princeofpersia

what do u mean?

I get this Array ( => )

Hi guys, I have a page where users can login, code below doesnt register sessions for my page I have session_start and ob_start on my db.php page and also added to this page but still can not get the session, I dont get any sytanx or include errors and everything is fine with database in terms of my registered email and password I would appreciate if you can see where I have made mistake, Thanks in advance <?php //ob ob_start(); //session session_start(); include ('../../include/db/connecttodb.php'); $session_email = $_SESSION['email']; ?> <!--Header starts here--> <?php include ('../../include/content/header.php'); include ('../../include/config/detect.php'); ?> <div id="breadcrumbs"><div id="text"><?php include($_SERVER['DOCUMENT_ROOT']."/backlinks.php"); ?></div></div><br/> <div id="pagetitleholder"><div id="pagetitle"> <h1>Login</h1></div></div> <!--Main body begins here--> <div id="maincontentbody"> <br /> <div id="logincontainer"> <div id="pagelogin"> <?php if(isset($session_email)) { echo"<a href='' class='minibutton'><span>Visit Your Profile</span></a>"; } else { if (isset($_POST['login'])) { $myemail=addslashes($_POST['email']); $mypass=addslashes($_POST['password']); if(!$myemail || !$mypass) echo"<div id='error'>Please enter both Email & Password</div><br/>"; else { $pass=md5($mypass); ///Check if account is active $mygets=sprintf('SELECT * FROM users WHERE myemail="%s" AND active="%s"', mysql_real_escape_string($myemail), mysql_real_escape_string($active)); $result = mysql_query($mygets); while($check_row=mysql_fetch_array($result)){ $myactive=$check_row['active']; } if ($myactive=0) echo "<div id='error'>Please activate your account before login</div><br/>"; else { $mylogin=sprintf('SELECT * FROM users WHERE myemail="%s" AND password="%s"', mysql_real_escape_string($myemail), mysql_real_escape_string($pass)); $resultlogin = mysql_query($mylogin); if(mysql_num_rows($resultlogin)>=1) { $_SESSION['email']=$email; //assign session //header("Location: ../profile/index.php"); //refresh echo"$email"; } else echo"<div id='error'>Your email is not registered with us!</div><br/>"; } } } echo"<div id='#logintitle'> <h2>Already Registered? Sign In Now</h2><br/></div> <div id='loginformbody'> <form name='login' action='' method='post'> <label for='email'>Email:</label><input type='text' name='email'/><br/> <label for='password'>Password:</label><input type='password' name='password' /><br/> <div id='logbtncon'> <input type='submit' name='login' class='logbtn' value='Log in'/> <a href='../recovery/'>Forgotton Password?</a> </div> </form> </div> "; }; ?> </div> <div id="notregistered"></div> </div> </div> <!--Main body ends here--> <!--Footer starts here--> <?php include ('../../include/content/footer.php') ?> <?php ob_flush(); ?>

Unknown column 'user_email' in 'where clause'

thanks, this is what i get .commysql_error()

this is what i have done and this is the error i get, error2 $mygets=sprintf("SELECT * FROM users WHERE user_email='%s'", mysql_real_escape_string($myemail)) or die('Error 1'); $result = mysql_query($mygets) or die('Error 2');

Thanks, I have changed it as you mentioned but still getting the same error. any ideas?

Thanks but what do u mean? if this is not a good way then how i should approach it?

Hi guys, I have a registeration page where i get two errors for mysql_num_rows and my_sql_fetch arrays, I have checked the connection and it works fine (I dont get any error for that) and my table name is users with this fields user_id user_email user_password country and the error i get is for both that mysql_fetch_array(): supplied argument is not a valid MySQL result resource in..... and Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in.... could you help me with this please to see where the mistake is? Thank you all in advance <?php //ob ob_start(); //session session_start(); //connect to database $error = "Problem connecting"; mysql_connect('localhost','','') or die($error); mysql_select_db('') or die($error); ?> <!--Header starts here--> <?php include ('../../include/content/header.php'); include ('../../include/config/detect.php'); ?> <div id="breadcrumbs"><div id="text"><?php include($_SERVER['DOCUMENT_ROOT']."/backlinks.php"); ?></div></div><br/> <div id="pagetitleholder"><div id="pagetitle"><h1>Create Account</h1></div></div> <!--Main body begins here--> <div id="maincontentbody"> <div id="regformbody"> <h2>Why Register? </h2> <div id="blueline"></div><br/> <?php if (isset($_POST['create_account']) && isset($_POST['create_account'])) { $myname=mysql_real_escape_string($_POST['firstname']); $mylastname=mysql_real_escape_string($_POST['lastname']); $myemail=mysql_real_escape_string($_POST['email']); $myconfirmemail=mysql_real_escape_string($_POST['confirmemail']); $mypassword=mysql_real_escape_string($_POST['password']); $confirmpassword=mysql_real_escape_string($_POST['confirmpassword']); if(!$myname || !$mylastname || !$myemail || !$myconfirmemail || !$mypassword || !$confirmpassword){echo "<div id='regerror'>All fields are required</div>";} else ///// if (ereg('[0-9]', $myname)) {echo "<div id='regerror'>First Name should contain only letters</div>";} else if (ereg('[0-9]', $mylastname)) {echo "<div id='regerror'>Last Name should contain only letters</div>";} else if(strlen($myname)<3){echo "<div id='regerror'>Your first name should contain 3 or more letters</div>";} else if(strlen($mylastname)<3){echo "<div id='regerror'>Your first name should contain 3 or more letters</div>";} else ///// Check email validity if (!ereg("^[^@]{1,64}@[^@]{1,255}$", $myemail)) { echo "<div id='regerror'>This email is not valid, Please insert a valid email address!</div>"; } else ////// Check Email Address ////////// if ($myemail != $myconfirmemail) {echo "<div id='regerror'>Your emails do not match, Please try again!</div>";} //////////////////////////// else echo"$myemail"; $ge=sprintf("SELECT * FROM users WHERE user_email='%s'", mysql_real_escape_string($myemail)); while($row=mysql_fetch_array($ge)){ $myemail= $row['user_email']; echo"$myemail"; } if (mysql_num_rows($ge)==1){echo "<div id='regerror'>This email has been already registered in our records, Please click here to request a passoword</div>";} if ($mypassword != $confirmpassword) {echo "<div id='regerror'>Your Passwords do not match, Please try again!</div>";} else $firstname=ucfirst($myname); $lastname=ucfirst($mylastname); } ?> <p><form class="regform" action="" method="post" name="regform"> <label for="firstname">First Name</label><input type="text" name="firstname" title="Enter your first name"/><br/> <label for="lastname">Last Name</label><input type="text" name="lastname" title="Enter your last name"/><br/> <label for="email">Email</label><input type="email" name="email" title="Enter your email address"/><br/> <label for="confirmemail">Confirm Your Email</label><input type="email" name="confirmemail" title="Confirm your email address"/><br/> <label for="password">Choose a Password</label><input type="text" name="password" title="Must be 6 to 15 characters"/><br/> <label for="confirmpassword">Confirm a Password</label><input type="text" name="confirmpassword" title="Must be 6 to 15 characters"/><br/> <p><div id="acceptterms">By clicking on the "Create Your Account" button below, I certify that I have read and agree to JPG <a href="terms/terms.php" title="Terms and Conditions" target="_new">Terms and Conditions</a> and <a href="/terms/privacy.php" title="Privacy Policy" target="_new">Privacy Policy</a>.</div></p> <div id="regbtncontainer"> <input type="submit" name="create_account" value="Create an Account" class="regbtn"/> </div> </form></p> </div> </div> <!--Main body ends here--> <!--Footer starts here--> <?php include ('../../include/content/footer.php') ?> <?php ob_flush(); ?>

i meant indefinit

Thanks for information but even tho when i have it on my first line of code, it again has the same error, one new thing i just found out was that if i change if($countrycode=="US") {header("Location: http://www.us.mydomain.com"); } else if($countrycode=="GB") {header("Location: http://www.uk.mydomain.com"); } to if($countrycode=="US") {header("Location: http://www.us.mydomain.com"); } else if($countrycode=="GB") {header("Location: http://www.us.mydomain.com"); } it redirects me to US subdomain, but if I visit UK page with UK IP it gives me the error. I think there is definit loop going on here but have no idea where.

what do u mean?

Hi guys, I have a page which is included in all my page, what this page does is getting all ip ranges from database and refirecting users based on their ip address. Issue here is that all type of browsers tell me that there are too many redirections, I have used <?php ob_flush(); ?> & <?php ob_start();?> for all pages, my friends have also checked it from different computer and network with cleared browser cache and cookies but it is still the same, getting too many redirection error I have the code below and I would appreciate if someone helps me to see what other alternatives are, thank you all in advance ERROR: and this is the code where ips are checked <?php ob_start(); // Replace this MYSQL server variables with actual configuration $mysql_server = "localhost"; $mysql_user_name = "prince"; $mysql_user_pass = "gfgjfkdgjlkfdjk"; // Retrieve visitor IP address from server variable REMOTE_ADDR // Convert IP address to IP number for querying database // Connect to the database server $link = mysql_connect($mysql_server, $mysql_user_name, $mysql_user_pass) or die("Could not connect to MySQL database"); // Connect to the IP2Location database mysql_select_db("prince") or die("Could not select database"); $ip=$_SERVER["REMOTE_ADDR"]; $clearip= str_replace(".", "", $ip); echo $clearip; $list=mysql_query("SELECT * FROM ip WHERE $clearip<=endsto AND $clearip>=startfrom") or die("Finding your location failed"); if (mysql_num_rows($list)==0) { //header("Location: http://www.mydomain.com/country.php"); } else ///////////////////////////------ Countries Redirection Starts Here -----////////////////////////////////////////////////// while ($row=mysql_fetch_array($list)){ $countrycode=$row['countrycode']; $countryname=$row['countryname']; } echo $countrycode; echo $countryname; if($countrycode==US) {header("Location: http://www.us.mydomain.com"); } if($countrycode==GB) {header("Location: http://www.uk.mydomain.com"); } ob_flush(); ?> and this is the example page where i have included it <?php ob_start();?> <!--Header starts here--> <?php include ('http://www.uk.mydomain.com/include/content/header.php') ?> <div id="breadcrumbs"><div id="text"><?php include($_SERVER['DOCUMENT_ROOT']."/backlinks.php"); ?></div></div><br/> <div id="pagetitleholder"><div id="pagetitle"><h1>Create Account</h1></div></div> <?php include_once ('../../include/config/detect.php') ?> <!--Footer starts here--> <?php include ('http://www.uk.mydomain.com/include/content/footer.php') ?> <?php ob_flush(); ?> thanks

thanks mate, when im done with this test, I would definitly follow your advise for my final dev. Thanks

Thanks, but thats not the issue, ;lets assume we working with normal digits and not IPs, what is wrong in the code that causes mysql query to fail? This is just an experiment, and im not worry if im using ip or normall digits, the issue here is that why mysql query cant find my ip (as a digit) in my db? Thanks

Hi guys, im trying to create a functionality where I can direct my users to their own folder. for example, if my user is from uk, they will be redirected uk.mydomain.com my current ip address is 87.194.123.198 and i have created a table called ip with four fields, please see attached image in my php, I am getting connected to database but when in my mysql query there is something wrong. I have inserted only one ip range which my ip is in within it. But I get the error "Finding your location failed" (this is a or die statement in my query). I am going to have my ip ranges without dots, I have no idea where the mistake it. my php code is below, I have followed the ip2location tutorial but I'd like to use this experiment as learning curve. I do appreciate your time and many thanks in advance, <? $mysql_server = "localhost"; $mysql_user_name = "princeofpersia"; $mysql_user_pass = "fgdjk4588@@!5"; $link = mysql_connect($mysql_server, $mysql_user_name, $mysql_user_pass) or die("Could not connect to MySQL database"); mysql_select_db("myipexp") or die("Could not select database"); $ip=$_SERVER["REMOTE_ADDR"]; $clearip= str_replace(".", "", $ip); echo $clearip; $list=mysql_query("SELECT * FROM ip WHERE $clearip<=to AND $clearip>=from") or die("Finding your location failed"); if (mysql_num_rows($list)==0) { header("Location: country.php"); } else ///////////////////////////------ Countries Redirection Starts Here -----////////////////////////////////////////////////// while ($row=mysql_fetch_array($list)){ $countrycode=$row['code']; $countryname=$row['country']; } echo $countrycode; echo $countryname; ?> [attachment deleted by admin]

thanks for reply, much appreciated however, made anther connection to my db and now I have db connection in same file (index.php) and this is the error i get Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/user/public_html/3343/Account/Create/index.php on line 23 any thoughts?

Hi guys, I have a php file where users can register, when I have the code below, it easily echos out the $firstname include ('../includes/db/connecttodb.php') if (isset($_POST['signup']) && isset($_POST['signup'])) { $firstname =$_POST['firstname']; echo"$firstname"; } BUT, when I have the same code with mysql_real_escape_string, it give me error below is the code: include ('../includes/db/connecttodb.php') if (isset($_POST['signup']) && isset($_POST['signup'])) { $firstname =mysql_real_escape_string($_POST['firstname']); echo"$firstname"; } and this is my error Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'user'@'localhost' (using password: NO) in /home/user/public_html/3343/Account/Create/index.php on line 23 any ideas? I have even inserted query to my db, so its not the connection, the error appears when I have mysql_real_escape_string added to my variable Thanks in advance

worked like charm, u r an start Ken, thanks mate

thanks ken, ill give it a try

any one?

Hi guys, I had my code working fine as a login page untill I added sprintf and mysql_real_escape_string and since then when i test the form to login, server keep loading and then come up with this msg Fatal error: Maximum execution time of 30 seconds exceeded in ../Dashboard/index.php on line 35 which is (Line 35) I have my code below, can u please help me what is wrong? im coding in dreamweaver and it doesnt have any error in there. <?php include ('includes/db/db.php'); ?> <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8" /> <title></title> <link rel="stylesheet" href="./css/reset.css" type="text/css" media="screen" title="no title" /> <link rel="stylesheet" href="./css/text.css" type="text/css" media="screen" title="no title" /> <link rel="stylesheet" href="./css/form.css" type="text/css" media="screen" title="no title" /> <link rel="stylesheet" href="./css/buttons.css" type="text/css" media="screen" title="no title" /> <link rel="stylesheet" href="./css/login.css" type="text/css" media="screen" title="no title" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /></head> <body> <div id="login"> <h1>Dashboard</h1> <?php if (isset($_POST['login']) && $_POST['login']){ $email=addslashes(strip_tags($_POST['email'])); $in_password=addslashes(strip_tags($_POST['password'])); $pin=addslashes(strip_tags($_POST['pin'])); $password=md5($in_password); if (!$email || !$in_password || !$pin) echo "<div class='error'>Please fill all required fields</div>"; else{ $getpin=sprintf("SELECT * FROM users WHERE UserEmail='%s' AND UserPassword='%s'", mysql_real_escape_string($email) , mysql_real_escape_string($password)); while($row=mysql_fetch_array(mysql_query($getpin))){ $pin_email=$row['UserEmail']; $pin_id=$row['UserId']; $pin_company_id=$row['company_id']; $pass=$row['UserPassword']; } $get=sprintf("SELECT pin FROM company WHERE company_id='%s' AND active='%s'", mysql_real_escape_string($pin_company_id), mysql_real_escape_string(1)) ; while($row=mysql_fetch_array(mysql_query($get))){ $pin_num= $row['pin']; } if($password==$pass && $pin_num==$pin && $email==$pin_email) { echo"success"; } else { echo "<div class='error'>Login Failed, Login details are incorrect!</div>"; } } } ?> <div id="login_panel"> <form action="" method="post" accept-charset="utf-8" /> <div class="login_fields"> <div class="field"> <label for="email">Email</label> <input type="text" name="email" value="" id="email" tabindex="1" placeholder="email@example.com" /> </div> <div class="field"> <label for="password">Password <small><a href="forgotpassword.php">Forgot Password?</a></small></label> <input type="password" name="password" value="" id="password" tabindex="2" placeholder="password" /> <div class="field"> <label for="pin">Pin Number</small></label><input type="password" name="pin" value="" id="password" tabindex="2" placeholder="pin"/> </div> </div> </div> <!-- .login_fields --> <div class="login_actions"> <input type="submit" name="login" value="Login" class="btn btn-grey"/> </div> </form> </div> <!-- #login_panel --> </div> <!-- #login --> </body> </html> thanks you all in advance.

found the solution, I have brackets for my else statement now, thanks for you time

so what do u think i should do?

Hi guys I am doinga login form for an organization, this form has email, password and pin If user fills all the fields it will execute the query fine but if user doesnt enter the pin it will come up with an error, the issue is that this pin is not included anywhere in mysql_query I have. Query tries to get the company id from db and echo it out, so if I dont enter the pin I get the error I have echoes out and another system error which is and my line 35 is while($row=mysql_fetch_array($getpin)){ here is my code <?php include ('includes/db/db.php'); ?> <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8" /> <title>Login | Careers Inbox Dashboard Admin</title> <link rel="stylesheet" href="./css/reset.css" type="text/css" media="screen" title="no title" /> <link rel="stylesheet" href="./css/text.css" type="text/css" media="screen" title="no title" /> <link rel="stylesheet" href="./css/form.css" type="text/css" media="screen" title="no title" /> <link rel="stylesheet" href="./css/buttons.css" type="text/css" media="screen" title="no title" /> <link rel="stylesheet" href="./css/login.css" type="text/css" media="screen" title="no title" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /></head> <body> <div id="login"> <h1>Dashboard</h1> <?php if (isset($_POST['login']) && $_POST['login']){ $email=addslashes(strip_tags($_POST['email'])); $in_password=addslashes(strip_tags($_POST['password'])); $pin=addslashes(strip_tags($_POST['pin'])); $password=md5($in_password); if (!$email || !$in_password || !$pin) echo "<div class='error'>Please fill all required fields</div>"; else $getpin=mysql_query("SELECT * FROM users WHERE UserEmail='$email' AND UserPassword='$password'"); while($row=mysql_fetch_array($getpin)){ $pin_email=$row['UserEmail ']; $pin_id=$row['UserId']; $pin_company_id=$row['company_id']; } echo "$pin_company_id"; } ?> <div id="login_panel"> <form action="" method="post" accept-charset="utf-8" /> <div class="login_fields"> <div class="field"> <label for="email">Email</label> <input type="text" name="email" value="" id="email" tabindex="1" placeholder="email@example.com" /> </div> <div class="field"> <label for="password">Password <small><a href="forgotpassword.php">Forgot Password?</a></small></label> <input type="password" name="password" value="" id="password" tabindex="2" placeholder="password" /> <div class="field"> <label for="pin">Pin Number</small></label><input type="password" name="pin" value="" id="password" tabindex="2" placeholder="pin"/> </div> </div> </div> <!-- .login_fields --> <div class="login_actions"> <input type="submit" name="login" value="Login" class="btn btn-grey"/> </div> </form> </div> <!-- #login_panel --> </div> <!-- #login --> </body> </html> thank you in advance.