SitePoint Sponsor

User Tag List

Results 1 to 6 of 6

Hybrid View

  1. #1
    SitePoint Wizard
    Join Date
    Oct 2005
    Location
    London
    Posts
    1,678
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    why wont my login script work

    hi,

    im having this problem. Ive been running a system locally on my machine for a while now whilst ive been developin it. I has a login script. Im just starting to put the system live and im having problems. I think the problem may come from the fact that my local setup is php 4.3 with mysql 3 and my live system is php 5 with mysql 5 but i dont see why!

    Heres my login script:

    PHP Code:
    <?php 

    if (isset($_POST['submit'])) { // Handle the form.

        
    require_once ('mysql_connect.php'); // Connect to the db.
            
        // Create a function for escaping the data.
        
    function escape_data ($data) {
            global 
    $dbc// Need the connection.
            
    if (ini_get('magic_quotes_gpc')) {
                
    $data stripslashes($data);
            }
            return 
    mysql_real_escape_string($data$dbc);
        } 
    // End of function.

        
    $message NULL// Create an empty new variable.
        
        // Check for a username.
        
    if (empty($_POST['username'])) {
            
    $u FALSE;
            
    $message .= '<p class="error">You forgot to enter your username!</p>';
        } else {
            
    $u escape_data($_POST['username']);
        }
        
        
    // Check for a password.
        
    if (empty($_POST['password'])) {
            
    $p FALSE;
            
    $message .= '<p class="error">You forgot to enter your password!</p>';
        } else {
            
    $p escape_data($_POST['password']);
        }
        
        if (
    $u && $p) { // If everything's OK.
        
        
    echo $u;
        echo 
    $p;

            
    // Retrieve the user_id and first_name for that username/password combination.
            
    $query "SELECT user_id, first_name FROM users_home WHERE username='$u' AND password=PASSWORD('$p')";        
            
    $result = @mysql_query ($query); // Run the query.
            
    $row mysql_fetch_array ($result); // Return a record, if applicable.


            
    if ($row) { // A record was pulled from the database.
        
            
                    
                    // Start the session
                     
                    
    session_start();
                     
    $_SESSION['user_id'] = $row['user_id'];
                     
    $_SESSION['first_name'] = $row['first_name'];
                     
    $_SESSION['timestamp'] = time();
                
        require_once (
    'mysql_connect.php'); // Connect to the db.
    $sql = ('SELECT timestamp FROM userlog WHERE user_id = ' .$_SESSION['user_id']. ' ORDER BY timestamp DESC LIMIT 1,1');
    $query mysql_query($sql);


        
    $_SESSION['lastlogin'] = $row['timestamp'];
        






    $sql = ('INSERT INTO userlog (userlog_id, user_id, timestamp) VALUES (NULL, '.$_SESSION['user_id'].', '.$_SESSION['timestamp'].'');
    $query mysql_query($sql);

        
    header ("Location:  http://" $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/home.php");
                    




                    
            } else { 
    // No record matched the query.
                
    $message '<p class="error">Im sorry, do we know you?</p>'
            }
            
            
    mysql_close(); // Close the database connection.

        
    } else {
            
    $message .= '<p class="error">Please try again.</p>';        
        }

         

    // End of the main Submit conditional.

    // Set the page title and include the HTML header.
    $page_title 'Login';


    // Print the error message if there is one.
    if (isset($message)) {
        echo 
    '<font color="red">'$message'</font>';
    }
    ?>
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html>
            <head>
            <meta http-equiv="content-type" content="text/html; charset=windows-1250">
             <title>BOUDAKI-LOGIN</title>
                <style type="text/css">
                * {font-family: "Courier New", Courier, mono; font-size: 100%; color: #000000 ; margin: 0; font-weight: bold;}

                

                input { border: 3px solid #000;
                margin: 7px 0 7px 0;
                padding: 2px;
                }

                input.submit { background-color: #fff;
                }

                #container { margin: 100px auto;
                width: 200px;
                text-align: left;
                
                
                }

                p.error { margin: 30px 0 0 20px;
                }
                #container img { margin: 0 0 15px 45px;
                }

                form { margin-left: 0px;
                
                            
                    

                </style>
            </head>
            <body>
            
    <div id="container">

    <img src="images/face.gif" />
    <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
    <p>Username</p><p><input type="text" class="text" name="username" size="20" maxlength="20" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" /></p>
    <p>Password</p><p><input type="password" class="text" name="password" size="20" maxlength="20" /></p>
     <input type="submit" class="submit" name="submit" value="Login" />
    </div>

    </fieldset></form>
    </body>
    </html><!-- End of Form -->
    Now ive manually input users details in to my db using php my admin with the following query:

    INSERT INTO users_home
    PHP Code:
    (user_id,username,first_name,last_name,email,password,registration_dateVALUES ('user_01''james''smith''ames@gmail.com'PASSWORD('12345'), NOW() ) 
    now when i try to login using the correct login username and password i get a
    Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /websites/path_to_site/index.php on line 42 (
    which is the mysql_fetch_array line. When the query is run in phpmyadmin i also dont get any results although the record is def there....

    I thought it may be something to do with the PASSWORD field. Its set to VARCHAR(41) which is right as far as i know and when i check the db the password is encrypted correctly....so when i did this query to narrow it down a bit:

    PHP Code:
    SELECT user_idfirst_name FROM users_home WHERE username='$u' 
    i still didnt get any rows back.

    Could anyone think of anything it might be? Im just all out of ideas?
    Last edited by elduderino; Apr 29, 2007 at 02:28.

  2. #2
    Follow Me On Twitter: @djg gold trophysilver trophybronze trophy Dan Grossman's Avatar
    Join Date
    Aug 2000
    Location
    Philadephia, PA
    Posts
    20,578
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    That error generally means there was a syntax error in your SQL statement that caused it to not execute, so the result resource from it you passed to mysql_fetch_array() isn't valid.

    Echo out the SQL statement you tried to run before line 42 and see what's wrong with it yourself.

  3. #3
    SitePoint Member
    Join Date
    Oct 2006
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I like echoing mysql_error() , which tells you whats wrong with the query.

  4. #4
    SitePoint Wizard
    Join Date
    Oct 2005
    Location
    London
    Posts
    1,678
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    hi there,

    thanks for the quick replies! what do you mean by echo the sql statement/echo mysql_error? Ive run it in phpmyadmin and it doesnt work but i cant see anything wrong with the query

  5. #5
    SitePoint Member
    Join Date
    Oct 2006
    Posts
    20
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Put it in the php, the easiest way is to just use it under your query.

    PHP Code:
    echo mysql_error(); 

  6. #6
    SitePoint Wizard
    Join Date
    Oct 2005
    Location
    London
    Posts
    1,678
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    yeah! I did that and i got no database selected......i have a seperate connection script which i then include everytime i need a connection. It seems i had an extra space at in my database name......dont know how it got in there

    thanks for your help !


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •