Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 8 of 8
  1. #1
    Regular Coder
    Join Date
    Jul 2011
    Posts
    141
    Thanks
    8
    Thanked 0 Times in 0 Posts

    PHP account login help

    So basically in account.php, I want to do a SELECT*FROM users WHERE email=$email.....and display first name and last name
    Here are all the files associated with the login/account. i would appreciate the help


    dologin.php

    PHP Code:
    <?php
    include("dbsettings.php");
    mysql_connect("$host""$username""$password")or die("cannot connect"); 
    mysql_select_db("$db_name")or die("cannot select DB");
     
    $username mysql_real_escape_string($_POST['username']);
    $password md5(mysql_real_escape_string($_POST['password']));

    $sql="SELECT * FROM `user` WHERE `username`='{$username}' AND `password`='{$password}'";
    $result=mysql_query($sql);
     
    // do the check
    if($result)
    {
        if(
    mysql_num_rows($result) == 1)
        {
            
    $_SESSION['username'];
            
    $_SESSION['password'];
             
            
    header("location: account.php");
                exit();
        }
        else
        {
          echo 
    "Wrong username/password.";
        }
    }
    else
    {
        echo 
    "The query is not true.";
    }
    ?>
    login.php

    PHP Code:
    <html xmlns="http://www.w3.org/1999/xhtml">
    <
    head>
    <
    meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <
    titleLogin</title>
    </
    head>
    <
    body>
     
    <
    form method="POST" action="dologin.php">
      
    Username: <br /><input type="text" name="username" size="30" style="width:250px; height:50px;  font-size: 18px;"> <br />
      
    Password:<br /><input type="password" name="password" size="30" style="width:250px; height:50px; font-size: 18px;">
      <
    br /> <br />
      <
    div align="left">
        <
    p><input type="submit" value="Login" /></p>
        
    Don't have an account?<a href="signup.php"> Signup </a>
        
     
    </body>
    </html> 
    account.php
    PHP Code:
    <?php session_start(); ?>
    <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <title>Account Dashboard</title>
    </head>
    <body>
    <?php
    include('dbsettings.php');

    $con mysql_connect("$host","$user","$password");
    if (!
    $con)
      {
      die(
    'Could not connect: ' mysql_error());
      }

    mysql_select_db("$db_name"$con);
    $username$_POST['username'];

    $sql="SELECT * FROM `user` WHERE `username`='{$username}'";

    $result mysql_query("$sql");

    while(
    $row mysql_fetch_array($result))
      {
      echo 
    $row['firstname'] . " " $row['lastname'];
      echo 
    "<br />";
      }

    mysql_close($con);
    ?>
    <a href="logout.php"> Log Out </a>
    </body>
    </html>

  2. #2
    Supreme Master coder!
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    10,207
    Thanks
    10
    Thanked 1,167 Times in 1,158 Posts
    So what is the problem or question ....?
    We can't run your scripts, so what are we supposed to do?


    .

  3. #3
    Regular Coder
    Join Date
    Jul 2011
    Posts
    141
    Thanks
    8
    Thanked 0 Times in 0 Posts
    account.php is not selecting correctly

    $sql="SELECT * FROM `user` WHERE `username`='{$username}'";

  4. #4
    Supreme Master coder!
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    10,207
    Thanks
    10
    Thanked 1,167 Times in 1,158 Posts
    Make sure $username has something in it ... test it before you query.

    echo $username;
    exit;


    and remove brackets.

    $sql="SELECT * FROM `user` WHERE `username`='$username'";

    and remove quotes ...

    $result = mysql_query($sql);



    .

  5. #5
    Regular Coder
    Join Date
    Jul 2011
    Posts
    141
    Thanks
    8
    Thanked 0 Times in 0 Posts
    Ok well the $username echo didn't work, how can i fix this, remove brackets and quotes

  6. #6
    Regular Coder
    Join Date
    Sep 2011
    Posts
    128
    Thanks
    2
    Thanked 21 Times in 21 Posts
    PHP Code:
    <?php
    // session_start(); // Uncomment this line if you don't have a session_start
    include("dbsettings.php"); 
    mysql_connect("$host""$username""$password")or die("cannot connect");  
    mysql_select_db("$db_name")or die("cannot select DB"); 
      
    $username mysql_real_escape_string($_POST['username']); 
    $password md5(mysql_real_escape_string($_POST['password'])); 

    $sql="SELECT * FROM `user` WHERE `username`='{$username}' AND `password`='{$password}'"
    $result=mysql_query($sql); 
      
    // do the check 
    if($result

        if(
    mysql_num_rows($result) == 1
        { 
            
    $_SESSION['username'] = $username// Editted
            
    $_SESSION['password'] = $password// Editted 
              
            
    header("location: account.php"); 
                exit(); 
        } 
        else 
        { 
          echo 
    "Wrong username/password."
        } 

    else 

        echo 
    "The query is not true."

    ?>
    PHP Code:
    <?php session_start(); ?> 
    <html xmlns="http://www.w3.org/1999/xhtml"> 
    <head> 
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> 
    <title>Account Dashboard</title> 
    </head> 
    <body> 
    <?php 
    include('dbsettings.php'); 

    $con mysql_connect("$host","$user","$password"); 
    if (!
    $con
      { 
      die(
    'Could not connect: ' mysql_error()); 
      } 

    mysql_select_db("$db_name"$con); 
    $username$_SESSION['username']; // Editted

    $sql="SELECT * FROM `user` WHERE `username`='{$username}'"

    $result mysql_query("$sql"); 

    while(
    $row mysql_fetch_array($result)) 
      { 
      echo 
    $row['firstname'] . " " $row['lastname']; 
      echo 
    "<br />"
      } 

    mysql_close($con); 
    ?> 
    <a href="logout.php"> Log Out </a> 
    </body> 
    </html>

  7. Users who have thanked Wanna for this post:

    amcf1992 (09-17-2011)

  8. #7
    Supreme Master coder!
    Join Date
    Jun 2003
    Location
    Cottage Grove, Minnesota
    Posts
    10,207
    Thanks
    10
    Thanked 1,167 Times in 1,158 Posts
    I just noticed this ...

    These lines:

    // session_start(); // Uncomment this line if you don't have a session_start
    include("dbsettings.php");
    mysql_connect("$host", "$username", "$password")or die("cannot connect");
    mysql_select_db("$db_name")or die("cannot select DB");

    $username = mysql_real_escape_string($_POST['username']);
    $password = md5(mysql_real_escape_string($_POST['password']));



    You need to read-in the variables first ...

    // session_start(); // Uncomment this line if you don't have a session_start
    include("dbsettings.php");

    $username = mysql_real_escape_string($_POST['username']);
    $password = md5(mysql_real_escape_string($_POST['password']));

    mysql_connect("$host", "$username", "$password")or die("cannot connect");
    mysql_select_db("$db_name")or die("cannot select DB");





    .

  9. #8
    Senior Coder
    Join Date
    Jul 2011
    Posts
    1,226
    Thanks
    3
    Thanked 171 Times in 171 Posts
    Quote Originally Posted by mlseim View Post
    I just noticed this ...

    These lines:

    // session_start(); // Uncomment this line if you don't have a session_start
    include("dbsettings.php");
    mysql_connect("$host", "$username", "$password")or die("cannot connect");
    mysql_select_db("$db_name")or die("cannot select DB");

    $username = mysql_real_escape_string($_POST['username']);
    $password = md5(mysql_real_escape_string($_POST['password']));



    You need to read-in the variables first ...

    // session_start(); // Uncomment this line if you don't have a session_start
    include("dbsettings.php");

    $username = mysql_real_escape_string($_POST['username']);
    $password = md5(mysql_real_escape_string($_POST['password']));

    mysql_connect("$host", "$username", "$password")or die("cannot connect");
    mysql_select_db("$db_name")or die("cannot select DB");





    .
    It appears that dbsettings.php that's included has the mysql information in it, and his mysql information to connect etc. isn't working so I wouldn't make any changes like that.

    Like Wanna posted, and what mlseim means, the OP needs to add a assignment to $username as there's currently nothing in it.

    @amcf1992 - look at Wanna's posted code, and see the line commented '// Edited'


 

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •