...

View Full Version : Resolved Back From Scratch



CoolAsCarlito
10-28-2009, 02:25 AM
I lost a whole bunch of my script and have started to go back through and redo it all. I have this for my code but after submitting the login part I receive this:


Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/usr/local/mysql-5.0/data/mysql.sock' (2) in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 11

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 11

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/usr/local/mysql-5.0/data/mysql.sock' (2) in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 12

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 12

Warning: mysql_query() [function.mysql-query]: Can't connect to local MySQL server through socket '/usr/local/mysql-5.0/data/mysql.sock' (2) in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 14

Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 14
Can't connect to local MySQL server through socket '/usr/local/mysql-5.0/data/mysql.sock' (2)



<?php

require "backstageconfig.php";

//if the login form is submitted
if(isset($_POST['submit']))
{
// makes sure they filled it in
if(!$_POST['username'] || !$_POST['password'])
{
die('You did not fill in a required field.');
}
$username = mysql_real_escape_string($_POST['username']);
$pass = mysql_real_escape_string($_POST['password']);

$check = mysql_query("SELECT * FROM users WHERE username = '".$username."'")or die(mysql_error());

//Gives error if user dosen't exist
$check2 = mysql_num_rows($check);
if ($check2 == 0)
{
die('That user does not exist in our database.');
}
while($info = mysql_fetch_array( $check ))
{
$pass = md5(stripslashes($_POST['password']));
$info['password'] = stripslashes($info['password']);
//$_POST['pass'] = md5($_POST['pass']); THIS IS DONE IN THE ABOVE STATEMENT
//gives error if the password is wrong
if ($pass != $info['password'])
{
die('Incorrect password, please try again.');
}
else

// if login is ok then we add a cookie and send them to the correct page
{
$username = stripslashes($username);
$_SESSION['username'] = $username;
$_SESSION['loggedin'] = time();

// Finds out the user type
$query = "SELECT `admin` FROM `users` WHERE `username` = '" . $username . "'";
$result = mysql_query($query) or die(mysql_error());
$row = mysql_fetch_array($result);
$admin = $row['admin'];
$_SESSION['admin'] = $admin;

#########################################
######## ADMIN SCRIPT CAN BE ADDED BELOW
#########################################
if(isset($_SESSION['admin'])) { ?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta http-equiv="Content-Language" content="en-us">
<meta name="language" content="en-us">
<title>Backstage V1 Administration Console</title>
<link rel="stylesheet" href="backstage.css" type="text/css" media="screen">
<link rel="stylesheet" href="backstage_print.css" type="text/css" media="print">
<script src="prototype.js" type="text/javascript"></script>
<script src="scriptaculous.js" type="text/javascript"></script>
<script type="text/javascript" src="ajax.js"></script>
<script type="text/javascript">
var page = document.cookie.match(/page=[\w][\w\-\.]+;/);
if(page != null) {
ajaxpage("page", "content");
} else {
ajaxpage("home", "content");
}
</script>
<link rel=stylesheet href=backstage.css type=css media=screen>
<link rel=stylesheet href=backstage_print.css type=css media=print>
</head>
<body>
<div id=container>
<div class=header>
<table cellpadding="0" cellspacing="0" border="0" width="95%">
<tr>
<td width=110 align=center></td>
<td></td>
<td width=40 valign=bottom align=right>
<a href="#" onclick="ajaxpage('home', 'content'); return false;">Home</a> | <a href="#" onclick="ajaxpage('logout', 'content'); return false;">Logout</a> | <a target="_blank" href="http://kansasoutlawwrestling.com/phpBB3">Forums</a></td>
</tr>
</table>
</div>
<div id=container2>
<div id=nav>
<?php if(isset($_SESSION['loggedin'])) { ?>
<h1>Character</h1>
<ul>
<li><a href="#" onclick="ajaxpage('bio', 'content'); return false;">Bio</a></li>
<li><a href="#" onclick="ajaxpage('allies', 'content'); return false;">Allies</a></li>
<li><a href="#" onclick="ajaxpage('rivals', 'content'); return false;">Rivals</a></li>
<li><a href="#" onclick="ajaxpage('quotes', 'content'); return false;">Quotes</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin'])) { ?>
<h1>Submit</h1>
<ul>
<li><a href="#" onclick="ajaxpage('roleplay', 'content'); return false;">Roleplay</a></li>
<li><a href="#" onclick="ajaxpage('news', 'content'); return false;">News</a></li>
<li><a href="#" onclick="ajaxpage('match', 'content'); return false;">Match</a></li>
<li><a href="#" onclick="ajaxpage('seg', 'content'); return false;">Seg</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?>
<h1>Handler</h1>
<ul>
<li><a href="#" onclick="ajaxpage('directory', 'content'); return false;">Directory</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?>
<h1>Booking</h1>
<ul>
<li><a href="#" onclick="ajaxpage('champions', 'content'); return false;">Champions</a></li>
<li><a href="#" onclick="ajaxpage('booker', 'content'); return false;">Booker</a></li>
<li><a href="#" onclick="ajaxpage('compiler', 'content'); return false;">Compiler</a></li>
<li><a href="#" onclick="ajaxpage('archives', 'content'); return false;">Archives</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?>
<h1>Fed Admin</h1>
<ul>
<li><a href="#" onclick="ajaxpage('handlers', 'content'); return false;">Handlers</a></li>
<li><a href="#" onclick="ajaxpage('characters', 'content'); return false;">Characters</a></li>
<li><a href="#" onclick="ajaxpage('applications', 'content'); return false;">Applications</a></li>
<li><a href="#" onclick="ajaxpage('eventnames', 'content'); return false;">Event Names</a></li>
<li><a href="#" onclick="ajaxpage('titlenames', 'content'); return false;">Title Names</a></li>
<li><a href="#" onclick="ajaxpage('matchtypes', 'content'); return false;">Match Types</a></li>
<li><a href="#" onclick="ajaxpage('divisions', 'content'); return false;">Divisions</a></li>
<li><a href="#" onclick="ajaxpage('countries', 'content'); return false;">Arenas</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?>
<h1>Site Admin</h1>
<ul>
<li><a href="#" onclick="ajaxpage('templates', 'content'); return false;">Templates</a></li>
<li><a href="#" onclick="ajaxpage('content', 'content'); return false;">Content</a></li>
<li><a href="#" onclick="ajaxpage('biosconfig', 'content'); return false;">Bio Configuration</a></li>
<li><a href="#" onclick="ajaxpage('newscat', 'content'); return false;">News Categories</a></li>
<li><a href="#" onclick="ajaxpage('menus', 'content'); return false;">Menus</a></li>
</ul>
<?php } ?>
</div>
<div id=content>
</div>
<div id="footer">Backstage 1 &copy; 2009
</div>
</div>
</div>
</body>
</html>
<?php
#########################################
######## ADMIN SCRIPT HAS TO END ABOVE
#########################################
}
}
}
}
else
{
// if they have not submitted the form
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta http-equiv="Content-Language" content="en-us">
<meta name="language" content="en-us">
<title>Backstage V1 Administration Console</title>
<link rel="stylesheet" href="backstage.css" type="text/css" media="screen">
<link rel="stylesheet" href="backstage_print.css" type="text/css" media="print">
<script src="prototype.js" type="text/javascript"></script>
<script src="scriptaculous.js" type="text/javascript"></script>
<script type="text/javascript" src="ajax.js"></script>
<link rel=stylesheet href=backstage.css type=css media=screen>
<link rel=stylesheet href=backstage_print.css type=css media=print>
</head>
<body>
<div id=login>
<form method="POST" action="/mybackstage/backstage.php">
<h1>KOW Backstage</h1>
<p><label>Username:<br><input type="text" name="username" id="log" tabindex="1"></label></p>
<p><label>Password:<br><input type="password" name="password" id="pwd" tabindex="2"></label></p>
<p style="text-align: center;"><input type="submit" class="button" name="submit" id="submit" value="Login &raquo;" tabindex="4"></p>
</form>
</div>
</body>
</html>
<?php
}
?>


This is my backstageconfig.php file:



<?php

ob_start();
$host="?"; // Host name
$username="?"; // Mysql username
$password="?"; // Mysql password
$db_name="?"; // Database name


// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");


// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);

?>

CoolAsCarlito
10-28-2009, 02:50 AM
The ob_start was in the wrong place and that's what was interfering with the database.



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum