Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 5 of 5
  1. #1
    New Coder
    Join Date
    Dec 2008
    Posts
    95
    Thanks
    7
    Thanked 0 Times in 0 Posts

    problem with simple login script

    Hello Everyone, I am trying to create a simple login script. However when I enter a username and password I just get an or die ("Couldn't execute query"). here is my script, any suggestions?

    PHP Code:
    <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Login Form</title>
    </head>

    <body>
    <?php
    /*  Program name: login.php 
     *  Description:  Program processes and validates login.
     */
    ini_set("display_errors","on");
    error_reporting(E_ALL E_STRICT);
    ini_set("include_path","./includes");
    include(
    "dbinfo2.inc");
        if(isset(
    $_POST['submitted']) and $_POST['submitted'] == "yes")
        {
            foreach(
    $_POST as $field => $value)
            {
              if(empty(
    $value))
              {
                  
    $blank_array[] = $field;
              }
              else
              {
                  
    $good_data[$field] = strip_tags(trim($value));
              }
            }
            if(@
    sizeof($blank_array) > 0)
            {
                
    $message "<p style='color: red; margin-bottom: 0; font-weight: bold'>You didn't fill in one or more required fields. You                 
                            must enter: <ul style='color: red; margin-top: 0; list-style: none' >"
    ;
                foreach(
    $blank_array as $value)
                {
                    
    $message .= "<li>$value</li>";
                } 
                
    $message .= "</ul>";
                
                echo 
    $message;
                
    extract($good_data);
                include(
    "form_Login.inc");
                exit();
            }
            else
            {
                  foreach(
    $_POST as $field => $value)
                  {
                    if(
    $field == "username")
                    {
                      
    $myusername $value
                    }
                    elseif(
    $field == "password")
                    {
                      
    $mypassword $value
                    }
                }
                
    $cxn mysqli_connect($host,$user,$passwd,$dbname)
                               or die(
    "Couldn't connect to server");
                
    $clean_data[$field] = strip_tags(trim($value));
                foreach(
    $clean_data as $field => $value)
                {
                    
    $clean_data[$field] = mysqli_real_escape_string($cxn,$value);
                }
                
    $sql "SELECT FROM CustomerInfo WHERE username='$myusername' and password='$mypassword'";
                
    $result mysqli_query($cxn,$sql
                              or die(
    "Couldn't execute query");
                
    $count=mysql_num_rows($result);
                
                if(
    $count==1){
                
    // Register $myusername, $mypassword and redirect to file "login_success.php"
                
    session_register("myusername");
                
    session_register("mypassword"); 
                
    header("location:login_success.php");
                }
                else {
                
    $message "<p style='color: red; margin-bottom: 0; font-weight: bold'>The password or username you entered was incorrect.                            </p>";            
                echo 
    $message;
                include(
    "form_Login.inc");
                exit();
                }
            }
        }
        else {
            include(
    "form_Login.inc");
        }
    ?>
    </body>
    </html>
    Last edited by alexmel7; 09-09-2009 at 09:03 PM. Reason: misspelled title

  • #2
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    2,958
    Thanks
    2
    Thanked 304 Times in 296 Posts
    You can use mysqli_error($cxn) to find out with a query failed (either echo it or put it in your die(...) statement.

    You are not SELECTing anything - SELECT FROM... in your query. You either need a column name, an expression, or a * after the SELECT keyword.
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • #3
    New Coder
    Join Date
    Dec 2008
    Posts
    95
    Thanks
    7
    Thanked 0 Times in 0 Posts
    Thanks, I missed that one (just needed a * after SELECT)! However, now I get the following warning:

    Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/alexmel7/public_html/login.php on line 68

    Also, It echoes "The password or username you entered was incorrect." even if I enter a username and password I know are in my database.

  • #4
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Location
    Denver, Colorado USA
    Posts
    2,958
    Thanks
    2
    Thanked 304 Times in 296 Posts
    You are using mysqli functions, not mysql. You would need to use the mysqli equivalent to the mysql_num_rows.
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.

  • #5
    New Coder
    Join Date
    Dec 2008
    Posts
    95
    Thanks
    7
    Thanked 0 Times in 0 Posts
    Yep, it's just mysqli_num_rows. Thanks!


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •