_rows($ip_res);
if($ip_rows==0)
{
$sql2="select user_name,password,user_id,last_login_date from user_registration where user_name='$user' and password='$pass' and verified='yes' ";
$result2=mysql_query($sql2);
$chk=mysql_fetch_array($result2);
if (mysql_num_rows($result2) == 0)
{
$select_sql="select * from error_message where err_id =79";
$select_tab=mysql_query($select_sql);
$select_row=mysql_fetch_array($select_tab);
$msg=$select_row[err_msg];
// $msg="Your Account Not Verified";
}
else
{
$sql3="select * from user_registration where user_name='$user' and password='$pass' ";
$result3=mysql_query($sql3);
$chk1=mysql_fetch_array($result3);
$ip_address1=$chk1[ip_address];
$ip_address2=$_SERVER['REMOTE_ADDR'];
if (mysql_num_rows($result3)==0)
{
$msg="Invalid Username";
}
$date=date("Y-m-d");
$login=$chk['last_login_date'];
$log_up="update user_registration set onlinestatus='Online',last_login_date='$date' where user_id=".$chk[user_id];
$upsql=mysql_query($log_up);
if(isset($url))
{
$HTTP_SESSION_VARS[userid]=$chk[user_id];
$HTTP_SESSION_VARS[username]=$chk[user_name];
echo '<meta http-equiv="refresh" content="0;url='.$url.'?item_id='.$item_id.'">';
echo "<font size=+1 color=#003366>Loading....</font>";
exit();
}
else
{
$HTTP_SESSION_VARS[userid]=$chk[user_id];
$HTTP_SESSION_VARS[username]=$chk[user_name];
echo '<meta http-equiv="refresh" content="0;url=index.php?user_login='.$login.'">';
echo "<font size=+1 color=#003366>Loading....</font>";
exit();
}
} //else of if (mysql_num_rows($result2) == 0)
