...

View Full Version : 2 errrors when i reg on my own script



Chris-2k
10-09-2012, 02:21 PM
hi

well...

i'm getting 2 errors when registering on my own script, can any1 8help me solve.

1st error:

mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 8

here's the related func:

function login_check($email, $password) {
$email = mysql_real_escape_string($email);

$q = mysql_query("SELECT user_id FROM users WHERE email = '". $email ."' AND password = '". md5($password) ."'");

return (mysql_result($q, 0) == 1) ? true : false;
}


2nd error:

mysql_result() [function.mysql-result]: Unable to jump to row 0 on MySQL result index 10

here's the related func:

function user_exists($email)
{
$email = mysql_real_escape_string($email);

$userExists = mysql_query("SELECT * FROM users WHERE email='". $email ."'");

return (mysql_result($userExists, 0) == 1) ? true : false;
}


thanks

Fou-Lu
10-09-2012, 02:43 PM
Both the same error effectively.
You have no results in your query, so therefore you cannot move to the first record. Use mysql_num_rows first to verify you have records in the resource.
Hopefully you're not making a habit of using mysql_result. Its slow, and if you were to run both of these blocks in the same script then you query twice for information that isn't required. Query once for any information you need and use PHP to lookup what it needs from the resultset or a stored result. It's fine if you only call one and only need one at a time though, but since you can be limited in querycount per hour, you should be doing whatever you can to reduce the number of queries required.

Chris-2k
10-10-2012, 12:21 AM
Thanks, now when i've regged it says: credentials not found, btw they're in the db??

here's the edited func:
function user_exists($email)
{
$email = mysql_real_escape_string($email);

$userExists = mysql_query("SELECT * FROM users WHERE email='". $email ."'");

return (mysql_num_rows($userExists) == 1) ? true : false;
}

Chris-2k
10-10-2012, 02:00 PM
sorry, this func is the 1........
function login_check($email, $password) {
$email = mysql_real_escape_string($email);

$q = mysql_query("SELECT user_id FROM users WHERE email = '". $email ."' AND password = '". md5($password) ."'");

return (mysql_num_rows($q) == 1) ? true : false;
}

says : credentials not found, the ARE in te db......

any help..
thx

Fou-Lu
10-10-2012, 02:31 PM
What is the result of a the mysql_num_rows?

Chris-2k
10-10-2012, 02:45 PM
what do you mean?

Fou-Lu
10-10-2012, 02:50 PM
How many rows did this query return?

Chris-2k
10-10-2012, 03:06 PM
0 rows, must be btw users are added in db............

Fou-Lu
10-10-2012, 03:20 PM
Not according to that query there isn't matching records.
Parse the statement in use and print it out. Run that same against the mysql client and see what it pulls up. It hasn't failed, assuming you have error reporting on. You should add an or die(mysql_error()) to the query though to verify.

Chris-2k
10-10-2012, 04:38 PM
i added or die:
function login_check($email, $password) {
$email = mysql_real_escape_string($email);

$q = mysql_query("SELECT user_id FROM users WHERE email = '". $email ."' AND password = '". md5($password) ."'") or die mysql_error()w;

return (mysql_num_rows($q) == 1) ? true : false;
}

the page doesn't die?

i don't see what ya mean by "parse and print it" ?

Fou-Lu
10-10-2012, 04:57 PM
I mean print out the SQL and run it directly against a mysql client.

Chris-2k
10-10-2012, 09:08 PM
Ok done that, gives me:

SELECT user_id FROM users WHERE email = 'testing@123.net' AND password = '6bb5afb249faf144816989497934fd80'

also: Credentials not found + when run via phpmyadmin, it's working fine....

what could the prob be?

here's all my user funcs:

// User Funcs
function login_check($email, $password) {
$email = mysql_real_escape_string($email);

$query = mysql_query("SELECT * FROM users WHERE email = '". $email ."' AND password = '". md5($password) ."'") or die(mysql_error());
echo "SELECT user_id FROM users WHERE email = '". $email ."' AND password = '". md5($password) ."'";

return (mysql_num_rows($query) > 0) ? true : false;
}

function loggedin()
{
return isset($_SESSION['user_id']);
}

function user_data() {
$args = func_get_args();
$fields = implode(',', $args);

$query = mysql_query("SELECT $fields FROM users WHERE user_id ='".$_SESSION['user_id']."'") or die(mysql_error());
$result = mysql_fetch_assoc($query);
foreach($args as $data)
{
$args[$data] = $result[$data];
}
return $result;
}

function add_user($email, $name, $password)
{
$email = mysql_real_escape_string($email);
$name = mysql_real_escape_string($name);

mysql_query("INSERT INTO users VALUES ('', '". $email ."','". $name ."','". md5($password) ."','member','".date('D M, Y')."','flag')") or die(mysql_error());

return mysql_insert_id();
}

function user_exists($email)
{
$email = mysql_real_escape_string($email);

$userExists = mysql_query("SELECT * FROM users WHERE email='". $email ."'");

return (mysql_num_rows($userExists) == 1) ? true : false;
}
// End User Funcs

Fou-Lu
10-10-2012, 10:07 PM
So in PHPMyAdmin, that above runs fine and produces exactly one record, but calling login_check returns false?

See if that has a valid count off of it:


$qry = mysql_query('SELECT count(*) FROM users WHERE email = "' . $email . '" AND password = "' . md5($password) . '"') or die(mysql_error());
$cnt = mysql_result($qry, 0);
printf("Count: %d" . PHP_EOL, $cnt);

If that produces a count of 1 (or greater than, but I assume email is unique), then check for this:


printf("mysql.trace_mode = %d" . PHP_EOL, ini_get('mysql.trace_mode'));


If that pulls out at 1, then grab the PHP version via PHP_VERSION or phpversion() and post that.

Chris-2k
10-10-2012, 10:28 PM
It shows: Count: 0

something i forgot tomention is - as ssoon as i've regged, that's when i get "credits not found", coz it logs in straiight awy..............

Fou-Lu
10-10-2012, 10:36 PM
Does it work anytime after an immediate login?
What is the chain of function calls here; none of them currently call any other, so I can't see the process.
Only thing that stands out is this:


foreach($args as $data)
{
$args[$data] = $result[$data];
}

It is a completely useless traversal; assigning to $args cannot be done as func_get_arg[s] is incapable of retrieving data as reference.

Chris-2k
10-10-2012, 11:04 PM
That foreach() displays my email and suchback to me, that works as expected... ^^^ that above is my user funcs.........

here's my login.php:


<?php
require_once $_SERVER['DOCUMENT_ROOT'].'/includes/init.php'; // main config file

if(loggedin()) {
$user_data = user_data('name','rank','reg_date','flag');
?>

<span style="float:left; padding-left: 20px; padding-top: 11px; font-size: 12px;">
<strong>Welcome,</strong> <?php echo $user_data['name']; ?>
</span>

<span style="float:left; padding-left: 10px; padding-top: 12px; font-size: 12px;">
<img src="<?php echo URL_THEME.'images/flags/'.$user_data['flag'].'.png'; ?>" />
</span>

<span style="float:left; padding-left: 10px; padding-top: 13px; font-size: 12px;">
<img src="<?php echo URL_THEME.'images/date.png'; ?>" title="<?php echo $user_data['reg_date']; ?>" />
</span>

<span style="float:left; margin-left: 10px; margin-top: 11px;" class="<?php echo 'label group-'.$user_data['rank']; ?>">
<?php echo $user_data['rank']; ?>
</span>

<div id="loginForm">
<div class="dropdown">
<ul>
<li>
<a href="#" class="dropdown_btn">Action <span class="toggle"></span></a>
<ul>
<li><a href="account.html">My Account</a></li>
<li><a href="create-album.html">Create Album</a></li>
<li><a href="albums.html">View Albums</a></li>
<li><a href="index.php">Upload Image</a></li>
<li class="divider"></li>
<li><a href="logout.html">Log out?</a></li>
</ul>
</li>
</ul>
</div>
</div>
<?php
} else {
?>

<form id="loginForm" method="post" action="index.php">
<span style="margin-right:110px;">Click <a href="register.html">here to register</a> a new account, or use the following login form:</span>
<input type="email" id="username" name="email" placeholder="email@live.co.uk" />
<input type="password" id="password" name="password" placeholder="password" />
<input type="submit" value="Login" />
</form>

<?php
}

if(isset($_POST['email']) && isset($_POST['password']))
{
//get form data
$login_email = addslashes(strip_tags($_POST['email']));
$login_pass = addslashes(strip_tags($_POST['password']));

$errors = array();

if(empty($login_email) && empty($login_pass))
{
$errors[] = 'Email and Password are required.';
}
else
{
$login = login_check($login_email, $login_pass);

if($login === false)
{
$errors[] = 'Credentials not found.';
}

}

if(!empty($errors))
{
foreach($errors as $error) {
echo $error.'<br />';
}
}
else
{
$_SESSION['user_id'] = $login;
header('Location: index.php');
echo 'Logging in....';
}

}
?>

and register.php:

<?php
include $_SERVER['DOCUMENT_ROOT'].'/'.'includes/init.php';

include_themeHeader();
include_themeLogin();
?>

<div class="clearfix"></div>

<?php
include PATH_THEME .'navigation.php';
?>

<div class="clearfix"></div>

<?php
if ($_POST['register']) {

$reg_email = addslashes(strip_tags($_POST['email']));
$reg_name = addslashes(strip_tags($_POST['name']));
$reg_pass = addslashes(strip_tags($_POST['password']));
$confirm_password = addslashes(strip_tags($_POST['confirm_password']));

$errors = array();

if ($reg_email && $reg_name && $reg_pass)
{
if(user_exists($reg_email) == true)
{
$errors[] = '<div class="errors">Email has already been registered.</div>';
}

if(strlen($reg_name) > 32)
{
$errors[] = '<div class="errors">Username too long.';
}

if(strlen($reg_pass)<6 && strlen($confirm_password)<6)
{
$errors[] = '<div class="errors">Password must be 6 characters or more.';
}
else
{
$captcha_answers = array(
'setone' =>
'3CBAJ', 'BXXSH', 'C4YY8', 'T3SBB', 'R9W3A', 'HNXMJ', '6VUPE', 'PCYBT', '59ESB', '5D5YU',
'PB5TT', 'ECSNM', 'DDB65', 'MCT46', 'JDK3D', 'E9M4S', 'JVNR9', 'VNP4N', 'MJSPE', 'SJ43B', 'KYDNA'
);

if(!$_POST['captcha'] == in_array($captcha_answers['setone']))
{
$errors[] = '<div class="errors">Security captcha answer isn\'t correct.';
}
elseif($reg_pass == !$confirm_password)
{
$errors[] = '<div class="errors">Passwords must match.</div>';
}
}
}
else
{
$errors[] = "All fields are required.";
}

if(!empty($errors))
{
foreach($errors as $error) {
echo $error.'<br />';
}
}
else
{
add_user($reg_email, $reg_name, $reg_pass);
echo '<div class="success">Successfull Registration!</div>';
$_SESSION['user_id'] = $reg;

}
}
?>

<div class='registrationForm'>
<form action='' method='POST' />
<legend>Fields with a <strong>*</strong> are required!</legend>
<div class="controlGroup">
<label class="reg_label" for="emailI">Email*: </label>
<div class="control"><input type='email' name='email'i / id='emailI' /></div>
</div>
<div class="clearfix"></div>
<div class="controlGroup">
<label class="reg_label" for="nameI">Name*: </label>
<div class="control"><input type='text' name='name' id="nameI" /></div>
</div>
<div class="clearfix"></div>
<div class="controlGroup">
<label class="reg_label" for="passI">Choose password*: </label>
<div class="control"><input type='password' name='password' id="passI" /></div>
</div>
<div class="clearfix"></div>
<div class="controlGroup">
<label class="reg_label" for="cpassI">Confirm password*: </label>
<div class="control"><input type='password' name='confirm_password' id="cpassI" /></div>
</div>
<div class="clearfix"></div>
<div class="controlGroup">
<label class="reg_label" for="paymentsI">Payments: </label>
<div class="control"><input type='password' name='oayments' id="paymentsI" /></div>
</div>
<div class="clearfix"></div>
<legend>Security Check</legend>
<div class="controlGroup">
<label class="reg_label" for="captcha">Solve the captcha code: </label>
<div class="control">
<img src="<?php echo URL_THEME.'images/CaptchaCodes/CaptchaIMG_'.mt_rand(0,20).'.jpg'; ?>" style="margin-bottom:5px;" id="captcha" title="Captcha Code!" />
<a href="#" onclick="changeCap()" id="refresh" title="Change the CAPTCHA code!"><img src="<?php echo URL_THEME.'images/CaptchaCodes/RefreshCaptcha.png'; ?>"></a>
<script>
function changeCap() {
var num=Math.floor(Math.random()*21)
document.getElementById("captcha").src = document.getElementById("captcha").src.replace(/[0-9]+/,num);
}
</script>
<br />
<input type="text" name="captcha" size="10" />
</div>
</div>
<div class="clearfix"></div>
<input type='submit' name='register' id="reg_btn" value='Register'>
</form>
</div>
<div class="clearfix"></div>

