aosmith

Resolved by removing (strange, I know): error_reporting(E_ALL & E_STRICT);

For whatever reason I can't seem to get any errors to spit out on my 10.6.5 / 5.4.3 machine. I've verified that it's enabled in phpinfo(). Any ideas, anyone had anything similar? Apache doesn't issue any startup erros in the console, and php scripts without errors run fine. -Alex

It's fixed turns out we needed to be using a different version of ntwdblib.dll you need: Size: 274KB - Version: 2000.80.194.0

Hi we're stumped on a problem we managed to install mssql (a feat in and of itself) on our webserver, but now we can't connect to our mssql db. the setup is: ms server 2003, mssql server 2005 enterprise. my connect looks like this: $sqlconn = mssql_connect("192.168.0.**", "sa", "*"); ??? if anybody can help i would appreciate it

a little update to the cod and i have finally managed to get an error out of it: [code=php:0] <?php ini_set('display_errors','On'); error_reporting(E_ALL); session_start(); $email=$_SESSION['email']; $sid=$_SESSION['sid']; $valid=$_SESSION['valid']; ////////////////////////////////// // handler for adding classes // ////////////////////////////////// echo "<html><body>"; if ($_POST) { $sub=$_POST['sub']; $num=$_POST['num']; $ins=$_POST['ins']; echo $sub.$num.$ins."<br />"; // first of all load the tables require_once("db.inc.php"); //connect to mysql db or kick out an error code $connect=mysql_connect('localhost', $user, $pass) or die(mysql_error); //connect to notpanda database or error code mysql_select_db('notepand_') or die(mysql_error); //query to select password $sql = 'SELECT * from `login_users` WHERE `email`="'.$email.'" LIMIT 1'; $result=mysql_query($sql) or die(mysql_error); if (!$result) { die ("Database Failure: Hang in there we're working on it"); } while ($login_users = mysql_fetch_assoc($result)) { echo $login_users['email']."<br />"; // Grab classes $sql='SELECT * FROM `courses` where `sub`="'.$sub.'" AND `num`="'.$num.'" AND `ins`="'.$ins.'" AND `sid`="'.$sid.'"'; $result=mysql_query($sql) or die(mysql_error); if (!$result) { die ("Database Failure: Hang in there we're working on it"); } $rows=mysql_num_rows($result); echo $rows."<br />"; if ($rows=="0") { $sid=$_SESSION['sid']; $sql="INSERT INTO courses ('cid','sid','sub','num','ins') VALUES ('1',".$sid."','".$sub."','".$num."','".$ins."')"; $insert=mysql_query($sql) or die(mysql_error()); //grab the cid now $sql='SELECT * FROM `courses` WHERE `sub`="'.$sub.'" AND `num`="'.$num.'" AND `ins`="'.$ins.'" AND `sid`="'.$sid.'" LIMIT 1'; $result2=mysql_query($sql) or die($_SESSION['error']=mysql_error()." Error Code: 2.3"); echo mysql_num_rows($result2)."<br />"; if (!$result2) {die ("sorry");} while ($courses2=mysql_fetch_assoc($result2)) { echo $courses2['cid']."<br />"; $cid=$courses2['cid']; } } while ($courses = mysql_fetch_assoc($result)) { if (mysql_num_rows($result) > 0) { $cid=$courses['cid']; } $cid1= $_SESSION['courses']; // combine old and new courses $cid2= $cid1.",".$courses['cid']; // update db entry echo $cid2; $sql='UPDATE `login_users` SET cid = "'.$cid2.'" WHERE `email` = "'.email.'" LIMIT 1'; mysql_query($sql) or die(mysql_error()); //update session vars $_SESSION['courses']=$cid2; //now we should be all set so send them to their backpack mysql_free_result($result); header("Location: /backpack.php") or die("couldnt forward"); } } } [/code] and the error i get is: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''cid','sid','sub','num','ins') VALUES ('1',','a','b','c')' at line 1

what about creating a random hash storing it to a db and then storing it in a cookie as well?

have a look here: http://www.phpfreaks.com/phpref/42.php

i stop getting echos following this line of code. I have no errors or warnings even with errors turned on. and yes i started the session. [code=php:0]echo $login_users['email']."<br />"; // Grab classes $sql='SELECT * FROM `courses` where `sub`="'.$sub.'" AND `num`="'.$num.'" AND `ins`="'.$ins.'" AND `sid`="'.$sid.'"'; $result=mysql_query($sql) or die(mysql_error); if (!$result) { die ("Database Failure: Hang in there we're working on it"); } while ($courses = mysql_fetch_assoc($result)) { if (mysql_num_rows($result) == 0) { $sid=$_SESSION['sid']; $sql='INSERT INTO `courses` ("sid","sub","num","ins") VALUES ("'.$sid.'","'.$sub.'","'.$num.'","'.$ins.'")'; $insert=mysql_query($sql) or die(mysql_error()); //grab the cid now $sql='SELECT * FROM `courses` ` where `sub`="'.$sub.'" AND `num`="'.$num.'" AND `ins`="'.$ins.'" AND `sid`="'.$sid.'" LIMIT 1'; $result=mysql_query($sql) or die($_SESSION['error']=mysql_error()." Error Code: 2.3"); while ($courses2=mysql_fetch_assoc($result)) { echo $courses2['cid']."<br />"; $cid=$courses2['cid']; } } if (mysql_num_rows($result) > 0) { $cid=$courses['cid']; } $cid1= $_SESSION['courses']; // combine old and new courses $cid2= $cid1.",".$courses['cid']; // update db entry echo $cid2; $sql='UPDATE `login_users` SET cid = "'.$cid2.'" WHERE `email` = "'.email.'" LIMIT 1'; mysql_query($sql) or die(mysql_error()); //update session vars $_SESSION['courses']=$cid2; //now we should be all set so send them to their backpack mysql_free_result($result); header("Location: /backpack.php") or die("couldnt forward"); } } } [/code]

[code=php:0]if ($_POST) { $sub=$_POST['sub']; $num=$_POST['num']; $ins=$_POST['ins']; // first of all load the tables require_once("db.inc.php"); //connect to mysql db or kick out an error code $connect=mysql_connect('localhost', $user, $pass) or die(mysql_error); //connect to notpanda database or error code mysql_select_db('notepand_') or die(mysql_error); //query to select password $sql = 'SELECT * from `login_users` WHERE `email`="'.$email.'" LIMIT 1'; $result=mysql_query($sql) or die(mysql_error); if (!$result) { die ("Database Failure: Hang in there we're working on it"); } while ($login_users = mysql_fetch_assoc($result)) { // Grab classes $sql='SELECT * FROM `courses` where `sub`="'.$sub.'" AND `num`="'.$num.'" AND `ins`="'.$ins.'" AND `sid`="'.$sid.'"'; $result=mysql_query($sql) or die(mysql_error); if (!$result) { die ("Database Failure: Hang in there we're working on it"); } while ($courses = mysql_fetch_assoc($result)) { if (mysql_num_rows($result) == 0) { $sid=$_SESSION['sid']; $sql='INSERT INTO `courses` ("sid","sub","num","ins") VALUES ("'.$sid.'","'.$sub.'","'.$num.'","'.$ins.'")'; $insert=mysql_query($sql) or die(mysql_error()); //grab the cid now $sql='SELECT * FROM `courses; ` where `sub`="'.$sub.'" AND `num`="'.$num.'" AND `ins`="'.$ins.'" AND `sid`="'.$sid.'" LIMIT 1'; $result=mysql_query($sql) or die($_SESSION['error']=mysql_error()." Error Code: 2.3"); while ($courses2=mysql_fetch_assoc($result)) { $cid=$courses2['cid']; } } if (mysql_num_rows($result) > 0) { $cid=$courses['cid']; } $cid1= $_SESSION['courses']; // combine old and new courses $cid2= $cid1.",".$courses['cid']; // update db entry $sql='UPDATE `login_users` SET cid = "'.$cid2.'" WHERE `email` = "'.email.'" LIMIT 1'; mysql_query($sql) or die(mysql_error()); //update session vars $_SESSION['courses']=$cid2; //now we should be all set so send them to their backpack mysql_free_result($result); header("Location: /backpack.php") or die("couldnt forward"); } } } [/code] I can't figure it out for the life of me... it returns a blank

I'm about to mark this one solved, but i figured i would post the solution for anyone else having trouble: $result=mysql_query($sql) or die($_SESSION['error']=mysql_error()." ERROR:query error1--gate:4.0-login.php"); if (!$result) { die ("Couldn't fetch any results"); } $array = mysql_fetch_assoc($result); $dbpass=$array['password'];

give this a whirl: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <?php session_start(); if(!isset($_SESSION['admin'])){ header('Location: admin_login.php'); } else { $cont = $_GET['cont']; require('admin_menu.php'); echo "<p>&nbsp</p>"; if(!$cont){ $require = "admin_bus.php"; require($require); } else{ $require = "admin_".$cont.".php"; require($require); } } ?> <title>Admin</title> <link rel="stylesheet" type="text/css" href="styles/style.css" /> </head> <body> </body> </html> I had the same problem with the site I'm working on (and actually under very similar circumstances and code ie: works on one server not another)

try adding this at the end of your php: *form name*.submit();

you should try putting the header command at the very top of your script (or as close as possible)... I had a problem with giving header redirects after the header has already been set, and if you're using html on the same page make sure that code is in the <head> of the doc.

this one has got me stumped... I'm still quasi-new to php and mysql and i just cant figure out why i cannot get my keys (aka "replies") to match heres my code: index.php (just the part that really matters): <?php //start a session session_start(); //store ip addr and test connection to mysql server $_SESSION['ip']=$_SERVER['REMOTE_ADDR']; $conn=mysql_connect('localhost', '####', '####') or die($_SESSION['error']='could not connect to database--ln6-index.php <br />'.mysql_error()); mysql_select_db('notepanda', $conn) or die($_SESSION['error']='could not select notepanda--ln7-index.php <br />'.mysql_error()); //generate challenge $chal=md5(uniqid(mt_rand(), true)) or die($_SESSION['error']='could not generate chal'); //set the challenege $_SESSION['chal']=$chal; ?> I'm using Paj's javascript for the client side hashing (it can be found here: http://pajhome.org.uk/crypt/md5/md5src.html) the form containing login information looks like this: <!--encrypt password--> <script src="js/md5.js" type="text/javascript"></script> <!--encrypt password using script and set password and challenge to null--> <form method="POST" action="login.php" name="login_form" id="login_form" onsubmit="javascript: login();"> <tr> <td> <img src="img/user.gif"> </td> <td> <!--username and cookie reading script--> <input type="text" name="username" size="20" id="username"> </td> </tr> <tr> <td> <img src="img/pass.gif"> </td> <td> <input type="password" name="password" size="20" id="password"> <!--start hidden fields--> <input type="hidden" name="chal" id="chal" size="40"> <input type="hidden" name="key" id="key" size="40"> </td> </tr> <tr> <td> </td> <td> <input type="submit" value="Submit" onclick="Javascript: login();"> <input type="reset"> </div> </td> </tr> </form> </table> </div> and the code for login(): <script type="text/javascript"> function login() { var login_form = document.getElementById("login_form"); if (login_form.username.value == "") { alert("Please enter your user name"); return false; } if (login_form.password.value == "") { alert("Please enter your password"); return false; } if (login_form.password.value != null && login_form.username.value != null) { /*hash the password and the key*/ login_form.password.value = hex_md5 (login_form.password.value); login_form.key.value = hex_md5(login_form.chal.value + login_form.password.value); /*clear the form of everything except user and key*/ /*using a single _ for password and challenge to avoid triggering the empty password catch*/ /*and a little joke for all the packet sniffers out there*/ //login_form.password.value = "packet sniffing isn't nice"; //login_form.chal.value = " "; /*last but not least submit the form*/ login_form.submit(); } } </script> and last but not least login.php looks like this: <?php ////////////////////////////////// //PHP Login Mechanism // //By: Alex Smith // ////////////////////////////////// session_start(); //read in post variables from index.php if (isset($_POST)) { //read in password and username from post $user=$_POST['username']; $key=$_POST['key']; //values should be null $pass=$_POST['password']; //read in challenge from session $chal=$_SESSION['chal']; //add expire $_SESSION['expire']=time()+4800; $_SESSION['key']=$key; //connect to mysql db or kick out an error code $connect=mysql_connect('localhost', '####', '####') or die($_SESSION['error']=mysql_error()." ERROR: Could not connect to MySQL Server--gate:1-inc.php"); //connect to notpanda database or error code mysql_select_db('notepanda') or die($_SESSION['error']=mysql_error()." ERROR: Could not select db--gates:2-inc.php"); //query to select password $sql = 'SELECT `password` FROM `login_users` WHERE `username`="'.$user.'"'; //query to select admin status $sql2 = 'SELECT `admin` FROM `login_users` WHERE `username`="'.$user.'"'; //record the query to a session var for debugging $_SESSION['sql']=$sql; $_SESSION['sql2']=$sql2; //query database and 4th error gate $dbpass=mysql_query($sql) or die($_SESSION['error']=mysql_error()." ERROR:query error1--gate:4.0-login.php"); $admin=mysql_query($sql2) or die($_SESSION['error']=mysql_error()." ERROR:query error2--gate:4.1-login.php"); //compose key from database challenge //note: stored passwords have already been hashed using md5 $str=$chal.$dbpass; //finish composing $dbkey=md5($str); $_SESSION['dbpass']=$dbpass; $_SESSION['pkey']=$pkey; $_SESSION['dbkey']=$dbkey; //make sure this table is only viewable to super users if ($dbkey==$key) { if ($admin="1") { $_SESSION['valid']="user"; } if ($admin="2") { $_SESSION['valid']="admin"; } if ($admin="3") { $_SESSION['valid']="super"; } } if ($dbkey!=$key) { echo "ERROR: Authentication--gate:5-login.php <br />"; echo $key."<br />".$dbkey; } I've been staring at this for almost an hour and i just can't figure it out why isn't working except for a problem with paj's script. TIA guys and gals. -Alex and as a ps note i know that this is about 2 steps past spaghetti code but i'm new to this and here's what login.php kicks out (from the nice little debug table i built): ERROR: Authentication--gate:5-login.php 14135**** 8f477**** Session Vars user: pass: chal:#### key:14135f*** valid: expire:1195179791 ip:127.0.0.1 error: admin: sql:SELECT `password` FROM `login_users` WHERE `username`="admin" sql2:SELECT `admin` FROM `login_users` WHERE `username`="admin" dbkey:8f477*** pkey: dbpass:Resource id #3 key:1413***** user:admin pass:775**** add5* add5* 8f47* 0c0ff*