|
-
Oct 31st, 2004, 06:46 AM
#1
Thread Starter
PowerPoster
Php test login thing...
PHP Code:
<?php
$user="";
$pass="";
$database="phpdb";
$username=$_POST['username'];
$password=$_POST['password'];
mysql_connect('localhost',$user,$pass);
@mysql_select_db($database) or die ("error selecting DB");
if($username == "admin")
{
if($password == "test")
{
echo "Admin Login";
}
else
{
echo "Error Incorrect Admin Password";
}
}
else
{
$query="SELECT password FROM clients WHERE username='$username'";
$result=mysql_query($query) or die (mysql_error());
if ($result==$password)
{
echo "Welcome";
}
else
{
echo "Error";
}
}
mysql_close();
?>
this doesnt work, it works if the admin logs in i think its the way i am handling the $result could any help me fix it up?
thank you
-
Oct 31st, 2004, 08:13 AM
#2
The problem is caused on this line:
PHP Code:
if ($result==$password)
After calling mysql_query() and assigning the result to $result; $result is known as a resource. The resource in this case is a pointer to the mysql recordset. Similar to VB you need to move through the record set to obtain the results.
In PHP/MySql you use the mysql_fetch_* functions.
mysql_fetch_row() gets one row from the result set, places it in an indexed array and moves the result pointer to the next row.
mysql_fetch_assoc() gets one row from the result set, places it in an associative array (i.e: each array index is the name of a column in the result set) and moves the result pointer to the next row.
mysql_fetch_array() does exactly the same as the above two functions but combines both the index based array and the associative array into one.
The following code demonstrates each function. On the following table:
Code:
+----------+----------+
| UserName | Password
| user1 | 1
| user2 | 2
| user3 | 3
PHP Code:
$query = 'SELECT UserName,Password FROM users;';
$result = mysql_query ($query);
print_r(mysql_fetch_row($result));
print_r(mysql_fetch_assoc($result));
print_r(mysql_fetch_array($result));
Output:
Code:
Array
(
[0] => user1
[1] => 1
)
Array
(
[UserName] => user2
[Password] => 2
)
Array
(
[0] => user3
[1] => 3
[UserName] => user3
[Password] => 3
)
So to correct your code all you need to do is something like this:
PHP Code:
$query="SELECT password FROM clients WHERE username='$username'";
$result=mysql_query($query) or die (mysql_error());
if (mysql_num_rows($result) == 0) {
echo('Invalid User');
} else if (($row = mysql_fetch_assoc($result)) && ($row['password']==$password)) {
echo('Welcome');
} else {
echo('Error: Bad password');
}
Last edited by visualAd; Oct 31st, 2004 at 01:47 PM.
-
Oct 31st, 2004, 11:40 AM
#3
Thread Starter
PowerPoster
thats quite helpfull 
1 thing tho, when i run the code
Warning: Wrong parameter count for mysql_fetch_assoc() in E:\Abyss Web Server\htdocs\logintest.php on line 31
Error: Bad password
and that line is...
PHP Code:
} else if ($row = mysql_fetch_assoc() && $row['password']==$password) {
any ideas?
-
Oct 31st, 2004, 11:54 AM
#4
Originally posted by Pino
any ideas?
I gave you buggy code. It should be:
$row = mysql_fetch_assoc($result);
 Sorry 
-
Oct 31st, 2004, 12:06 PM
#5
Thread Starter
PowerPoster
-
Oct 31st, 2004, 12:09 PM
#6
Thread Starter
PowerPoster
ok
PHP Code:
if (mysql_num_rows($result) == 0) {
echo('Invalid User');
} else if ($row = mysql_fetch_assoc($result) && $row['password']==$password) {
echo('Welcome');
}
else
{
echo('Error: Bad password');
}
ok its saying that $row is and undefined varible, do i need to encase it in inverted commas?
-
Oct 31st, 2004, 01:46 PM
#7
My apologies for the sloppy coding. The way PHP evalutes the expressions is as if it were writtten like this:
if($row = (mysql_fetch_assoc($result) && $row['password']==$password))
Changing it to this. Will force the assignment to be made first:
if(($row = mysql_fetch_assoc($result)) && ($row['password']==$password))
-
Oct 31st, 2004, 02:04 PM
#8
Thread Starter
PowerPoster
hmm...
ok the error has gone now, but it still says bad password, and i have looked and checked to make sure i am typing the right username and password....
PHP Code:
<?php
$user="";
$pass="";
$database="phpdb";
$username=$_POST['username'];
$password=$_POST['password'];
mysql_connect('localhost',$user,$pass);
@mysql_select_db($database) or die ("error selecting DB");
if($username == "admin")
{
if($password == "test")
{
echo "Admin Login";
}
else
{
echo "Error Incorrect Admin Password";
}
}
else
{
$query="SELECT password FROM clients WHERE username='$username'";
$result=mysql_query($query) or die (mysql_error());
$row = mysql_fetch_assoc($result);
if (mysql_num_rows($result) == 0) {
echo('Invalid User');
} else if(($row = mysql_fetch_assoc($result)) && ($row['password']==$password)) {
echo('Welcome');
} else {
echo('Error: Bad password');
}
}
mysql_close();
?>
-
Oct 31st, 2004, 02:12 PM
#9
Why have you got a call to mysql_fetch_assoc() twice? You don't need the first one. If you leave that there thin it will take the first row and then it will be at the en of the result set.
-
Oct 31st, 2004, 02:14 PM
#10
Thread Starter
PowerPoster
doh!
i was trying some stuff out before and forgot to remove that :-/
ok were all fixed up now! While i remmber, can you send someone to another page wth php?
or should i just do it with jSCRIPT?
-
Oct 31st, 2004, 02:21 PM
#11
Originally posted by Pino
doh!
i was trying some stuff out before and forgot to remove that :-/
ok were all fixed up now! While i remmber, can you send someone to another page wth php?
or should i just do it with jSCRIPT?
You can send a location header.
header('Location: url');
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote
thanks for your help so far, no doubt i'll be back soon lol