Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Page 1 of 2 12 LastLast
Results 1 to 15 of 23

Thread: Login

  1. #1
    New Coder
    Join Date
    Oct 2009
    Posts
    78
    Thanks
    1
    Thanked 2 Times in 2 Posts

    Login

    Hey there,

    i spend half the day with writing a login script and i still dont got it the way i want it. The problem here is that i get a blank page whenever i login with a valid account or invalid account information.

    PHP Code:
    <?php
    include('/mnt/web1/10/10/52175010/htdocs/XProject/funcs.php');
    $funcs = new funcs();

    if(isset(
    $_POST['submit']))
    {
    $account $funcs->protect($_POST['account']);
    $password $funcs->protect($_POST['password']);
    $key $funcs->protect($_POST['key']);

    $connection mysql_connect(funcs::mysql_hostfuncs::mysql_userfuncs::mysql_password);

     if (!
    $connection) {
        print(
    'Could not connect: ' mysql_error());
        print(
    '<br/>');
        print(
    '<br/>');
        
    $funcs->MYSQLerror_msg("There seems to be an error in MYSQL.");
     }
     
    mysql_select_db(funcs::mysql_database);
    $query sprintf("SELECT * FROM ACCOUNTS WHERE Account=".$account.",Password=".$password.",Key=".$key."");


    while(
    $result mysql_query($query)){
     if(
    mysql_num_rows($result)>0) {
      
       
    session_start();
       
    $_SESSION['account'] = $account;
       
    $_SESSION['password'] = $password;
       
    $_SESSION['key'] = $key;
       print(
    'SUccesfully logged in to account!');

       
     }


    }



    }

    else{

    exit(
    'Please submit the form first!');


    }
    ?>
    Basicaly what i want to do is check for the rowcount, if it is greater than 1 in table ACCOUNTS proceed and assign the variables to $_SESSION.

  • #2
    Codeasaurus Rex
    Join Date
    Jun 2008
    Location
    Redmond, WA
    Posts
    659
    Thanks
    31
    Thanked 100 Times in 94 Posts
    That's because you're switching up your variables a bit:

    PHP Code:
    <?php

    while($result mysql_query($query)){
     if(
    mysql_num_rows($query)>0) {  // <--- Use $query, not $result
      
       
    session_start();
       
    $_SESSION['account'] = $account;
       
    $_SESSION['password'] = $password;
       
    $_SESSION['key'] = $key;
       print(
    'SUccesfully logged in to account!');

       
     }


    }

    ?>
    Having said that this method will still not show anything if you've entered wrong account information. In addition the loop will continue to run after the account is found which is inefficient. I propose you go this route:

    PHP Code:
    <?php

    while( $row mysql_fetch_array$query ) ){  // <-- You need to use mysql_fetch_array to assign your variables. Yours wouldn't work

         
    $account $row['Account'];
         
    $password $row['Password'];
         
    $key $row['Key'];

    }

    // <-- We don't need the loop anymore
    if( mysql_num_rows$query ) > ){  // <-- Make our variable change

         
    session_start();
         
    $_SESSION['account'] = $account;
         
    $_SESSION['password'] = $password;
         
    $_SESSION['key'] = $key;

         die( 
    "Successfully logged in to account!" ); //<-- Die stops the script entirely
       
    }else{ // <-- In the else statement it means we found no valid accounts

         
    die( "Invalid account information" ); // <-- Print a statement saying their info is invalid

    }

    ?>
    Hope this helps!
    Last edited by ShaneC; 10-11-2009 at 05:49 PM.
    Unless otherwise stated, any code posted is most likely untested and may contain syntax errors.
    My posts, comments, code, and suggestions reflect only my personal views.
    Web Portfolio and Code Snippets: http://shanechism.com

  • #3
    Supreme Master coder! abduraooft's Avatar
    Join Date
    Mar 2007
    Location
    N/A
    Posts
    14,863
    Thanks
    160
    Thanked 2,224 Times in 2,211 Posts
    Change
    PHP Code:
    while($result mysql_query($query)){
     if(
    mysql_num_rows($result)>0) {
      
       
    session_start();
       
    $_SESSION['account'] = $account;
       
    $_SESSION['password'] = $password;
       
    $_SESSION['key'] = $key;
       print(
    'SUccesfully logged in to account!');

       
     }

    to
    PHP Code:
    $result mysql_query($query) or die(mysql_error());

     if(
    mysql_num_rows($result)>0) {
      
    $row=mysql_fetch_array($result);
       
    session_start();
       
    $_SESSION['account'] = $row['Account'];
       
    //$_SESSION['password'] = $password; why using this line?
       
    $_SESSION['key'] = $row['key']; // not sure about the purpose.
       
    print('Succesfully logged in to account!');

       
     } 
    http://www.codingforums.com/showpost...0&postcount=13 may help you to debug.
    The Dream is not what you see in sleep; Dream is the thing which doesn't let you sleep. --(Dr. APJ. Abdul Kalam)

  • #4
    New Coder
    Join Date
    Oct 2009
    Posts
    78
    Thanks
    1
    Thanked 2 Times in 2 Posts
    thanks, this gives me an query syntax error and:
    PHP Code:
    Warningmysql_fetch_array(): supplied argument is not a valid MySQL result resource on line 23

    Warning
    mysql_num_rows(): supplied argument is not a valid MySQL result resource on line 32
    Invalid account information 
    PHP Code:
    <?php
    include('/mnt/web1/10/10/52175010/htdocs/XProject/funcs.php');
    $funcs = new funcs();

    if(isset(
    $_POST['submit']))
    {
    $account $funcs->protect($_POST['account']);
    $password $funcs->protect($_POST['password']);
    $key $funcs->protect($_POST['key']);

    $connection mysql_connect(funcs::mysql_hostfuncs::mysql_userfuncs::mysql_password);

     if (!
    $connection) {
        print(
    'Could not connect: ' mysql_error());
        print(
    '<br/>');
        print(
    '<br/>');
        
    $funcs->MYSQLerror_msg("There seems to be an error in MYSQL.");
     }
     
    mysql_select_db(funcs::mysql_database);
    $query sprintf("SELECT * FROM ACCOUNTS WHERE Account='$account',Password='$password',Key='$key'");
    $result mysql_query($query) or die(mysql_error());
    while( 
    $row mysql_fetch_array$query ) ){ 

         
    $account $row['Account'];
         
    $password $row['Password'];
         
    $key $row['Key'];

    }


    if( 
    mysql_num_rows$query ) > ){  

         
    session_start();
         
    $_SESSION['account'] = $account;
         
    $_SESSION['password'] = $password;
         
    $_SESSION['key'] = $key;

         die( 
    "Successfully logged in to account!" );
       
    }else{ 

         die( 
    "Invalid account information" );

    }



    }

    else{

    exit(
    'Please submit the form first!');


    }
    ?>

  • #5
    met
    met is offline
    Regular Coder
    Join Date
    Oct 2009
    Location
    United Kingdom
    Posts
    728
    Thanks
    4
    Thanked 119 Times in 119 Posts
    implies an invalid query

    what is sprintf() for on the query?


    sprintf

    sprintf — Return a formatted string

    seems redundant?


    PHP Code:
    mysql_select_db(funcs::mysql_database);
    /* */
    $query "SELECT * FROM ACCOUNTS WHERE Account='$account',Password='$password',Key='$key'";

    $result mysql_query($query) or die(mysql_error());

    /* and watch the variables ag ain. $result contains the recordset, not query. */

    while( $row mysql_fetch_array$result) ){ 

  • #6
    New Coder
    Join Date
    Oct 2009
    Posts
    78
    Thanks
    1
    Thanked 2 Times in 2 Posts
    Thanks my bad, &

    PHP Code:
    u have an error in your SQL syntaxcheck the manual that corresponds to your MySQL server version for the right syntax to use near 'Password='',Key=''' at line 1 
    after removing the sprintf, sorry but i dont know whats wrong.

  • #7
    met
    met is offline
    Regular Coder
    Join Date
    Oct 2009
    Location
    United Kingdom
    Posts
    728
    Thanks
    4
    Thanked 119 Times in 119 Posts
    PHP Code:
    $query "SELECT * FROM ACCOUNTS WHERE Account='$account',Password='$password',Key='$key'"
    didn't really read the query earlier, wrong sql syntax:

    PHP Code:
    $query "SELECT * FROM ACCOUNTS WHERE Account='$account' AND Password='$password' AND Key='$key'"

  • #8
    New Coder
    Join Date
    Oct 2009
    Posts
    78
    Thanks
    1
    Thanked 2 Times in 2 Posts
    Damn im so stupid ofcourse its *AND* thank you!

    edit: same error

  • #9
    met
    met is offline
    Regular Coder
    Join Date
    Oct 2009
    Location
    United Kingdom
    Posts
    728
    Thanks
    4
    Thanked 119 Times in 119 Posts
    do this

    PHP Code:
    $query "SELECT * FROM ACCOUNTS WHERE Account='$account' AND Password='$password' AND Key='$key'";  
    echo  
    '<p>The query being run is: ' $query '</p>'
    post results

  • #10
    New Coder
    Join Date
    Oct 2009
    Posts
    78
    Thanks
    1
    Thanked 2 Times in 2 Posts
    Code:
    The query being run is: SELECT * FROM ACCOUNTS WHERE Account='' AND Password='' AND Key=''
    
    You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Key=''' at line 1
    Wtf it doesnt get the post variables,my login form:

    login_form.php
    PHP Code:
    <form action="../XProject/pages/login_process.php" method="post">
    Account: <input type="text" name="account" /><br />
    Password: <input type="text" name="password" /><br />
    Security Key: <input type="text" name="key" /><br />
    <
    input type="submit" name="submit" value="Login" />
    </
    form
    edit:
    Code:
    $funcs->protect
    was messing it up lol

  • #11
    New Coder
    Join Date
    Oct 2009
    Posts
    78
    Thanks
    1
    Thanked 2 Times in 2 Posts
    Code:
    The query being run is: SELECT * FROM ACCOUNTS WHERE Account='ada' AND Password='ad' AND Key='ww'
    
    You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'Key='ww'' at line 1
    same thing, protect is removed now though:S

  • #12
    met
    met is offline
    Regular Coder
    Join Date
    Oct 2009
    Location
    United Kingdom
    Posts
    728
    Thanks
    4
    Thanked 119 Times in 119 Posts
    try

    PHP Code:
    $query "SELECT * FROM ACCOUNTS WHERE `Account` ='$account' AND `Password` ='$password' AND `Key`='$key'"
    and i'd also hazard a guess that Password or Key are reserved sql words. which is causing your problem

    edit:

    confirmed, Key is a reserved word. Try renaming it

    double edit: wrapping `key` in ` fixes it
    Last edited by met; 10-11-2009 at 08:07 PM.

  • #13
    New Coder
    Join Date
    Oct 2009
    Posts
    78
    Thanks
    1
    Thanked 2 Times in 2 Posts
    thanks it works, now when the login is succesfull i get:

    Code:
    Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /mnt/web1/10/10/52175010/htdocs/XProject/pages/login_process.php:33) in /mnt/web1/10/10/52175010/htdocs/XProject/pages/login_process.php on line 34
    
    Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /mnt/web1/10/10/52175010/htdocs/XProject/pages/login_process.php:33) in /mnt/web1/10/10/52175010/htdocs/XProject/pages/login_process.php on line 34
    i always get this error in any php script i ever coded.
    unset_session doesnt work.

    PHP Code:
    <?php
    include('/mnt/web1/10/10/52175010/htdocs/XProject/funcs.php');
    $funcs = new funcs();

    if(isset(
    $_POST['submit']))
    {
    $account htmlentities($_POST['account'],ENT_QUOTES);
    $password htmlentities($_POST['password'],ENT_QUOTES);
    $key htmlentities($_POST['key'],ENT_QUOTES);

    $connection mysql_connect(funcs::mysql_hostfuncs::mysql_userfuncs::mysql_password);

     if (!
    $connection) {
        print(
    'Could not connect: ' mysql_error());
        print(
    '<br/>');
        print(
    '<br/>');
        
    $funcs->MYSQLerror_msg("There seems to be an error in MYSQL.");
     }
     
    mysql_select_db(funcs::mysql_database);
    $query "SELECT * FROM ACCOUNTS WHERE `Account` ='$account' AND `Password` ='$password' AND `Key`='$key'";
    $result mysql_query($query) or die(mysql_error());
    while( 
    $row mysql_fetch_array$result ) ){ 

         
    $account $row['Account'];
         
    $password $row['Password'];
         
    $key $row['Key'];

    }


    if( 
    mysql_num_rows$result ) > ){  
         
    session_save_path("../XProject/temp/");
         
    session_start();
         
    $_SESSION['account'] = $account;
         
    $_SESSION['password'] = $password;
         
    $_SESSION['key'] = $key;

        print( 
    "<center>Successfully logged in to account!<br>" );
        die(
    'Continue to <a href="../XProject/index.php?x=main"><strong>XProject</strong></a></center>');
       
    }else{ 

         die( 
    "Invalid account information" );

    }



    }

    else{

    exit(
    'Please submit the form first!');


    }
    ?>
    also the
    PHP Code:
     die('Continue to <a href="../XProject/index.php?x=main"><strong>XProject</strong></a></center>'); 
    leads to:
    PHP Code:
    ?x=main&[B]PHPSESSID=vcrk7qu5dinnncjk77cgf2gv16[/B
    whats with the PHPSESSID i didnt put that in the a href.

  • #14
    met
    met is offline
    Regular Coder
    Join Date
    Oct 2009
    Location
    United Kingdom
    Posts
    728
    Thanks
    4
    Thanked 119 Times in 119 Posts
    session_start needs to go at the *very* top of the page
    PHP Code:
    <?php
    session_start
    ();
    // everything else

  • #15
    New Coder
    Join Date
    Oct 2009
    Posts
    78
    Thanks
    1
    Thanked 2 Times in 2 Posts
    with that done i still get an session error.


  •  
    Page 1 of 2 12 LastLast

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •