View Full Version : problem with php login page and mysql...
07-26-2008, 02:54 PM
ok...I opted to go the php way, since I couldn't find the pl script, besides it seems easy to configure with php...I've been following this tutorial suggested by somene here http://www.phpeasystep.com/workshopview.php?id=6, everything seems to work fine, only when I click on the "login" button in the main_login.php page it is giving me an error "PHP Fatal error: Call to undefined function mysql_connect() in C:\Inetpub\wwwroot\checklogin.php on line 10" I don't know much about php, but this I know the mysql_connect() function is trying to open the connection to the mysql server, I checked my credentials for opening the connection and they are the ones used when I installed mysql, yet it's not establishing the connection could someone help me with this?
ohh, and after scanning the host...port 3306 is open so it's listening for connections...
07-26-2008, 03:36 PM
Can you post the coding for checklogin.php ? I think I use the same one.
07-26-2008, 03:41 PM
Did you enable the mysql extension in your PHP ini file? Check it for a line that reads:
The extension directory must also be configured in the ini file. It looks something like:
extension_dir = "d:\php5\ext\"
djm0219 has a good point...as it looks like you haven't enabled MySQL extension.
To make your life a little easier, it highly recommend that you make use of WAMP (http://www.wampserver.com/en/)which is a bundle of software applications (Apache, MySQL, PHP, OpenSSL) that comes preconfigured out of the box...and allows you to focus on development etc...
07-26-2008, 06:23 PM
ok guys, thanks for all the responses, but before I go any further I think that my php installation is not working, I have created a php file with this code "<? phpinfo(); ?>" to test the install and is now showing anything....
php is proving to be a pain to install
07-26-2008, 06:25 PM
Take the advice of ess and use WAMP which should make it a lot easier for you.
...or just read the directions on the PHP site (http://www.php.net/manual/en/install.windows.php). Going from IIS to Apache alone should help ease your problems, let alone installing a "WAMP" package (which I recommend staying away from, but to each his/her own).
07-26-2008, 08:37 PM
guys I'm confuse about something..... the documentation I'm following says that once you finish the install to put <? phpinfo(); ?>inside a file and save it with the .php extension, I do that but nothing is displayed on the browser, but if I surround the php code with html tags like <html> and <body> tabs then it is displaying the question is do php code needs to be surrounded by html tag in order to be interpreted by the browser or the php code by itself should suffice?
07-26-2008, 09:17 PM
If you have IIS configured to use PHP properly only the single line should work. Something is not right with your setup. Using Apache would make your life a bit easier (OK, a lot easier).
07-26-2008, 09:45 PM
Always use full php opening tags <?php
The short open tag <? results in non-portable code that only works when the short_open_tag setting is turned on and you won't always have the ability to turn it on.
07-26-2008, 11:08 PM
I've set up php in the past running on apache, I know it's easier, but I wanted to test php among other things on IIS, anyway I finally got it working.... on a side note after following the documentation on php.net/install I wasn't able to get it running, I think there's so much information missing there; I followed this guidehttp://www.peterguy.com/php/install_IIS6.html and it worked just fine, didn't need to troubleshoot anything....
well now to the next step... trying to get php to talk to mysql
07-27-2008, 12:46 AM
ok.. got the login page working, now how could I make this application vulnerable to session id?...this is for a project/demo, and it is in a save environment.
appreciate any inputs or ideas?
07-27-2008, 12:55 AM
someone suggested me turning on the session.use_trans_sid in the php.ini file.... I would like to hear other ideas or comments
07-28-2008, 01:03 AM
ok I just found something, well kind of..... in the same php login app that I was using http://www.phpeasystep.com/workshopview.php?id=6 there's the checklogin.php file and it contains a section to sanitize the application protecting against sql injection, if you comment out that part the app is vulnerable to sql injections like ' OR 'X'='X it log you in as the first user in the table
07-28-2008, 09:01 PM
Nice forum, I really like the skin, looks very sharp and cool.