maxudaskin Posted August 2, 2008 Share Posted August 2, 2008 I made this script yesterday, but I cannot seem to debug a crucial error. I put letters and numbers into the functions so I know what exactly it is doing and in what order. Everything seems to be logically correct, but it is not seeming to complete the functions as a whole properly. http://www.virtualzoom.net/loginscript/ Username: test Password: test123 Code: http://www.virtualzoom.net/loginscript/pretty/ Link to comment https://forums.phpfreaks.com/topic/117873-solved-i-have-run-out-of-ideas-of-how-to-debug/ Share on other sites More sharing options...
maxudaskin Posted August 2, 2008 Author Share Posted August 2, 2008 Now I am getting the following error with the following code. MySQL Error 1054 with description Unknown column 'test' in 'where clause' $sql = "SELECT password FROM " . USERS_TABLE . " WHERE username = " . $username; $query = mysql_query($sql) or die ( "MySQL Error " . mysql_errno() . " with description " . mysql_error() ); Link to comment https://forums.phpfreaks.com/topic/117873-solved-i-have-run-out-of-ideas-of-how-to-debug/#findComment-606284 Share on other sites More sharing options...
wildteen88 Posted August 2, 2008 Share Posted August 2, 2008 All values in a query must be wrapped in quotes $sql = "SELECT password FROM " . USERS_TABLE . " WHERE username = '$username'"; Also on your index page, session_start must be called before any output is made: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <?php include ("include/login.php"); session_start(); ?> Should be <?php include ("include/login.php"); session_start(); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> Link to comment https://forums.phpfreaks.com/topic/117873-solved-i-have-run-out-of-ideas-of-how-to-debug/#findComment-606289 Share on other sites More sharing options...
TempleDMDKrazd Posted August 2, 2008 Share Posted August 2, 2008 Now I am getting the following error with the following code. MySQL Error 1054 with description Unknown column 'test' in 'where clause' $sql = "SELECT password FROM " . USERS_TABLE . " WHERE username = " . $username; $query = mysql_query($sql) or die ( "MySQL Error " . mysql_errno() . " with description " . mysql_error() ); uhhh... dude $username is a string it needs to be in quotes also are you sure its a good idea to store someone's username + password together in a cookie?..... Link to comment https://forums.phpfreaks.com/topic/117873-solved-i-have-run-out-of-ideas-of-how-to-debug/#findComment-606290 Share on other sites More sharing options...
maxudaskin Posted August 2, 2008 Author Share Posted August 2, 2008 Ok, my two silly mistakes... And it is the remember me feature of the site. Another site cannot access the cookie so it should be fine. Anyways, aren't cookies encoded? Link to comment https://forums.phpfreaks.com/topic/117873-solved-i-have-run-out-of-ideas-of-how-to-debug/#findComment-606296 Share on other sites More sharing options...
wildteen88 Posted August 2, 2008 Share Posted August 2, 2008 Cookies are stored as plain text on the client side. Cookies will only work on the site that created it. Cookies cannot be shared across multiple sites. Link to comment https://forums.phpfreaks.com/topic/117873-solved-i-have-run-out-of-ideas-of-how-to-debug/#findComment-606298 Share on other sites More sharing options...
maxudaskin Posted August 2, 2008 Author Share Posted August 2, 2008 Ok, well it is still not working. Test it out and tell me what you think please. It works at first, but if you refresh (do not resend POST data) or reenter the URL, it doesn't work. I think it may be sessions. Link to comment https://forums.phpfreaks.com/topic/117873-solved-i-have-run-out-of-ideas-of-how-to-debug/#findComment-606299 Share on other sites More sharing options...
wildteen88 Posted August 2, 2008 Share Posted August 2, 2008 Change your confirmUser function to // Check Credentials function confirmUser($username, $password) { // undo magic cuotes if (get_magic_quotes_gpc()) { $username = stripslashes($username); } // escape harmful characters $username = mysql_real_escape_string($username); // md5 'n salt the password $password = md5($password . SALT); // check the username AND password in the query at the same time $sql = "SELECT username FROM " . USERS_TABLE . " WHERE username = '$username' AND password = '$password'"; $query = mysql_query($sql) or die("MySQL Error " . mysql_errno() . " with description " . mysql_error()); // check that mysql returned 1 result, meaning a match was found if (mysql_num_rows($query) == 1) { return TRUE; } // no match return false! return FALSE; } Link to comment https://forums.phpfreaks.com/topic/117873-solved-i-have-run-out-of-ideas-of-how-to-debug/#findComment-606304 Share on other sites More sharing options...
maxudaskin Posted August 2, 2008 Author Share Posted August 2, 2008 Nope...still not working... Link to comment https://forums.phpfreaks.com/topic/117873-solved-i-have-run-out-of-ideas-of-how-to-debug/#findComment-606316 Share on other sites More sharing options...
wildteen88 Posted August 2, 2008 Share Posted August 2, 2008 On Index.php you have this: if(LOGGED_IN) { "You are logged in"; } it should be if(LOGGED_IN) { echo "You are logged in"; } Link to comment https://forums.phpfreaks.com/topic/117873-solved-i-have-run-out-of-ideas-of-how-to-debug/#findComment-606331 Share on other sites More sharing options...
maxudaskin Posted August 2, 2008 Author Share Posted August 2, 2008 But when you refresh, it still logs you out... I am going crazy! Link to comment https://forums.phpfreaks.com/topic/117873-solved-i-have-run-out-of-ideas-of-how-to-debug/#findComment-606339 Share on other sites More sharing options...
wildteen88 Posted August 2, 2008 Share Posted August 2, 2008 When debugging you should turn display_errors on and set error_reporting to E_ALL I have ran your code and setup a test database on my dev machine, and your the code works fine. Link to comment https://forums.phpfreaks.com/topic/117873-solved-i-have-run-out-of-ideas-of-how-to-debug/#findComment-606345 Share on other sites More sharing options...
maxudaskin Posted August 2, 2008 Author Share Posted August 2, 2008 The error reporting should be on... I made a page with a common error on it (on purpose) to test it. It seems to be on: http://www.virtualzoom.net/websiteadministrator/error.php Link to comment https://forums.phpfreaks.com/topic/117873-solved-i-have-run-out-of-ideas-of-how-to-debug/#findComment-606347 Share on other sites More sharing options...
DeanWhitehouse Posted August 2, 2008 Share Posted August 2, 2008 ok, add error_reporting(E_ALL); to the top of the page Link to comment https://forums.phpfreaks.com/topic/117873-solved-i-have-run-out-of-ideas-of-how-to-debug/#findComment-606352 Share on other sites More sharing options...
maxudaskin Posted August 2, 2008 Author Share Posted August 2, 2008 Here is the list. Notice: Undefined variable: PHP_SELF in /home/.grable/vzoom/virtualzoom.net/loginscript/include/functions.php on line 79 Notice: A session had already been started - ignoring session_start() in /home/.grable/vzoom/virtualzoom.net/loginscript/index.php on line 1 After Login Notice: Undefined variable: password in /home/.grable/vzoom/virtualzoom.net/loginscript/include/login.php on line 178 Notice: Undefined index: remember_me in /home/.grable/vzoom/virtualzoom.net/loginscript/include/login.php on line 181 Notice: A session had already been started - ignoring session_start() in /home/.grable/vzoom/virtualzoom.net/loginscript/index.php on line 1 You are logged in Link to comment https://forums.phpfreaks.com/topic/117873-solved-i-have-run-out-of-ideas-of-how-to-debug/#findComment-606358 Share on other sites More sharing options...
maxudaskin Posted August 2, 2008 Author Share Posted August 2, 2008 Aha! Thank you all for your help. Now I know about error_reporting(E_ALL); and I will use it wisely! Link to comment https://forums.phpfreaks.com/topic/117873-solved-i-have-run-out-of-ideas-of-how-to-debug/#findComment-606359 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.