whizzykid

$LoginRS__query=sprintf("SELECT `Account Number`, password FROM login WHERE `Account Number`=%s AND password=%s", GetSQLValueString($loginUsername, "-1"), GetSQLValueString($password, "text")); sorry the 1st code i pasted are my validation codes no other place in my entire code has d Getstring value.

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) { $insertSQL = sprintf("INSERT INTO login (`Account Number`, password) VALUES (%s, %s)", GetSQLValueString($_POST['Account_Number'], "int"), GetSQLValueString($_POST['password'], "text"));

when users log in the form only checks for the account num,when it comes to the password any password can login,how i rectify that?

my form only validates using account number,i want it to also validate user password b4 allowing login success. thanks

help any password logs in on my website.help with validation using acct num and password. my codes. if (!isset($_SESSION)) { session_start(); } $loginFormAction = $_SERVER['PHP_SELF']; if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = $_GET['accesscheck']; } if (isset($_POST['Account_Number'])) { $loginUsername=$_POST['Account_Number']; $password=$_POST['password']; $MM_fldUserAuthorization = ""; $MM_redirectLoginSuccess = "account_" .$account[0] .".php"; $MM_redirectLoginFailed = "login failed.html"; $MM_redirecttoReferrer = false; mysql_select_db($database_cthey_reg, $cthey_reg); $LoginRS__query=sprintf("SELECT `Account Number`, password FROM login WHERE `Account Number`=%s AND password=%s", GetSQLValueString($loginUsername, "-1"), GetSQLValueString($password, "text")); $LoginRS = mysql_query($LoginRS__query, $cthey_reg) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = ""; if (PHP_VERSION >= 5.1) {session_regenerate_id(true);} else {session_regenerate_id();} //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; if (isset($_SESSION['PrevUrl']) && false) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; }else{ $account = mysql_fetch_array($LoginRS); $MM_redirectLoginSuccess = "account_".$account[0] .".php"; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); } } ?>

Sorry the topic isnt there anymore.

pls explain better. thanks

ok this is it if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) { $insertSQL = sprintf("INSERT INTO registration (Title, `Last Name`, `First Name`, `Date of Birth`, `Marital Status`, Email, `Mobile Number`, `Phone Number`, Address, `Zip/Postal Code`, Country, `Name of Employeer/Business`, `Address of Employer/Reference`, `Postal Code`, `Nature of Business/Occupation`, `Position_ Held`, `Gross_ Annual _Income`, `House_ Hold_ Income`, `Preferred_Method_of- Payment`, `Preferred_ Account _Type`) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)", GetSQLValueString($_POST['Title'], "text"), GetSQLValueString($_POST['Last_Name'], "text"), GetSQLValueString($_POST['First_Name'], "text"), GetSQLValueString($_POST['Date_of_Birth'], "date"), GetSQLValueString($_POST['Marital_Status'], "text"), GetSQLValueString($_POST['Email'], "text"), GetSQLValueString($_POST['Mobile_Number'], "int"), GetSQLValueString($_POST['Phone_Number'], "int"), GetSQLValueString($_POST['Address'], "text"), GetSQLValueString($_POST['ZipPostal_Code'], "int"), GetSQLValueString($_POST['Country'], "text"), GetSQLValueString($_POST['Name_of_EmployeerBusiness'], "text"), GetSQLValueString($_POST['Address_of_EmployerReference'], "text"), GetSQLValueString($_POST['Postal__Code'], "int"), GetSQLValueString($_POST['Nature_of_BusinessOccupation'], "text"), GetSQLValueString($_POST['Position__Held'], "text"), GetSQLValueString($_POST['Gross___Annual__Income'], "int"), GetSQLValueString($_POST['House__Hold__Income'], "int"), GetSQLValueString($_POST['Preferred_Method_of_Payment'], "text"), GetSQLValueString($_POST['Preferred__Account__Type'], "text")); mysql_select_db($database_cicpriva_reg, $cicpriva_reg); $Result1 = mysql_query($insertSQL, $cicpriva_reg) or die(mysql_error());

I get this error i try to fill this form on my site. Warning: mysql_select_db(): supplied argument is not a valid MySQL-Link resource in /home/cicpriva/public_html/Registration.php on line 62 Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in /home/cicpriva/public_html/Registration.php on line 63 <?php require_once('Connections/cicpriva_reg.php'); ?> <?php mysql_select_db($database_cicpriva_reg, $cicpriva_reg); $Result1 = mysql_query($insertSQL, $cicpriva_reg) or die(mysql_error()); And this is my cicpriva_reg.php file $hostname_cicpriva_reg = "localhost"; $database_cicpriva_reg = "cicpriva_reg"; $username_cicpriva_reg = "cicpriva_goto"; $password_cicpriva_reg = ""; $dibby = mysql_pconnect($hostname_cicpriva_reg, $username_cicpriva_reg, $password_cicpriva_reg) or trigger_error(mysql_error(),E_USER_ERROR); ?>

I am trying to create a connect my database but i dont what the followings are $hostname =? $database;=? $username=? $password=? And i get this mesg when i fill a form on my site and try to submit Server Error in '/' Application. Runtime Error Description: An application error occurred on the server. The current custom error settings for this application prevent the details of the application error from being viewed remotely (for security reasons). It could, however, be viewed by browsers running on the local server machine. Details: To enable the details of this specific error message to be viewable on remote machines, please create a <customErrors> tag within a "web.config" configuration file located in the root directory of the current web application. This <customErrors> tag should then have its "mode" attribute set to "Off". <!-- Web.Config Configuration File --> <configuration> <system.web> <customErrors mode="Off"/> </system.web> </configuration> Notes: The current error page you are seeing can be replaced by a custom error page by modifying the "defaultRedirect" attribute of the application's <customErrors> configuration tag to point to a custom error page URL. <!-- Web.Config Configuration File --> <configuration> <system.web> <customErrors mode="RemoteOnly" defaultRedirect="mycustompage.htm"/> </system.web> </configuration>

C:\wamp\www\Untitled-1.php/ that is the url i use to test,do i need to change anything?

dont knw wht i am doing wrong. it shows that. The URL prefix http:// for this sites's testing server could not be resolved due to several reasons. 1 you have specified a local root folder that doesnt fall under the web server root folder. 2 there is no web server running on the URL. a web server must be running in order to map pages through a URL. 3 there is a web server running but no virtual web folder has been mapped to this prefix.

MySQL server

Having some problems connecting my cs5 to my sql server,i tried to connect my database but no table is found, i created like 5tables but cant find any under the local host,when i fill in the connection name: localhost, mysql sever: the name of my database but it shows unidentified error,pls help to resolve this.

My codes is suppose to allow people login into their different profile but it does instead it takes all of them to a particular place. my code. $insertGoTo = "6.gif"; if (isset($_SERVER['QUERY_STRING'])) { $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?"; $insertGoTo .= $_SERVER['QUERY_STRING']; } header(sprintf("Location: %s", $insertGoTo)); } mysql_select_db($database_y_y, $y_ggh); $query_Recordset2 = "SELECT * FROM login"; $Recordset2 = mysql_query($query_Recordset2, $bay_by) or die(mysql_error()); $row_Recordset2 = mysql_fetch_assoc($Recordset2); $totalRows_Recordset2 = mysql_num_rows($Recordset2); ?> <?php // *** Validate request to login to this site. if (!isset($_SESSION)) { session_start(); } $loginFormAction = $_SERVER['PHP_SELF']; if (isset($_GET['accesscheck'])) { $_SESSION['PrevUrl'] = $_GET['accesscheck']; } if (isset($_POST['Login_ID'])) { $loginUsername=$_POST['Login_ID']; $password=$_POST['Password']; $MM_fldUserAuthorization = ""; $MM_redirectLoginSuccess = "profile_".$profile[0] .".php"; $MM_redirectLoginFailed = "bv01001_hover.png"; $MM_redirecttoReferrer = false; mysql_select_db($database_bley_bay, $bley_blay); $LoginRS__query=sprintf("SELECT `Login ID`, `Password` FROM `login` WHERE `Login ID`=%s AND `Password`=%s", GetSQLValueString($loginUsername, "-1"), GetSQLValueString($password, "-1")); $LoginRS = mysql_query($LoginRS__query, $bey_bay) or die(mysql_error()); $loginFoundUser = mysql_num_rows($LoginRS); if ($loginFoundUser) { $loginStrGroup = ""; //declare two session variables and assign them $_SESSION['MM_Username'] = $loginUsername; $_SESSION['MM_UserGroup'] = $loginStrGroup; if (isset($_SESSION['PrevUrl']) && false) { $MM_redirectLoginSuccess = $_SESSION['PrevUrl']; } else { $profile = mysql_fetch_array($LoginRS); $MM_redirectLoginSuccess = "profile_".$profile[0] .".php"; } header("Location: " . $MM_redirectLoginSuccess ); } else { header("Location: ". $MM_redirectLoginFailed ); } } ?>