<?php
include_themeFooter();
?>

Fou-Lu
10-10-2012, 11:20 PM
Why are you addslashing these:


$reg_email = addslashes(strip_tags($_POST['email']));
$reg_name = addslashes(strip_tags($_POST['name']));
$reg_pass = addslashes(strip_tags($_POST['password']));


You should be issuing a stripslashes if magic_quotes_gpc is enabled. Addslashes and mysql_real_escape_string are not compatible together and should therefore never be used together.



$_SESSION['user_id'] = $reg;

Where have you created $reg?

Chris-2k
10-11-2012, 12:00 AM
The session is created in register.php?

Fou-Lu
10-11-2012, 12:52 AM
I assume that session is created in the init.php since its not done in either of these two scripts.
Doesn't answer the question of where $reg is created. It's not in register.php, but you are assigning it to $_SESSION['user_id']. Since it's null, the isset check won't pass either.

I made the assumption that you actually attempted to call your login_check function manually to verify it is returning false. This looks a lot more to me that loggedin is returning false.

Fix the problem with the $_SESSION['user_id'] = $reg; by assigning $reg to something, and then see what it does.

You have other errors here too, like the confirmation password check will never enter that if branch. But that isn't relevant to the current issue.

Chris-2k
10-11-2012, 09:04 PM
I know some things wont work as these funcs was put together quickly, no tutorial was used for these, i just did what i know and did plan to fix................

Yes sorry, the session is created in init.php

you've lost me here: "
Fix the problem with the $_SESSION['user_id'] = $reg; by assigning $reg to something, and then see what it does.", this $_SESSION['user_id'] = $reg; - is created in register.php?

Fou-Lu
10-11-2012, 09:51 PM
Yes that line is in register.php, but I mean that $reg hasn't been assigned to anything. If you enable your error reporting:


ini_set('display_errors', 1);
error_reporting(E_ALL);

You should trigger the error:


Notice: Undefined variable: $reg in xx/register.php on line ?

Therefore assigning $_SESSION['user_id'] to null. Null will not pass an isset check, so the loggedin will return false.

Chris-2k
10-11-2012, 10:02 PM
Ah ok, i get ya, can i do



$reg = add_user($reg_email, $reg_name, $reg_pass);
$_SESSION['user_id'] = $reg;

Fou-Lu
10-11-2012, 10:05 PM
It looks to me that you can do that. Or even just assign $_SESSION['user_id'] directly to the add_user function. It should return the surrogate key created for this record.

Chris-2k
10-11-2012, 10:17 PM
Done that but still get "Credits not found"?

Chris-2k
10-11-2012, 10:35 PM
sorry it is, was just cached.......

Now 1 last prob:

Warning: in_array() expects at least 2 parameters, 1 given in /home/sonicimg/public_html/content/themes/MrOSX/pages/register.php on line 48
Security captcha answer isn't correct.

can u help fix that?

Fou-Lu
10-11-2012, 11:37 PM
That is here: if(!$_POST['captcha'] == in_array($captcha_answers['setone'])). in_array requires a search criteria as well as the hashtable to lookup out of. That should be if (!in_array($_POST['captcha'], $captcha_answers['setone'])).

Chris-2k
10-12-2012, 12:37 AM
done that, now i get:
Warning: in_array() expects parameter 2 to be array, string given

Fou-Lu
10-12-2012, 02:11 AM
Ah yes I see. That array is only a single dimension; setOne only refers to a single item within it. Either the in_array should be looking at $catcha_answers as its array, or $captcha_answers['setone'] needs to be converted to an array.

Chris-2k
10-12-2012, 02:57 PM
Thanks Very Much, it's all working now!!!!!!!!!!



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum