Php test login thing...

Printable View

Oct 31st, 2004, 06:46 AM
Pino

Php test login thing...

PHP Code:

<?php $user=""; $pass=""; $database="phpdb"; $username=$_POST['username']; $password=$_POST['password']; mysql_connect('localhost',$user,$pass); @mysql_select_db($database) or die ("error selecting DB"); if($username == "admin") { if($password == "test") { echo "Admin Login"; } else { echo "Error Incorrect Admin Password"; } } else { $query="SELECT password FROM clients WHERE username='$username'"; $result=mysql_query($query) or die (mysql_error()); if ($result==$password) { echo "Welcome"; } else { echo "Error"; } } mysql_close(); ?>

this doesnt work, it works if the admin logs in i think its the way i am handling the $result could any help me fix it up?

thank you
Oct 31st, 2004, 08:13 AM
visualAd

The problem is caused on this line:

PHP Code:

if ($result==$password)

After calling mysql_query() and assigning the result to $result; $result is known as a resource. The resource in this case is a pointer to the mysql recordset. Similar to VB you need to move through the record set to obtain the results.

In PHP/MySql you use the mysql_fetch_* functions.

mysql_fetch_row() gets one row from the result set, places it in an indexed array and moves the result pointer to the next row.

mysql_fetch_assoc() gets one row from the result set, places it in an associative array (i.e: each array index is the name of a column in the result set) and moves the result pointer to the next row.

mysql_fetch_array() does exactly the same as the above two functions but combines both the index based array and the associative array into one.

The following code demonstrates each function. On the following table:

Code:

+----------+----------+ | UserName | Password | user1 | 1 | user2 | 2 | user3 | 3

PHP Code:

$query = 'SELECT UserName,Password FROM users;'; $result = mysql_query ($query); print_r(mysql_fetch_row($result)); print_r(mysql_fetch_assoc($result)); print_r(mysql_fetch_array($result));

Output:

Code:

Array ( [0] => user1 [1] => 1 ) Array ( [UserName] => user2 [Password] => 2 ) Array ( [0] => user3 [1] => 3 [UserName] => user3 [Password] => 3 )

So to correct your code all you need to do is something like this:

PHP Code:

$query="SELECT password FROM clients WHERE username='$username'"; $result=mysql_query($query) or die (mysql_error()); if (mysql_num_rows($result) == 0) { echo('Invalid User'); } else if (($row = mysql_fetch_assoc($result)) && ($row['password']==$password)) { echo('Welcome'); } else { echo('Error: Bad password'); }
Oct 31st, 2004, 11:40 AM
Pino

thats quite helpfull :)

1 thing tho, when i run the code

Quote:

Warning: Wrong parameter count for mysql_fetch_assoc() in E:\Abyss Web Server\htdocs\logintest.php on line 31
Error: Bad password

and that line is...

PHP Code:

} else if ($row = mysql_fetch_assoc() && $row['password']==$password) {

any ideas?
Oct 31st, 2004, 11:54 AM
visualAd

Quote:

Originally posted by Pino
any ideas?

I gave you buggy code. It should be:

$row = mysql_fetch_assoc($result);

:rolleyes: Sorry :blush:
Oct 31st, 2004, 12:06 PM
Pino

Quote:

Originally posted by visualAd
I gave you buggy code. It should be:

$row = mysql_fetch_assoc($result);

:rolleyes: Sorry :blush:

HEHEH it happens to the best of us ;) thanks for your help so far, no doubt i'll be back soon lol :)

thank you though
Oct 31st, 2004, 12:09 PM
Pino

ok

PHP Code:

if (mysql_num_rows($result) == 0) { echo('Invalid User'); } else if ($row = mysql_fetch_assoc($result) && $row['password']==$password) { echo('Welcome'); } else { echo('Error: Bad password'); }

ok its saying that $row is and undefined varible, do i need to encase it in inverted commas?
Oct 31st, 2004, 01:46 PM
visualAd

My apologies for the sloppy coding. The way PHP evalutes the expressions is as if it were writtten like this:

if($row = (mysql_fetch_assoc($result) && $row['password']==$password))

Changing it to this. Will force the assignment to be made first:

if(($row = mysql_fetch_assoc($result)) && ($row['password']==$password))
Oct 31st, 2004, 02:04 PM
Pino

hmm...

ok the error has gone now, but it still says bad password, and i have looked and checked to make sure i am typing the right username and password....

PHP Code:

<?php $user=""; $pass=""; $database="phpdb"; $username=$_POST['username']; $password=$_POST['password']; mysql_connect('localhost',$user,$pass); @mysql_select_db($database) or die ("error selecting DB"); if($username == "admin") { if($password == "test") { echo "Admin Login"; } else { echo "Error Incorrect Admin Password"; } } else { $query="SELECT password FROM clients WHERE username='$username'"; $result=mysql_query($query) or die (mysql_error()); $row = mysql_fetch_assoc($result); if (mysql_num_rows($result) == 0) { echo('Invalid User'); } else if(($row = mysql_fetch_assoc($result)) && ($row['password']==$password)) { echo('Welcome'); } else { echo('Error: Bad password'); } } mysql_close(); ?>
Oct 31st, 2004, 02:12 PM
visualAd

Why have you got a call to mysql_fetch_assoc() twice? You don't need the first one. If you leave that there thin it will take the first row and then it will be at the en of the result set.
Oct 31st, 2004, 02:14 PM
Pino

doh!

i was trying some stuff out before and forgot to remove that :-/

ok were all fixed up now! While i remmber, can you send someone to another page wth php?

or should i just do it with jSCRIPT?
Oct 31st, 2004, 02:21 PM
visualAd

Quote:

Originally posted by Pino
doh!

i was trying some stuff out before and forgot to remove that :-/

ok were all fixed up now! While i remmber, can you send someone to another page wth php?

or should i just do it with jSCRIPT?

You can send a location header.

header('Location: url');