Corbu
08-11-2005, 10:19 PM
I'm trying to learn PHP and MySQL, and everything was going pretty good until I tried to get a user authentication page that uses a database to hold the user names and passwords. I'm basically using this site (http://www.php-mysql-tutorial.com) as a guide.
After not being able to get the authentication to work, I copied and pasted the source code and tried it. Again, it didn't work.
I saw that when I inserted data into the table, I got a warning, so I used SHOW WARNINGS to see what it was.
I get the error code 1265 "data truncated for column 'user_password' at Row 1"
I tried using both VARCHAR and CHAR, and I made sure that my data was less than the max length (which is 32). So I'm not really sure what the problem is.
Here is the code I am using:
This is the MySQL script I used to create the table and the data entries
CREATE TABLE tbl_auth_user (
user_id VARCHAR(10) NOT NULL,
user_password CHAR(32) NOT NULL,
PRIMARY KEY (user_id)
);
INSERT INTO tbl_auth_user (user_id, user_password) VALUES ('theadmin', PASSWORD('chumbawamba'));
INSERT INTO tbl_auth_user (user_id, user_password) VALUES ('webmaster', PASSWORD('webmistress'));
This is the login page:
<?php
// we must never forget to start the session
session_start();
$errorMessage = '';
if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) {
include 'library/config.php';
include 'library/opendb.php';
$userId = $_POST['txtUserId'];
$password = $_POST['txtPassword'];
// check if the user id and password combination exist in database
$sql = "SELECT user_id
FROM tbl_auth_user
WHERE user_id = '$userId' AND user_password = PASSWORD('$password')";
$result = mysql_query($sql) or die('Query failed. ' . mysql_error());
if (mysql_num_rows($result) == 1) {
// the user id and password match,
// set the session
$_SESSION['db_is_logged_in'] = true;
// after login we move to the main page
header('Location: main.php');
exit;
} else {
$errorMessage = 'Sorry, wrong user id / password';
}
include 'library/closedb.php';
}
?>
<html>
<head>
<title>Basic Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<?php
if ($errorMessage != '') {
?>
<p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p>
<?php
}
?>
<form action="" method="post" name="frmLogin" id="frmLogin">
<table width="400" border="1" align="center" cellpadding="2" cellspacing="2">
<tr>
<td width="150">User Id</td>
<td><input name="txtUserId" type="text" id="txtUserId"></td>
</tr>
<tr>
<td width="150">Password</td>
<td><input name="txtPassword" type="password" id="txtPassword"></td>
</tr>
<tr>
<td width="150"> </td>
<td><input name="btnLogin" type="submit" id="btnLogin" value="Login"></td>
</tr>
</table>
</form>
</body>
</html>
The main.php page just makes sure I am logged in and just has some text in HTML. If you really think you need to see it, you can see the site I posted earlier.
I am using PHP5, if that helps.
So, what is my problem?
After not being able to get the authentication to work, I copied and pasted the source code and tried it. Again, it didn't work.
I saw that when I inserted data into the table, I got a warning, so I used SHOW WARNINGS to see what it was.
I get the error code 1265 "data truncated for column 'user_password' at Row 1"
I tried using both VARCHAR and CHAR, and I made sure that my data was less than the max length (which is 32). So I'm not really sure what the problem is.
Here is the code I am using:
This is the MySQL script I used to create the table and the data entries
CREATE TABLE tbl_auth_user (
user_id VARCHAR(10) NOT NULL,
user_password CHAR(32) NOT NULL,
PRIMARY KEY (user_id)
);
INSERT INTO tbl_auth_user (user_id, user_password) VALUES ('theadmin', PASSWORD('chumbawamba'));
INSERT INTO tbl_auth_user (user_id, user_password) VALUES ('webmaster', PASSWORD('webmistress'));
This is the login page:
<?php
// we must never forget to start the session
session_start();
$errorMessage = '';
if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) {
include 'library/config.php';
include 'library/opendb.php';
$userId = $_POST['txtUserId'];
$password = $_POST['txtPassword'];
// check if the user id and password combination exist in database
$sql = "SELECT user_id
FROM tbl_auth_user
WHERE user_id = '$userId' AND user_password = PASSWORD('$password')";
$result = mysql_query($sql) or die('Query failed. ' . mysql_error());
if (mysql_num_rows($result) == 1) {
// the user id and password match,
// set the session
$_SESSION['db_is_logged_in'] = true;
// after login we move to the main page
header('Location: main.php');
exit;
} else {
$errorMessage = 'Sorry, wrong user id / password';
}
include 'library/closedb.php';
}
?>
<html>
<head>
<title>Basic Login</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<?php
if ($errorMessage != '') {
?>
<p align="center"><strong><font color="#990000"><?php echo $errorMessage; ?></font></strong></p>
<?php
}
?>
<form action="" method="post" name="frmLogin" id="frmLogin">
<table width="400" border="1" align="center" cellpadding="2" cellspacing="2">
<tr>
<td width="150">User Id</td>
<td><input name="txtUserId" type="text" id="txtUserId"></td>
</tr>
<tr>
<td width="150">Password</td>
<td><input name="txtPassword" type="password" id="txtPassword"></td>
</tr>
<tr>
<td width="150"> </td>
<td><input name="btnLogin" type="submit" id="btnLogin" value="Login"></td>
</tr>
</table>
</form>
</body>
</html>
The main.php page just makes sure I am logged in and just has some text in HTML. If you really think you need to see it, you can see the site I posted earlier.
I am using PHP5, if that helps.
So, what is my problem?