I am trying a to make a user log in with session. The tutorial I am trying is from youtube PHP Tutorials: Register & Login: User login (Part 2) - YouTube on line 61 i am getting this warning
Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\wamp\www\Dome\validateUser.php on line 61
Any ideas why or better options to learn from?
<?php
$conn = mysql_connect("localhost","root","");
if (!$conn)
{
die('Could not connect: ' . mysql_error());
}
$db_selected = mysql_select_db('timelog', $conn);
if (!$db_selected) {
die ('Can\\'t select database : ' . mysql_error());
}
$username = $_POST['name']; //user name entered by the user in in the login form
$password = $_POST['password']; //password entered in the login form.
if ($username && $password)
{
include 'includes/dbconfigadmin.php';
$query = mysql_query("SELECT * FROM admins WHERE username='$username'");
$numrows = mysql_num_rows($query); //line 61
echo $numrows;
}
else
die("Please enter a username and password!");
?>
Sorry for asking so many question over and over again I just never fully grasp anything untill I see it work. I confused now because everything worked once then after making logout.php and clicking the link and trying to log in again nothing is not working After all my small adjustment im still getting
Admin log in Validation
array(0) { }
You are not an authorised user
I thought it may have been caused by the
var_dump($_SESSION);
in validateUser.php but nothing changed after removing it.
As I posted in the link I posted earlier, at the top of every page you need to check for the existence of $_SESSION[‘legitUser’] after session_start(). There is demo code in the link I posted.
I posted how to display a welcome message in post 6.
Thanks again space will you take a quick look over both pages and make sure all is well and I dont have any worthless code, and all is some what secure.
validateUser.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta name="description" content="" />
<meta name="keywords" content="" />
<meta name="author" content="" />
<title></title>
</head>
<body style="margin: 0px; padding: 0px; font-family: 'Trebuchet MS',verdana;">
<table width="100%" style="height: 100%;" cellpadding="10" cellspacing="0" border="0">
<tr>
<!-- ============ HEADER SECTION ============== -->
<td colspan="2" style="height: 100px;" bgcolor="#777d6a"><h1></h1></td></tr>
<tr>
<!-- ============ LEFT COLUMN (MENU) ============== -->
<td width="20%" valign="top" bgcolor="#999f8e">
<?php include('nav.php'); ?>
</td>
<!-- ============ RIGHT COLUMN (CONTENT) ============== -->
<td width="80%" valign="top" bgcolor="#d2d8c7">
<h2>Admin log in Validation</h2>
<?PHP
session_start();
$username = $_POST['name'];
$password = $_POST['password'];
//check that the user is calling the page from the login form and not accessing it directly
//and redirect back to the login form if necessary
if (!isset($username) || !isset($password)) {
header( "Location: adminlogin.php" );
}
//check that the form fields are not empty, and redirect back to the login page if they are
elseif (empty($username) || empty($password)) {
header( "adminlogin.php" );
}
else{
//convert the field values to simple variables
//add slashes to the username and md5() the password
$user = addslashes($username);
$pass = md5($password);
//set the database connection variables
include 'includes/dbconfigadmin.php';
$query = mysql_query("SELECT * FROM admins where name='$username' AND password='$password'");
//check that at least one row was returned
$rowCheck = mysql_num_rows( $query );
if($rowCheck == 1){
while($row = mysql_fetch_array($query)){
//start the session and register a variable
$legitUser = 'qwerty';
var_dump($_SESSION);
if(!isset($_SESSION['legitUser']) || $_SESSION['legitUser'] != 'qwerty') {
echo '<h1>You are not an authorised user</h1>';
//maybe redirect to login page
die();
}
//we will redirect the user to another page where we will make sure they're logged in
header( "Location: admin.php" );
}
}
else {
//if nothing is returned by the query, unsuccessful login code goes here...
echo 'Incorrect login name or password. Please try again.';
}
}
?>
</td></tr>
<!-- ============ FOOTER SECTION ============== -->
<tr><td colspan="2" align="center" height="20" bgcolor="#777d6a"><?php include "includes/footer.php" ?></td></tr>
</table>
</body>
</html>
admin.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<meta name="description" content="" />
<meta name="keywords" content="" />
<meta name="author" content="" />
<title></title>
</head>
<body style="margin: 0px; padding: 0px; font-family: 'Trebuchet MS',verdana;">
<table width="100%" style="height: 100%;" cellpadding="10" cellspacing="0" border="0">
<tr>
<!-- ============ HEADER SECTION ============== -->
<td colspan="2" style="height: 100px;" bgcolor="#777d6a"><h1></h1></td></tr>
<tr>
<!-- ============ LEFT COLUMN (MENU) ============== -->
<td width="20%" valign="top" bgcolor="#999f8e">
<?php include('nav.php'); ?>
</td>
<!-- ============ RIGHT COLUMN (CONTENT) ============== -->
<td width="80%" valign="top" bgcolor="#d2d8c7">
<?php
session_start();
// Connects to your Database
include 'includes/dbconfig.php';
//start the session
//check to make sure the session variable is registered
if(!isset($_SESSION['username'])){
header( "Location: adminlogin.php" ); }
else {
//the session variable is registered, the user is allowed to see anything that follows
echo '<h3>Admin - Logged in as '.$_SESSION['username'].' </h3>';
$result = mysql_query("SELECT * FROM log");
while ($row=mysql_fetch_array($result)) {
date_default_timezone_set ("America/Denver"); $time = date( "Y-m-d H:i:s", time());
echo '<table width="700">
<tr>
<td>Name</td>
<td>PIN</td>
<td>Adults</td>
<td>Kids</td>
<td>Time In</td>
<td>Current Time</td>
</tr>
<tr>
<td>',$row['name'],'</td>
<td>',$row['pin'],'</td>
<td>',$row['adults'],'</td>
<td>',$row['kids'],'</td>
<td>',$row['time_in'],'</td>
<td>',$time,'</td>
</tr>
</table>';
};
}
?>
</td></tr>
<!-- ============ FOOTER SECTION ============== -->
<tr><td colspan="2" align="center" height="20" bgcolor="#777d6a"><?php include "includes/footer.php" ?></td></tr>
</table>
</body>
</html>
Thanks space and webdev I am now passed validateUser.php and am being passed to admin.php. This is my admin.php
<?php
session_start();
// Connects to your Database
include 'includes/dbconfig.php';
//start the session
//check to make sure the session variable is registered
if(session_is_registered('username')){
//the session variable is registered, the user is allowed to see anything that follows
echo 'Welcome, you are still logged in.';
$result = mysql_query("SELECT * FROM log");
while ($row=mysql_fetch_array($result)) {
date_default_timezone_set ("America/Denver"); $time = date( "Y-m-d H:i:s", time());
echo '<table width="700">
<tr>
<td>Name</td>
<td>PIN</td>
<td>Adults</td>
<td>Kids</td>
<td>Time In</td>
<td>Current Time</td>
</tr>
<tr>
<td>',$row['name'],'</td>
<td>',$row['pin'],'</td>
<td>',$row['adults'],'</td>
<td>',$row['kids'],'</td>
<td>',$row['time_in'],'</td>
<td>',$time,'</td>
</tr>
</table>';
};
}
else{
//the session variable isn't registered, send them back to the login page
header( "Location: adminlogin.php" );
}
?>
how would i fix
Deprecated: Function session_is_registered() is deprecated in C:\wamp\www\Dome\admin.php on line 49
the in this file? The same as validateUser.php?
And one more time how do i create the$_SESSION[‘username’] to call the person logged in? Would it be done in validateuser.php and then passed to admin.php or created in admin.php and called in admin.php
I am very new to programming this is what I have now and am still not getting any where.
<?PHP
$username = $_POST['name'];
$password = $_POST['password'];
//check that the user is calling the page from the login form and not accessing it directly
//and redirect back to the login form if necessary
if (!isset($username) || !isset($password)) {
header( "Location: adminlogin.php" );
}
//check that the form fields are not empty, and redirect back to the login page if they are
elseif (empty($username) || empty($password)) {
header( "adminlogin.php" );
}
else{
//convert the field values to simple variables
//add slashes to the username and md5() the password
$user = addslashes($username);
$pass = md5($password);
//set the database connection variables
include 'includes/dbconfigadmin.php';
$query = mysql_query("SELECT * FROM admins where name='$username' AND password='$password'");
//check that at least one row was returned
$rowCheck = mysql_num_rows( $query );
if($rowCheck == 1){
while($row = mysql_fetch_array($query)){
//start the session and register a variable
session_start();
if(!isset($_SESSION['$legitUser']) || $_SESSION['$legitUser'] != 'qwerty') {
echo '<h1>You are not an authorised user</h1>';
//maybe redirect to login page
die();
}
//we will redirect the user to another page where we will make sure they're logged in
header( "Location: admin.php" );
}
}
else {
//if nothing is returned by the query, unsuccessful login code goes here...
echo 'Incorrect login name or password. Please try again.';
}
}
?>
it is giving the unauthorized user error when everthing is right and “Incorrect login name or password. Please try again.” when the password is wrong. Can you please show using the code I posted. I think I’m still trying two different ways at once.
The call to session_start() should be at the top right after the <?php
Just before you use the isset on the session array, do:
var_dump($_SESSION);
Do you see:
array(0) { }
If you do then you don’t have any session data stored.
Where you have the comment line:
//start the session and register a variable
Is that the actual content there or are you setting the session data there, if your not adding anything to the $_SESSION array there then the isset will always fail as there is nothing ever set for the part of the array it’s checking.
And it works fine. However it is saying
Deprecated: Function session_is_registered() is deprecated in C:\wamp\www\Dome\admin.php on line 48
Welcome, you are still logged in.
And how do I call on the name that is logged in? Like welcome “username”!
The issue with deprecated session_is_registered() came up yesterday in this thread. The login validation code I posted there should help you.
To display a welcome message to the user, in validateUser.php (see code in above link) when you create the session variable to signify a correct username/password has been entered, create another session variable containing the user’s username. Then when you want to display the welcome message, add something like this
You’ve got demo code on how to build a basic log in system earlier in the thread. To debug your code, you just have to step through it and use echo statements at various points to check values of variables until you find the source of your problem.
I don’t have time to step through your code for you. Use the demo code in this thread as a guide for the code logic you need.
<?PHP
$username = $_POST['name'];
$password = $_POST['password'];
//check that the user is calling the page from the login form and not accessing it directly
//and redirect back to the login form if necessary
if (!isset($username) || !isset($password)) {
header( "Location: adminlogin.php" );
}
//check that the form fields are not empty, and redirect back to the login page if they are
elseif (empty($username) || empty($password)) {
header( "adminlogin.php" );
}
else{
//convert the field values to simple variables
//add slashes to the username and md5() the password
$user = addslashes($username);
$pass = md5($password);
//set the database connection variables
$conn = mysql_connect("localhost","root","");
if (!$conn)
{
die('Could not connect: ' . mysql_error());
}
$db_selected = mysql_select_db('timelog', $conn);
if (!$db_selected) {
die ('Can\\'t select database : ' . mysql_error());
}
$query = mysql_query("SELECT * FROM admins where username='$user' AND password='$pass', $db_selected");
//check that at least one row was returned
$rowCheck = mysql_num_rows( $query ); //line 78
if($rowCheck > 0){
while($row = mysql_fetch_array($query)){
//start the session and register a variable
session_start();
session_register('username');
//successful login code will go here...
echo 'Success!';
//we will redirect the user to another page where we will make sure they're logged in
header( "Location: admin.php" );
}
}
else {
//if nothing is returned by the query, unsuccessful login code goes here...
echo 'Incorrect login name or password. Please try again.';
}
}
?>
I am still getting
Warning: mysql_num_rows() expects parameter 1 to be resource, boolean given in C:\wamp\www\Dome\validateUser.php on line 78
Incorrect login name or password. Please try again.
PS I changed to a different tutorial so all the coding has changed but im still getting the error. I have never done a log in system before.
I have been messing with code on and off for 2 days now and not getting any where. All function seem to work except it is still not starting the session when the correct username and password is filled in I have tried assigning the variable’s for name and password hard coded in the file and echo the variables. All seems to be right. I gives all errors and exactly what it should other then starting the session and moving to the password protected pages. Like I said before it has worked once and after making the log out page it all stopped after that.
After all my small adjustment im still getting