rich___

sry mate uve lost me. thers nothing i can show u but the code, unless u tell me to try something can i can post up errors if they appear. i know whats wrong with it, i dont use the query to my advantage, but i know what i would like to do, which is compare the user name and pass from the db to whats been entered, and if its correct then goto protected.php, othewise fail it, but ive no idea where to begin to start coding that, any ideas?

$rsMain = $adoCon->Execute( $sSQL ); doesnt output anything

check above post ^^

i dont know when i type echo($rsMain); i get this - Catchable fatal error: Object of class variant could not be converted to string in C:\xampp\htdocs\xampp\login.php on line 50

oh and yes i know its meant to be 'pass' instead of 'spass' ive changed it and still the same outcome

it just keeps telling me ive logged in, no matter what, all i want it to do is to not log in if the user isnt there or the pass doesnt work, which i think it shud, maybe i need to use the query more.. if i knew how to properly :s

<?php // allows session info to be used on this page session_start(); // if this script isn't receiving form data, exit fast if(!isset($_POST['btnLogin'])) { header("Location: login.htm"); session_write_close(); exit(); } if(empty($_POST['txtPassword']) || empty($_POST['txtUsername'])) // if empty fields, give error msg { echo ('please enter in both fields'); } else // gets username and password as typed into the login form { $pass = $_POST['txtPassword']; $user = $_POST['txtUsername']; } $sEncryptedPassword = crypt($pass); // creates a new connection object $adoCon = new COM("ADODB.Connection"); // the path to the folder holding this PHP script $sHere = dirname(__FILE__); // opens the connection using a standard connection string try { $adoCon->Open("Provider=Microsoft.Jet.OLEDB.4.0; Data Source=C:\\xampp\\htdocs\\xampp\\db1.mdb"); } catch(Exception $e) { echo('Sorry - There was a problem with opening the database.<br />'); } $sSQL = "SELECT * FROM tblUsers WHERE userName='$user' AND userPass = '$spass';"; $rsMain = $adoCon->Execute( $sSQL ); // only checks the password if the user exists //if( isset($aValidUsers[$user]) ) // checks to see if the username/password pair is valid by encrypting // the password and comparing against the real encrypted password if (isset($rsMain)) { if(crypt($pass, $sEncryptedPassword) == ($sEncryptedPassword)) { // if logged on okay, remembers user's name as session variable $_SESSION['user'] = $user; header("Location: protected.php"); session_write_close(); exit(); } else { header("Location: login.htm"); session_write_close(); } header("Location: login.htm"); session_write_close(); } // closes the connection, frees up resources $adoCon->Close(); $adoCon = null; ?>

thanks for the help, but even with the changes suggested it still gives me "you are valid user" even if the pass is wrong, im confused

how do i check against my results?

<?php // allows session info to be used on this page session_start(); // if this script isn't receiving form data, exit fast if(!isset($_POST['btnLogin'])) { header("Location: login.htm"); session_write_close(); exit(); } if(empty($_POST[txtPassword]) || empty($_POST[txtUsername])) // if empty fields, give error msg { echo ('please enter in both fields'); } else // gets username and password as typed into the login form { $pass = $_POST['txtPassword']; $user = $_POST['txtUsername']; } $sEncryptedPassword = crypt($pass); // creates a new connection object $adoCon = new COM("ADODB.Connection"); // the path to the folder holding this PHP script $sHere = dirname(__FILE__); // opens the connection using a standard connection string try { $adoCon->Open("Provider=Microsoft.Jet.OLEDB.4.0; Data Source=C:\\xampp\\htdocs\\xampp\\db1.mdb"); } catch(Exception $e) { echo('Sorry - There was a problem with opening the database.<br />'); } $sSQL = "SELECT * FROM tblUsers WHERE userName='$user' AND userPass = '$sEncryptedPassword';"; $rsMain = $adoCon->Execute( $sSQL ); if(crypt($pass, $sEncryptedPassword) == ($sEncryptedPassword)) { // if logged on okay, remembers user's name as session variable $_SESSION['user'] = $user; header("Location: protected.php"); session_write_close(); exit(); } else { header("Location: login.htm"); session_write_close(); } // closes the connection, frees up resources $adoCon->Close(); $adoCon = null; ?> what its meant to do is to compare the password (then encryped) to the encrypted pass in the database, and if their the same, then login, else go back to the login page, but whatever happens it goes to the protected page.

im using access 2003

ok so ive got the code to work without any errors, its just not writing to the database now, but it opens it, heres the code so far: <html> <head> </head> <body> <?php // Receives values from Form, assigns values entered to vars $sFirstName = $_POST["FirstName"]; $sLastName = $_POST["LastName"]; $sUsername = $_POST["Username"]; $sPassword = $_POST["Password"]; // creates a new connection object $adoCon = new COM("ADODB.Connection"); // opens the connection using a standard connection string try { $adoCon->Open("Provider=Microsoft.Jet.OLEDB.4.0; Data Source=C:\\xampp\\htdocs\\xampp\\db1.mdb"); } catch(Exception $e) { echo('Sorry - There was a problem with opening the database.<br />'); } // Declares SQL statement that will add data to the database try { $adoCon->Execute ( "INSERT INTO tblUsers (FirstName, LastName, Username, Password) VALUES ('$sFirstName', '$sLastName', '$sUsername', '$sPassword');" ); } catch(Exception $e) { echo ('Sorry - There was a problem with adding the data to the database.<br />'); } // closes the connection, frees up resources $adoCon->Close(); $adoCon = null; ?> </body> </html> any ideas? it just displays ''Sorry - There was a problem with adding the data to the database''

i still get the same error : INSERT INTO tblUsers (FirstName, LastName, Username, Password) values ('test', 'test', 'test', 'test') Fatal error: Uncaught exception 'com_exception' with message '<b>Source:</b> Microsoft JET Database Engine<br/><b>Description:</b> Syntax error in INSERT INTO statement.' in C:\xampp\htdocs\xampp\register.php:22 Stack trace: #0 C:\xampp\htdocs\xampp\register.php(22): com->Execute('INSERT INTO tbl...') #1 {main} thrown in C:\xampp\htdocs\xampp\register.php on line 22

doesnt make a differnece :/

hi, i want to make users able to register for my site using an access database, ive tried everything and nothing works. i want their info to be added to the database basically, so they can login <?php // creates a new connection object $adoCon = new COM("ADODB.Connection"); // opens the connection using a standard connection string $adoCon->Open("Provider=Microsoft.Jet.OLEDB.4.0; Data Source=C:/xampp/htdocs/xampp/db1.mdb"); // Receives values from Form, assigns values entered to vars $FirstName = $_POST["FirstName"]; $LastName = $_POST["LastName"]; $Username = $_POST["Username"]; $Password = $_POST["Password"]; // Declares SQL statement that will add data to the database $sSQL = "INSERT INTO tblUsers (FirstName, LastName, Username, Password) values ('$_POST[FirstName]', '$_POST[LastName]', '$_POST[username]', '$_POST[Password]')"; echo $sSQL; // Executes the SQL $adoCon->Execute($sSQL); ?> i get this error message: INSERT INTO tblUsers (FirstName, LastName, Username, Password) values ('s', 's', 's', 's') Fatal error: Uncaught exception 'com_exception' with message '<b>Source:</b> Microsoft JET Database Engine<br/><b>Description:</b> Syntax error in INSERT INTO statement.' in C:\xampp\htdocs\xampp\register.php:18 Stack trace: #0 C:\xampp\htdocs\xampp\register.php(18): com->Execute('INSERT INTO tbl...') #1 {main} thrown in C:\xampp\htdocs\xampp\register.php on line 18