Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    Regular Coder
    Join Date
    Jun 2008
    Posts
    682
    Thanks
    114
    Thanked 2 Times in 2 Posts

    Back From Scratch

    I lost a whole bunch of my script and have started to go back through and redo it all. I have this for my code but after submitting the login part I receive this:

    Code:
    Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/usr/local/mysql-5.0/data/mysql.sock' (2) in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 11
    
    Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 11
    
    Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/usr/local/mysql-5.0/data/mysql.sock' (2) in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 12
    
    Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 12
    
    Warning: mysql_query() [function.mysql-query]: Can't connect to local MySQL server through socket '/usr/local/mysql-5.0/data/mysql.sock' (2) in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 14
    
    Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 14
    Can't connect to local MySQL server through socket '/usr/local/mysql-5.0/data/mysql.sock' (2)
    PHP Code:
    <?php 

    require "backstageconfig.php";

    //if the login form is submitted
    if(isset($_POST['submit']))
    {
        
    // makes sure they filled it in
        
    if(!$_POST['username'] || !$_POST['password'])
        {
            die(
    'You did not fill in a required field.');
        }
       
    $username mysql_real_escape_string($_POST['username']); 
       
    $pass mysql_real_escape_string($_POST['password']); 

        
    $check mysql_query("SELECT * FROM users WHERE username = '".$username."'")or die(mysql_error());

        
    //Gives error if user dosen't exist
        
    $check2 mysql_num_rows($check);
        if (
    $check2 == 0)
        {
            die(
    'That user does not exist in our database.');
        }
        while(
    $info mysql_fetch_array$check )) 
        {
            
    $pass md5(stripslashes($_POST['password']));
            
    $info['password'] = stripslashes($info['password']);
            
    //$_POST['pass'] = md5($_POST['pass']); THIS IS DONE IN THE ABOVE STATEMENT
            //gives error if the password is wrong
            
    if ($pass != $info['password'])
            {
                die(
    'Incorrect password, please try again.');
            }
            else 
          
          
    // if login is ok then we add a cookie and send them to the correct page
            

                
    $username stripslashes($username); 
             
    $_SESSION['username'] = $username
             
    $_SESSION['loggedin'] = time();
                
                
    // Finds out the user type
                
    $query "SELECT `admin` FROM `users` WHERE `username` = '" $username "'";
                
    $result mysql_query($query) or die(mysql_error()); 
                
    $row mysql_fetch_array($result); 
                
    $admin $row['admin'];
             
    $_SESSION['admin'] = $admin;

    #########################################
    ######## ADMIN SCRIPT CAN BE ADDED BELOW
    #########################################
    if(isset($_SESSION['admin'])) { ?>
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
    <html>
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    <meta http-equiv="Content-Style-Type" content="text/css">
    <meta http-equiv="Content-Language" content="en-us">
    <meta name="language" content="en-us">
    <title>Backstage V1 Administration Console</title>
    <link rel="stylesheet" href="backstage.css" type="text/css" media="screen">
    <link rel="stylesheet" href="backstage_print.css" type="text/css" media="print">
    <script src="prototype.js" type="text/javascript"></script>
    <script src="scriptaculous.js" type="text/javascript"></script>
    <script type="text/javascript" src="ajax.js"></script>
    <script type="text/javascript">
    var page = document.cookie.match(/page=[\w][\w\-\.]+;/);
    if(page != null) {
        ajaxpage("page", "content");
    } else {
        ajaxpage("home", "content");
    }
    </script>
    <link rel=stylesheet href=backstage.css type=css media=screen>
    <link rel=stylesheet href=backstage_print.css type=css media=print>
    </head>
    <body>
    <div id=container>
    <div class=header>
    <table cellpadding="0" cellspacing="0" border="0" width="95%">
    <tr>
    <td width=110 align=center></td>
    <td></td>
    <td width=40 valign=bottom align=right>
    <a href="#" onclick="ajaxpage('home', 'content'); return false;">Home</a> | <a href="#" onclick="ajaxpage('logout', 'content'); return false;">Logout</a> | <a target="_blank" href="http://kansasoutlawwrestling.com/phpBB3">Forums</a></td>
    </tr>
    </table>
    </div>
    <div id=container2>
    <div id=nav>
    <?php if(isset($_SESSION['loggedin']))   { ?>
    <h1>Character</h1>
    <ul>
    <li><a href="#" onclick="ajaxpage('bio', 'content'); return false;">Bio</a></li>
    <li><a href="#" onclick="ajaxpage('allies', 'content'); return false;">Allies</a></li>
    <li><a href="#" onclick="ajaxpage('rivals', 'content'); return false;">Rivals</a></li>
    <li><a href="#" onclick="ajaxpage('quotes', 'content'); return false;">Quotes</a></li>
    </ul>
    <?php ?>
    <?php 
    if(isset($_SESSION['loggedin']))   { ?>
    <h1>Submit</h1>
    <ul>
    <li><a href="#" onclick="ajaxpage('roleplay', 'content'); return false;">Roleplay</a></li>
    <li><a href="#" onclick="ajaxpage('news', 'content'); return false;">News</a></li>
    <li><a href="#" onclick="ajaxpage('match', 'content'); return false;">Match</a></li>
    <li><a href="#" onclick="ajaxpage('seg', 'content'); return false;">Seg</a></li>
    </ul>
    <?php ?>
    <?php 
    if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?> 
    <h1>Handler</h1>
    <ul>
    <li><a href="#" onclick="ajaxpage('directory', 'content'); return false;">Directory</a></li>
    </ul>
    <?php ?>
    <?php 
    if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?> 
    <h1>Booking</h1>
    <ul>
    <li><a href="#" onclick="ajaxpage('champions', 'content'); return false;">Champions</a></li>
    <li><a href="#" onclick="ajaxpage('booker', 'content'); return false;">Booker</a></li>
    <li><a href="#" onclick="ajaxpage('compiler', 'content'); return false;">Compiler</a></li>
    <li><a href="#" onclick="ajaxpage('archives', 'content'); return false;">Archives</a></li>
    </ul>
    <?php ?>
    <?php 
    if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?> 
    <h1>Fed Admin</h1>
    <ul>
    <li><a href="#" onclick="ajaxpage('handlers', 'content'); return false;">Handlers</a></li>
    <li><a href="#" onclick="ajaxpage('characters', 'content'); return false;">Characters</a></li>
    <li><a href="#" onclick="ajaxpage('applications', 'content'); return false;">Applications</a></li>
    <li><a href="#" onclick="ajaxpage('eventnames', 'content'); return false;">Event Names</a></li>
    <li><a href="#" onclick="ajaxpage('titlenames', 'content'); return false;">Title Names</a></li>
    <li><a href="#" onclick="ajaxpage('matchtypes', 'content'); return false;">Match Types</a></li>
    <li><a href="#" onclick="ajaxpage('divisions', 'content'); return false;">Divisions</a></li>
    <li><a href="#" onclick="ajaxpage('countries', 'content'); return false;">Arenas</a></li>
    </ul>
    <?php ?>
    <?php 
    if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?> 
    <h1>Site Admin</h1>
    <ul>
    <li><a href="#" onclick="ajaxpage('templates', 'content'); return false;">Templates</a></li>
    <li><a href="#" onclick="ajaxpage('content', 'content'); return false;">Content</a></li>
    <li><a href="#" onclick="ajaxpage('biosconfig', 'content'); return false;">Bio Configuration</a></li>
    <li><a href="#" onclick="ajaxpage('newscat', 'content'); return false;">News Categories</a></li>
    <li><a href="#" onclick="ajaxpage('menus', 'content'); return false;">Menus</a></li>
    </ul>
    <?php ?>
    </div>
    <div id=content>
    </div>
    <div id="footer">Backstage 1 &copy; 2009
    </div>
    </div>
    </div>
    </body>
    </html>
    <?php  
    #########################################
    ######## ADMIN SCRIPT HAS TO END ABOVE
    #########################################
        
    }
            } 
        } 

    else 
    {
    // if they have not submitted the form
    ?>
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
    <html>
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    <meta http-equiv="Content-Style-Type" content="text/css">
    <meta http-equiv="Content-Language" content="en-us">
    <meta name="language" content="en-us">
    <title>Backstage V1 Administration Console</title>
    <link rel="stylesheet" href="backstage.css" type="text/css" media="screen">
    <link rel="stylesheet" href="backstage_print.css" type="text/css" media="print">
    <script src="prototype.js" type="text/javascript"></script>
    <script src="scriptaculous.js" type="text/javascript"></script>
    <script type="text/javascript" src="ajax.js"></script>
    <link rel=stylesheet href=backstage.css type=css media=screen>
    <link rel=stylesheet href=backstage_print.css type=css media=print>
    </head>
    <body>
    <div id=login>
    <form method="POST" action="/mybackstage/backstage.php">
    <h1>KOW Backstage</h1>
    <p><label>Username:<br><input type="text" name="username" id="log" tabindex="1"></label></p>
    <p><label>Password:<br><input type="password" name="password" id="pwd" tabindex="2"></label></p>
    <p style="text-align: center;"><input type="submit" class="button" name="submit" id="submit" value="Login &raquo;" tabindex="4"></p>
    </form>
    </div>
    </body>
    </html>
    <?php
    }
    ?>

    This is my backstageconfig.php file:


    PHP Code:
    <?php

    ob_start
    ();
    $host="?"// Host name 
    $username="?"// Mysql username 
    $password="?"// Mysql password 
    $db_name="?"// Database name 


    // Connect to server and select database.
    mysql_connect("$host""$username""$password")or die("cannot connect"); 
    mysql_select_db("$db_name")or die("cannot select DB");


    // To protect MySQL injection (more detail about MySQL injection)
    $username stripslashes($username);
    $password stripslashes($password);
    $username mysql_real_escape_string($username);
    $password mysql_real_escape_string($password);

    ?>
    Last edited by CoolAsCarlito; 10-28-2009 at 02:49 AM.

  • #2
    Regular Coder
    Join Date
    Jun 2008
    Posts
    682
    Thanks
    114
    Thanked 2 Times in 2 Posts
    The ob_start was in the wrong place and that's what was interfering with the database.


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •