Jump to content


Photo

Please review my code and help


  • Please log in to reply
2 replies to this topic

#1 jokeascool

jokeascool
  • New Members
  • Pip
  • Newbie
  • 6 posts

Posted 22 May 2006 - 02:09 AM

Hello All,

I am having a problem with a bit of code. I believe my logic is off somewhere and a fresh pair of eyes may help. I know that I can access the db and get the information. The problem is if I enter incorrect password or username it still sends me to the welcome page. Where as if the login info is wrong I want to go to index2 to have them try again. No matter what I enter it takes me to the welcome page. Could you please tell me what I am doing wrong.









<?php
session_start();

unset($uname);
unset($pword);    



$host="localhost:3306";
$user="username";
$lipassword="password";
$database="bfcc";




$uname=$_POST['fusername'];
$pword=$_POST['password'];

$connection=mysql_connect($host,$user,$lipassword)
            or die ("Problems Connecting to Server");
            
$db=mysql_select_db($database,$connection)
            or die ("Could not create connection with the database");
            
$query="SELECT * FROM users WHERE username = '$uname' AND password = '$pword'";

$result=mysql_query($query,$connection)
            or die("Could not execute query");

if (!mysql_num_rows($result))

{
  header("Location: index2.php");
}





header("Location: welcome.php");




            

mysql_close($connection);
?>




Thanks

Joe

Mod Edit(shoz): connection details removed

#2 SkullMaster

SkullMaster
  • New Members
  • Pip
  • Newbie
  • 8 posts

Posted 22 May 2006 - 02:48 AM

[!--quoteo(post=375940:date=May 21 2006, 09:09 PM:name=jokeascool)--][div class=\'quotetop\']QUOTE(jokeascool @ May 21 2006, 09:09 PM) View Post[/div][div class=\'quotemain\'][!--quotec--]
Hello All,

I am having a problem with a bit of code. I believe my logic is off somewhere and a fresh pair of eyes may help. I know that I can access the db and get the information. The problem is if I enter incorrect password or username it still sends me to the welcome page. Where as if the login info is wrong I want to go to index2 to have them try again. No matter what I enter it takes me to the welcome page. Could you please tell me what I am doing wrong.
<?php
session_start();

unset($uname);
unset($pword);    
$host="localhost:3306";
$user="username";
$lipassword="password";
$database="bfcc";
$uname=$_POST['fusername'];
$pword=$_POST['password'];

$connection=mysql_connect($host,$user,$lipassword)
            or die ("Problems Connecting to Server");
            
$db=mysql_select_db($database,$connection)
            or die ("Could not create connection with the database");
            
$query="SELECT * FROM users WHERE username = '$uname' AND password = '$pword'";

$result=mysql_query($query,$connection)
            or die("Could not execute query");

if (!mysql_num_rows($result))

{
  header("Location: index2.php");
}
header("Location: welcome.php");
            

mysql_close($connection);
?>
Thanks

Joe
[/quote]

my suggestion would be to change

if (!mysql_num_rows($result)) {

to

if (mysql_num_rows($result) > 0) {

what you have now is probably returning a value of 0 instead of null like you want, making it pass through everyime.(i could be wrong, just trying to help)

#3 AndyB

AndyB
  • Staff Alumni
  • Advanced Member
  • 5,465 posts
  • LocationToronto

Posted 22 May 2006 - 03:19 AM

[!--quoteo--][div class=\'quotetop\']QUOTE[/div][div class=\'quotemain\'][!--quotec--]mysql_num_rows: The number of rows in a result set on success, or FALSE on failure.[/quote]

[a href=\"http://ca.php.net/manual/en/function.mysql-num-rows.php\" target=\"_blank\"]http://ca.php.net/manual/en/function.mysql-num-rows.php[/a]
Legend has it that reading the manual never killed anyone.
My site




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users