Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 14 of 14
  1. #1
    New Coder
    Join Date
    Mar 2004
    Posts
    92
    Thanks
    0
    Thanked 0 Times in 0 Posts

    print(); problems please read...

    Code for the form page: (showing you I do have the username and password)

    CODE

    Code:
    <form action="logincheck.php" method="post">
     <table width="229" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#006BB3" style="border:2px solid black">
       <tr bgcolor="#FFFFCC">
         <td colspan="2"><div align="center"><strong>Login</strong></div></td>
       </tr>
       <tr bgcolor="#006BB3">
         <td width="90"><strong><span class="style1">Username:</span></strong></td>
         <td width="139"><input name="username" type="text" id="username"></td>
       </tr>
       <tr bgcolor="#006BB3">
         <td><strong>Password:</strong></td>
         <td><input name="password" type="text" id="password"></td>
       </tr>
       <tr>
         <td>&nbsp;</td>
         <td><div align="right">
           <input type="submit" name="Submit" value="Login">
         </div></td>
       </tr>
     </table>
    </form>



    Coding for matching the variables to database. IF found then print("Welcome usernamehere");


    CODE

    PHP Code:
    <?php
    session_start
    ();
    header("Cache-control: private"); //IE6 Fix
    /* Connecting */
    // Variables for the database access + table information:
    //not show here for security purposes

    $link mysql_connect($Host$User$Password);

    // Running the Query //
    $Query "SELECT * FROM $TableName WHERE Login_Name = '" $_POST['username'] & "' AND Login_Password = '" $_POST['password'] & "'";
    $Result mysql_db_query ($DBName$Query$Link);

    // Checking if info matches database results //
    print("$_POST['username'] && $_POST['password']"); //used for error trapping
    while($Row mysql_fetch_array($Result)){
        print(
    "row"); //use for error trapping
        
    if($_POST['username'] == $Row["Login_Name"] && $_POST['password'] == $Row["Login_Password"]) {
            print(
    "Welcome $_POST['username']");
        }
        Else {
            print(
    "Couldn't find you in the database");
        }
    }
    mysql_close ($link);
    ?>


    I used two prints for error trapping the first one is:
    PHP Code:
    print("$_POST['username'] && $_POST['password']"); //use for error trapping 
    which is supposed to grab the the username and password in the top form code, and the second:
    PHP Code:
    print("row"); //use for error trapping 
    which is supposed to print out row as many time as the rows I have. Well, That's not being printed out. Which brings me to thinking maybe the query syntax isn't correct:
    PHP Code:
    $Query "SELECT * FROM $TableName WHERE Login_Name = '" $_POST['username'] & "' AND Login_Password = '" $_POST['password'] & "'"
    or that could be correct and the $_POSTs aren't working.

    I have no clue. Sorry for such a long post but I didn't want to fill multiple threads and just ask all at once in one thread. Thank you for your time

    -Thanks,
    Rich

  • #2
    Senior Coder missing-score's Avatar
    Join Date
    Jan 2003
    Location
    UK
    Posts
    2,194
    Thanks
    0
    Thanked 0 Times in 0 Posts
    could it be that you are selecting from the database only where the username and password are equal to the post variables?

  • #3
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,040
    Thanks
    10
    Thanked 92 Times in 90 Posts
    ..a few things , as missing-score points out , if you are SELECTing against the username and password fields , you are only going to receive 1 row maximum from the database so you do not need to loop through it , you simply need to check if you actually got a result or not ...

    PHP Code:
    <?
    session_start
    ();
    header("Cache-control: private"); //IE6 Fix
    ?>
    note that mysql_db_query() is depracated ,
    use mysql_select_db() and mysql_query() instead 
    <?
    $link 
    mysql_connect($Host$User$Password);
    mysql_select_db($DBname);

    $Query "
        SELECT * FROM $TableName 
        WHERE Login_Name = '"
    .$_POST['username']."' 
        AND Login_Password = '"
    .$_POST['password']."'
        "
    ;
    $Result mysql_query $Query $Link ) ;

    echo 
    $_POST['username'].' && '.$_POST['password'];
    ?>
    If we got a result of any sort , fetch the row , else don't bother
    <?
    if(@mysql_num_rows($Result)){
        
    $Row mysql_fetch_array($Result) ;
        
    print_r($Row);
        echo 
    'Welcome' .$_POST['username'] ;
     }else{
          echo 
    'Couldn\'t find you in the database' ;
    }
    ?>
    note also that depending on your PHP version you can substitute ..

    $Query = "
    SELECT * FROM $TableName
    WHERE Login_Name = '".$_POST['username']."'
    AND Login_Password = '".$_POST['password']."'
    ";

    for

    $Query = "
    SELECT * FROM $TableName
    WHERE Login_Name = '{$_POST['username']}'
    AND Login_Password = '{$_POST['password']}'
    ";
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #4
    New Coder
    Join Date
    Mar 2004
    Posts
    92
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Well what I wanted to do was scan through the database and if the username and password matches then do something...

    if($link = mysql_connect ($Host, $User, $Password)) {
    print("Connected to database");
    print("$_POST["username"] $_POST["password"]");
    }

    Another issue i ran across is the $_POST syntax problem. I'm not too sure why $username and $password works but $_POST["username"] and $_POST["password"] doesn't work. Thanks for the help.

    -peace,
    Rich

  • #5
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,040
    Thanks
    10
    Thanked 92 Times in 90 Posts
    <edit>
    regardless of the below
    print("$_POST["username"] $_POST["password"]");
    is wrong and will cause a parse error
    you have to
    print($_POST['username']. " " . $_POST['password']);
    or (if you have a later version of PHP)
    print("{$_POST['username']} {$_POST['password']}");
    </edit>


    what verision of PHP are you running ? <?echo phpversion();?>

    if <=4.06 , at the top of your scripts add this ..
    PHP Code:
    <?
    $_POST
    =$HTTP_POST_VARS;
    ?>
    you could also use the echo $HTTP_POST_VARS['varname'] ; syntax but that too is depracated , using the above will future proof your scripts.
    Last edited by firepages; 05-01-2004 at 02:27 AM.
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #6
    New Coder
    Join Date
    Mar 2004
    Posts
    92
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Great! eheh even before you posted back i was playing around with the syntax and did what you said: print($_POST['username']. " " . $_POST['password']); and it worked. Except, I'm still getting Query couldn't not execute on the page. I used an if statement to see if the query executed and it didn't. Hrm, I check my database and there is a database called maxforcepc and a table called adminaccounts, and there also are two columns called Login_Name and Login_Password. I'm stumped....

    edit:
    I also recieved a print out of both my username and password that i entered in the html form so the variables are correct and getting set.
    -Thanks,
    Rich
    Last edited by DiarYofaMadmaN; 05-01-2004 at 03:01 AM.

  • #7
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,040
    Thanks
    10
    Thanked 92 Times in 90 Posts
    hi use MySQL to let you know whats wrong .. after any MySQL command you can call mysql_error() to get the last returned error message ...

    PHP Code:
    <?
    $Result 
    mysql_query $Query $Link ) or die(mysql_error());
    ?>
    see what that produces .
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #8
    New Coder
    Join Date
    Mar 2004
    Posts
    92
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Quote Originally Posted by firepages
    hi use MySQL to let you know whats wrong .. after any MySQL command you can call mysql_error() to get the last returned error message ...

    PHP Code:
    <?
    $Result 
    mysql_query $Query $Link ) or die(mysql_error());
    ?>
    see what that produces .
    it doesn't produce anything, now my page comes up with nothing.. So there's a parse error somewhere which is probably at: $Result = mysql_query ( $Query , $Link ) or die(mysql_error()); .... By the way my PHP version is: 4.3.3. I even tried echo mysql_error(); on it's own seperate line but it didn't print out anything. I'm assuming that means there is no error?
    Last edited by DiarYofaMadmaN; 05-01-2004 at 03:39 AM.

  • #9
    New Coder
    Join Date
    Mar 2004
    Posts
    92
    Thanks
    0
    Thanked 0 Times in 0 Posts
    PHP Code:
    $link mysql_connect($Host$User$Password); 
    mysql_select_db($DBname$link); 

    $Query 
        SELECT * FROM $TableName  
        WHERE Login_Name = '"
    .$_POST['username']."' 
        AND Login_Password = '"
    .$_POST['password']."' 
        "
    ;

    $result mysql_query($Query$link);
    $num_rows mysql_num_rows($result);

    echo 
    "$num_rows Rows\n"
    I did that to see how many rows came back matching the info I posted on the form. I went and added the user name Test and password Test to the database. if you go to www.maxforcepc.com/edit/login.php and insert Test in the username and Test in the password field and click login, it only shows Row and nothing else. Do you think the Query is wrong? How can I fix this problem?

  • #10
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,040
    Thanks
    10
    Thanked 92 Times in 90 Posts
    try this to get an error message of some sort..
    PHP Code:
    <?
    $link 
    mysql_connect($Host$User$Password)or die(mysql_error());
    mysql_select_db($DBname$link) or die(mysql_error());

    $Query "  
        SELECT * FROM $TableName   
        WHERE Login_Name = '"
    .$_POST['username']."' 
        AND Login_Password = '"
    .$_POST['password']."' 
        "


    $result mysql_query($Query$link)or die(mysql_error());

    if(@
    mysql_num_rows($result)){
        
    print_r(mysql_fetch_assoc($result));
    }else{
       echo 
    "username & password not found or incorrect";
    }
    ?>
    Last edited by firepages; 05-01-2004 at 07:09 AM.
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)

  • #11
    New Coder
    Join Date
    Mar 2004
    Posts
    92
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Thanks for the hint! I had a syntax error :-) It said Database not selected so I went and looked up the function and found out i was missing the $DBname :-). I added that and it works great! Thanks agian :-)

    Now, I'm back to my same problem as before... The only reason why I wanted to print out how many rows matched the query is to check if my query is correct and it is...

    My code now is:
    PHP Code:
    $link mysql_connect ($Host$User$Password);  

    $Query 
        SELECT * FROM $TableName  
        WHERE Login_Name = '"
    .$_POST['username']."' 
        AND Login_Password = '"
    .$_POST['password']."' 
        "
    ;

    $result mysql_query ($DBName$Query$link);

    if(@
    mysql_num_rows($Result)) {
        
    print_r(mysql_fetch_assoc($result));  
        echo 
    'Welcome' .$_POST['username']; 
    } else { 
        echo 
    'Access denied.  Could not find that account. Please click back and try agian.'

    I still recieve:
    Access denied. Could not find that account. Please click back and try agian. ahk this is driving me up the wall but I will figure it out with some help problem ehhh.. If you can help me agian that would be greatly appreciated :-)

    I'm thinking maybe i'm not supposed to be using mysql_num_rows because that gets the number of rows affected by the query? Or am I wrong?
    -Thanks,
    Rich
    Last edited by DiarYofaMadmaN; 05-01-2004 at 11:56 PM.

  • #12
    New Coder
    Join Date
    Mar 2004
    Posts
    92
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Well i fixed the problem I used:

    PHP Code:
    $link mysql_connect ($Host$User$Password);  

    $Query 
        SELECT * FROM $TableName  
        WHERE Login_Name = '"
    .$_POST['username']."' 
        AND Login_Password = '"
    .$_POST['password']."' 
        "
    ;
    $Result mysql_db_query ($DBName$Query$link);

    if ((
    mysql_numrows($Result) > 0)) {
        echo 
    'worked';

    and that worked wonders. I really don't undersatnd why I was having such a hard time the other way...

    -peace

  • #13
    Senior Coder missing-score's Avatar
    Join Date
    Jan 2003
    Location
    UK
    Posts
    2,194
    Thanks
    0
    Thanked 0 Times in 0 Posts
    As has already been mentioned, you should use mysql_select_db() and mysql_query(), not mysql_db_query().

    This is how you should rewrite the code:

    PHP Code:
    $link mysql_connect ($Host$User$Password);  
    mysql_select_db($DBName$link);

    $Query 
        SELECT * FROM $TableName  
        WHERE Login_Name = '"
    .$_POST['username']."'
        AND Login_Password = '"
    .$_POST['password']."'
        "
    ;
    $Result mysql_query ($Query);

    if ((
    mysql_numrows($Result) > 0)) {
        echo 
    'worked';


  • #14
    New Coder
    Join Date
    Mar 2004
    Posts
    92
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Ok cool, it's all changed now...


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •