blurredvision Posted June 5, 2008 Share Posted June 5, 2008 Hey guys, guess what? I need more help . I'm working on a personal site that is merely meant to teach myself about building a modular, dynamic website with PHP and MySQL. I'm 100% self-taught to this point using 3 or 4 books as references. I just started working on this site, and after getting together the rough design, I started working on the register and login modules. At this point, it's important to know that registering works great! No problems with it. However, I can't seem to figure out how to get the login to work. First up, here's my code. Please note that this is simply a rough draft of what I hope to end up with. It may not be the most secure or logical: <?php function check_login($dbc) { $u = mysqli_real_escape_string($dbc, trim($_POST['username'])); $p = mysqli_real_escape_string($dbc, trim($_POST['password'])); $q = "SELECT ID_member, username FROM members WHERE username='$u' AND password=SHA1('$p')"; $r = mysqli_query($dbc, $q); // Run the query. if (mysqli_num_rows($r) == 1) { $row = mysqli_fetch_array ($r, MYSQLI_ASSOC); return array(true, $row); } else { echo 'No rows returned.'; echo '<br />'; echo $u; echo '<br />'; echo $p; die; } } if (isset($_POST['submitted'])) { // If login info is sent... require_once('../database_connect.php'); // $dbc comes from this file. list ($check, $data) = check_login($dbc); if ($check) { setcookie('ID_member', $data['ID_member'], time()+1800, '/', '', 0, 0); setcookie('username', $data['username'], time()+1800, '/', '', 0, 0); header ("Location: http://www.mysite.com/"); exit(); } else { echo 'error'; } } else { echo 'error'; } ?> This code is very close to the code in one of the books I am learning from, and I can't figure out why it's not working for me. I basically have a login section on the main page, and the code above is it's own file, with the form action pointing to this. Ideally, when somebody submits their login credentials, it goes to the above code, runs it, sets the cookies, and redirects back to the home page. So I have a function configured at the top that has an argument of $dbc, which is my database connection. This variable/connection is set in the database_connect.php file, which is required once immediately after this script checks to see if the form has been submitted. I used this same database_connect.php file with my register module, and it works perfectly fine. When I try to login, though, instead of it running the mysqli_fetch_array, it returns the 'No row returned' echo, and obviously it stops right there. In my troubleshooting, I also had it print out the $u and $p variables to make sure I was passing the username and password correctly, which it is. Without going into too much trouble, can anybody see any problems with my syntax or method? I simply cannot get it to return the rows, and everything looks correct to me. In my $q query, ID_member, username, and password are my column names in the members table. As mentioned before, my $dbc connection query works fine, and is used elsewhere. Thanks for any help at all! Link to comment https://forums.phpfreaks.com/topic/108827-solved-help-with-getting-my-login-script-to-work/ Share on other sites More sharing options...
RMcLeod Posted June 5, 2008 Share Posted June 5, 2008 Change this line $r = mysqli_query($dbc, $q); // Run the query. to $r = mysqli_query($dbc, $q) or die(mysqli_error()); This will tell you if there are any problems with your query. Link to comment https://forums.phpfreaks.com/topic/108827-solved-help-with-getting-my-login-script-to-work/#findComment-558240 Share on other sites More sharing options...
blurredvision Posted June 5, 2008 Author Share Posted June 5, 2008 Change this line $r = mysqli_query($dbc, $q); // Run the query. to $r = mysqli_query($dbc, $q) or die(mysqli_error()); This will tell you if there are any problems with your query. Nope, it does not report any problems, it goes back to the 'no rows returned' echo. Maybe if I have it echo the value returned for (mysqli_num_rows($r)), and see what it says? Obviously, it's not returning 1 . I should also note that I'm trying this with multiple logins, so it's not an issue of my username and password being incorrect. The password, when registered, is being passed into the database with the SHA1, and I'm checking against the same thing. Link to comment https://forums.phpfreaks.com/topic/108827-solved-help-with-getting-my-login-script-to-work/#findComment-558258 Share on other sites More sharing options...
blurredvision Posted June 5, 2008 Author Share Posted June 5, 2008 After a bit of troubleshooting, I've found that if I take out the password match from my SELECT query, it works fine, so that's my problem. I'll double-check that specific area and see if I can't figure it out. Thanks. EDIT: I think I figured it out! I just realized that a SHA1 encrypted password needs to be set to CHAR(40) since it's a 40-character string, and I only had it set to CHAR(16) because I wanted to limit passwords to 16 characters. So when people registered, only the first 16 characters were being put into the database, and when checking against that, it obviously would never match 40 characters to the 16. I need to do my password constraints with my PHP/JS, not MySQL. Sorry to waste everyone's time! Link to comment https://forums.phpfreaks.com/topic/108827-solved-help-with-getting-my-login-script-to-work/#findComment-558332 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.