[SOLVED] Need Guru Help! PHP Login Not Working!!!

[coldfiretech]

Hello! 

I am trying to make a login system to will login to differnt pages depending on the subscription type

 

There are 3 different subscription types single, partner, family.

I made the $subtype varible because i couldnt figure out if it was even getting that data

So if i go Print $subtype it shows the data in there but i for some reason i cant get the nested elseif statment to work.. If someone could please show me what i am doing wrong i would greatly appreciate it.!! Thanks.

 

<?php
$db_host = 'localhost';
$db_user = '****';
$db_pass = '*****';
$db_db = '******';
$con = mysql_connect($db_host, $db_user, $db_pass) or die('MySQl Connection Error:'.mysql_error());
mysql_select_db($db_db, $con) or die('MySQL Error: Cannot select table');
$user = $_POST['login'];
$passwd = $_POST['password'];
$sql0 = "SELECT * FROM users";
$results = mysql_query($sql0,$con);
while($row = mysql_fetch_array($results))
if ($user == $row['login'] && $passwd == $row['password']) {
$subtype = $row['subtype'];

if ($subtype="atype") {
print "<META HTTP-EQUIV=\"refresh\" content=\"2; URL=/*****/a.php\">";
} elseif ($subtype="btype") {
print "<META HTTP-EQUIV=\"refresh\" content=\"2; URL=/******r/b.php\">";
}elseif ($subtype="ctype") {
print "<META HTTP-EQUIV=\"refresh\" content=\"2; URL=/******/c.php\">";
}else {

}

} else {
print "<META HTTP-EQUIV=\"refresh\" content=\"2; URL=/index.html\">";
}
mysql_close ($con);
?>

[Third_Degree]

I haven't read all your code but try changing:

 

//This:
while($row = mysql_fetch_array($results)) {

//To This:
while($row = mysql_fetch_assoc($results)) {

 

[coldfiretech]

I dont think that is the problem becuase i can read the field. I think my if statement is wrong because i can get into the a type page.....

 

 

[cooldude832]

oh the operators  (this isn't a guru question )

 

the operators using the equal sign

 

=    =  Set something equal to that value

==  = Compare the two values "weak"

=== = Bitwise comparasion "strong"

!=    = Not equal to value before

 

 

See the problem

[Third_Degree]

ah

 

$subtype == "atype"

 

not

 

$subtype="atype"

 

sorry cooldude didn't see your post. yeah...

[cooldude832]

Third degree do you get this Red warning that pops up if you try and respond (such as u just did) after someone else posted?

 

I've heard ppl don't' get it and I wanted to know if its a myth or not.

[akitchin]

 

==  = Compare the two values "weak"

=== = Bitwise comparasion "strong"

 

 

that's not a bitwise comparison.  it is an identical comparison - it checks that both the value and the type of the variables match.  bitwise operators are far different than that.

 

"weak" and "strong" are not really accurate adjectives.  == is adequate in almost all cases, except when you're comparing values that may evaluate to equivalent because they're converted to integers (for example: FALSE and integer 0, if you're comparing strpos() returns).

 

the red warning is not a myth.  people just may not have read the post before going to reply (therefore don't get the warning but still haven't read it).

[cooldude832]

miswrote that meant to say type equal not just value

[coldfiretech]

I dont get it....  ???

 

Tried fixing the ==    Still nothing.. Can one of you please try this code out.  I really think it is the if statement because the atype part of it works just not the b and c types !

 

Thanks

<?php
$db_host = 'localhost';
$db_user = '****';
$db_pass = '*****';
$db_db = '******';
$con = mysql_connect($db_host, $db_user, $db_pass) or die('MySQl Connection Error:'.mysql_error());
mysql_select_db($db_db, $con) or die('MySQL Error: Cannot select table');
$user = $_POST['login'];
$passwd = $_POST['password'];
$sql0 = "SELECT * FROM users";
$results = mysql_query($sql0,$con);
while($row = mysql_fetch_array($results))
if ($user == $row['login'] && $passwd == $row['password']) {
$subtype = $row['subtype'];

if ($subtype=="atype") {
print "<META HTTP-EQUIV=\"refresh\" content=\"2; URL=/*****/a.php\">";
} elseif ($subtype=="btype") {
print "<META HTTP-EQUIV=\"refresh\" content=\"2; URL=/******r/b.php\">";
}elseif ($subtype=="ctype") {
print "<META HTTP-EQUIV=\"refresh\" content=\"2; URL=/******/c.php\">";
}else {

}

} else {
print "<META HTTP-EQUIV=\"refresh\" content=\"2; URL=/index.html\">";
}
mysql_close ($con);
?>

[cooldude832]

 

 

Tried fixing the ==     Still nothing.. Can one of you please try this code out. 

 

We don't have your database or dump so we can't try it

 

add in

echo "<br /><br />".$subtype."<br /><br />";

right before your if statements to see if the value is reasonable

[coldfiretech]

I tried echoing the $subtype varible and it prints the data accordingly..

[Third_Degree]

Third degree do you get this Red warning that pops up if you try and respond (such as u just did) after someone else posted?

 

I've heard ppl don't' get it and I wanted to know if its a myth or not.

 

I used to get it, but I turned it off in profile settings.

[cooldude832]

and it doesn't output any of your three meta refreshes?

 

see if its going right to your final if statement

 

also case must MaTcH

 

 

At third degree: ppl shouldn't be able to turn it off its very helpful

[coldfiretech]

Its not making it past the first one!!!

Sorry if i seem a little grumpy i have been working on this for hours and its getting to me!

Grr!

[cooldude832]

give me the exact output

also try using a better looking tab structure

<?php
$db_host = 'localhost';
$db_user = '****';
$db_pass = '*****';
$db_db = '******';
$con = mysql_connect($db_host, $db_user, $db_pass) or die('MySQl Connection Error:'.mysql_error());
mysql_select_db($db_db, $con) or die('MySQL Error: Cannot select table');
$user = $_POST['login'];
$passwd = $_POST['password'];
$sql0 = "SELECT * FROM users";
$results = mysql_query($sql0,$con);
while($row = mysql_fetch_array($results))
if ($user == $row['login'] && $passwd == $row['password']) {
$subtype = $row['subtype'];
if ($subtype=="atype") {
	print "<META HTTP-EQUIV=\"refresh\" content=\"2; URL=/*****/a.php\">";
}
elseif ($subtype=="btype") {
	print "<META HTTP-EQUIV=\"refresh\" content=\"2; URL=/******r/b.php\">";
}
elseif ($subtype=="ctype") {
	print "<META HTTP-EQUIV=\"refresh\" content=\"2; URL=/******/c.php\">";
}	
else {

}

} 
else {
print "<META HTTP-EQUIV=\"refresh\" content=\"2; URL=/index.html\">";
}
mysql_close ($con);
?>

[cooldude832]

a more pressing problem is in the fact that your login structure is poorly written

 

change

$sql0 = "SELECT * FROM users";

to

$sql0 = "SELECT * FROM users Where login = '".mysql_real_escape_string($_POST['login'])."' and password = '".mysql_real_escape_string($_POST['password'])."'";

 

and then instead of while($row = fetch put

if(mysql_num_rows($result) >0){


That is how a login should work 

[coldfiretech]

Okay.

Exact output is its not working! Okay. Again, its not getting passed the first if statement. If i echo $subtype and try logging in with the 3 different types it prints atype for the a type and btype for the btype and ctype for the c type! Okay, now it only redirects on the a type plan. I dont know if i can say this any more clearly.

 

I guess ill just have to figure it out. Im not trying to stress anyone out here.

[cooldude832]

I think you need to chill out and actually tell us what its doing

 

I don't see in your script where it can echo "not working" unless you are hiding something so a bit more info will help us help you

[akitchin]

if the first user that gets pulled from the database doesn't match your user's info (the POST info), it will redirect you to index.php.  that's because in your else{}, you tell it to do so.  either drop the else{} echoing from the while() loop, or place it after the while() loop altogether.

[coldfiretech]

Im fine. Im just really agrivated with this code.

 

Like i said in my first post. I just started writing php yesterday. So thanks for the comment on my poorly written code. Im sure you wrote your first login system flawlessly.

 

And no, im not hidding something

Ill post the file so you can see it for yourself.

 

 

[attachment deleted by admin]

[akitchin]

ignore cooldude's post and have a look at mine.  i think you'll find that answers your question.

[cooldude832]

I'm trying to help you by saying you are over workin the server for that

 

I am going to rewrite this for you because I don't want to see you discouraged from php but don't expect hand outs

 

<?php
$db_host = 'localhost';
$db_user = '****';
$db_pass = '****';
$db_db = '*****';
$con = mysql_connect($db_host, $db_user, $db_pass) or die('MySQl Connection Error:'.mysql_error());
mysql_select_db($db_db, $con) or die('MySQL Error: Cannot select table');

$user = mysql_real_escape_string($_POST['login'])
$password = mysql_real_escape_string($_POST['password']);

$q = "
SELECT 
	login, subtype
FROM `users`
Where
	login = '".$user."' AND 
	password = '".$password."'
";
$r = mysql_query($q,$con) or die(mysql_error()."<br /><br />".$q);
$results = mysql_query($sql0,$con);
if(mysql_num_rows($result) >0){
$row = mysql_fetch_assoc($r);

switch ($row['subtype']){

	case "single":
		die(header("location: /****/single.php"));
	break;
	case "partner":
		die(header("location: /****/partner.php"));
	break;
	case "family":
		die(header("location: /***/family.php"));
	break;
	default:
		die(header("location: index.html?msg=invalid subtype"));
}
}
else{
die(header("location: index.html?msg=invalid login"));
}
mysql_close ($con);
?>

[coldfiretech]

Moved the other redirect to the bottom. Still nothing

 

Got this error though

 

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\wamp\www\cellsavior\userAuth.php on line 13

Login Failed

[cooldude832]

sorry missed that

<?php
$db_host = 'localhost';
$db_user = '****';
$db_pass = '****';
$db_db = '*****';
$con = mysql_connect($db_host, $db_user, $db_pass) or die('MySQl Connection Error:'.mysql_error());
mysql_select_db($db_db, $con) or die('MySQL Error: Cannot select table');

$user = mysql_real_escape_string($_POST['login'])
$password = mysql_real_escape_string($_POST['password']);

$q = "
SELECT 
	login, subtype
FROM `users`
Where
	login = '".$user."' AND 
	password = '".$password."'
";
$r = mysql_query($q,$con) or die(mysql_error()."<br /><br />".$q);
if(mysql_num_rows($r) >0){
$row = mysql_fetch_assoc($r);

switch ($row['subtype']){

	case "single":
		die(header("location: /****/single.php"));
	break;
	case "partner":
		die(header("location: /****/partner.php"));
	break;
	case "family":
		die(header("location: /***/family.php"));
	break;
	default:
		die(header("location: index.html?msg=invalid subtype"));
}
}
else{
die(header("location: index.html?msg=invalid login"));
}
mysql_close ($con);
?>

[coldfiretech]

Thank you. I tried that code you just posted... I do appreciate your help. And i dont expect handouts.

 

Its highlighting this line

 

"$password = mysql_real_escape_string($_POST['password']);"

and when i run it it throws this

 

 

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in C:\wamp\www\cellsavior\userAuth.php on line 13

Login Failed