|
#1
08-12-2005
|
||||
|
||||
|
php login?
Hi i have this code in php and I'm getting a selection of the data base error but I'm sure the database is there ans is well seted up.
Here is my code. Some one could chek if there is something wrong with it? Code:
<?php session_start(); echo'<html>';
//gets variables
$username=$_POST['username'];
$password=$_POST['password'];
// connect to database with username: database_user and password: password
$db = mysql_pconnect('localhost', 'database_name', 'password');
// error if cannot connect
if(!$db){echo 'Error: could not connect to the database'; exit;}
// select database named database_name
$db = mysql_select_db ("database_name");
// error if cannot select
if(!$db){echo '<b>Error: </b>could not select database'; exit;}
// query database and find a user that matches with the same username and password
$authenticate = mysql_query("select * from users where name='$username' and pass='$password'");
// error if cannot query
if(!$authenticate){echo '<b>Error: </b>could not query database'; exit;}
// mysql_num_rows($authenticate) is the number of rows that matched. therefore...
//if there were no matches or more than one match, do not authenticate
if(mysql_num_rows($authenticate)!=1){echo'<b>Error : </b>Invalid username or password';
session_destroy(); exit;}
//if one match was found, authenticate
if(mysql_num_rows($authenticate)==1){echo'<b>Congr adulations!</b> You have logged in successfuly as '.$username.'<br>';
$_SESSION['username']=$username;
$_SESSION['password']=$password;
echo'Display logged in info here</html>';
}
?>
|
|
#2
08-12-2005
|
||||
|
||||
|
I don't know much about PHP and how it translates variables but I was wondering about your query line. It looks like you are quering for the string $username. Do you have to concatenate the variable to the string
$authenticate = mysql_query("select * from users where name='".$username."' and pass='".$password."'"); I think a single period [ . ]is the concatenation character for PHP Tigg
__________________
TJ-Tigger "A common mistake that people make when trying to design something completely foolproof was to underestimate the ingenuity of complete fools." "Draco dormiens nunquam titillandus." Map of IR Forum Users - IR Project CodeViewer - Online Help - TiggTV - QuizEngine
|
|
#4
08-13-2005
|
||||
|
||||
|
No i haven't been able to solve this, in fact I'm thinking on installing some php suite.
But I would be reall nice if i could get yours.
|
|
#5
08-20-2005
|
|||
|
|||
|
I was working on this all day yesterday and now it works fine. maybe you could modify it.
<?php include ("connect.php"); $sql = "SELECT companyname, firstname, lastname, email, password, ulevel, username FROM users WHERE username='$_REQUEST[usrname]' AND password='$_REQUEST[pwd]' ORDER BY companyname"; $r = mysql_query($sql); if(!$r) { $err=mysql_error(); print $err; exit(); } if(mysql_affected_rows()==0){ print include_once("failedlogin.php"); exit(); } else{ } echo "\n"; while ($line = mysql_fetch_array($r)) { extract($line); } echo "\n"; $usrlevel = "$ulevel"; $adminlevel = "Yes"; { if ($usrlevel == $adminlevel){ echo include("admincontent.php"); } else { echo include("usercontent.php"); } } ?>
|
|
#6
08-20-2005
|
|||
|
|||
|
<?php session_start(); echo'<html>';
//gets variables $username=$_POST['username']; $password=$_POST['password']; // connect to database with username: database_user and password: password $db = mysql_pconnect('localhost', 'database_name', 'password'); // error if cannot connect if(!$db){echo 'Error: could not connect to the database'; exit;} // select database named database_name $db = mysql_select_db ("database_name"); // error if cannot select if(!$db){echo '<b>Error: </b>could not select database'; exit;} // query database and find a user that matches with the same username and password $authenticate = mysql_query("select (USE TABLE NAMES HERE NOT *) from users where name='$_POST['username']' and pass='$_POST['password']'"); // error if cannot query if(!$authenticate){echo '<b>Error: </b>could not query database'; exit;} // mysql_num_rows($authenticate) is the number of rows that matched. therefore... //if there were no matches or more than one match, do not authenticate if(mysql_num_rows($authenticate)!=1){echo'<b>Error : </b>Invalid username or password'; session_destroy(); exit;} //if one match was found, authenticate if(mysql_num_rows($authenticate)==1){echo'<b>Congr atulations!</b> You have logged in successfuly as '$_POST['username']'<br>'; $_SESSION['username']=$username; $_SESSION['password']=$password; echo'Display logged in info here</html>'; } ?>
|
|
#8
08-22-2005
|
||||
|
||||
|
Well from what I can see it should be at the very least:
$db = mysql_connect('localhost', 'database_name', $password); Possibly: $db = mysql_connect('localhost', $database_name, $password); Depending upon which values are meant to be literal or variable. In PHP variables are prefaced with a dollar sign "$" so the variable retrieved with this line: $password=$_POST['password']; Must be referenced as $password (no quotes) as opposed to "password". 
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Example: Sending Email Using a Remote PHP Web Script | Corey | AutoPlay Media Studio 5.0 Examples | 36 | 06-10-2007 03:07 PM |
| Weather data and PHP 5 . . . | Intrigued | Developer's Den | 0 | 10-09-2004 12:26 PM |
| Function: Email Any Data Through PHP | Brett | AutoPlay Media Studio 5.0 Examples | 8 | 10-02-2004 09:08 PM |
| The dreaded Submit to web PHP issue! | Bruce | AutoPlay Media Studio 4.0 | 2 | 09-19-2003 04:00 PM |
| PHP for FTP login? | eric_darling | General Chat | 3 | 01-18-2003 10:03 PM |
All times are GMT -6. The time now is 06:11 AM.
