twilitegxa Posted August 24, 2008 Share Posted August 24, 2008 I am working with a tutorial in a book and am apparently missing something on my php page. Can anyone help me figure out what the problem is? Here is the script: Form: (listing15.7.php) <html> <head> <title>Listing 15.7 User Login Form</title> </head> <body> <h1>Login Form</h1> <form mehtod="post" action="listing15.8.php"> <p><strong>Username:</strong><br /> <input type="text" name="username"></p> <p><strong>Password:</strong><br /> <input type="password" name="password"></p> <p><input type="submit" name="submit" value="Login"</p> </form> </body> </html> PHP: (listing15.8.php) <?php //check for required fields from the form if ((!$_POST[username]) || (!$_POST[password])) { header("Location: listing15.7.php"); exit; } //connect to server and select database $conn = mysql_connect("localhost", "root", "") or die(mysql_error()); mysql_select_db("smrpg",$conn) or die(mysql_error()); //create and issue the query $sql = "select f_name, l_name from auth_users where username = '$_POST[username]' AND password = password('$_POST[password]')"; $result = mysql_query($sql,$conn) or die(mysql_error()); //get the number of rows in the result set; should be 1 if a match if (mysql_num_rows($result) == 1) { //if authorized, get the value of f_name l_name $f_name = mysql_result($result, 0, 'f_name'); $l_name = mysql_result($result, 0, 'l_name'); //set authorization cookie setcookie("auth", "1", 0, "/", "yourdomain.com", 0); //prepare message for printing, and user menu $msg = "<p>$f_name $l_name is authorized!</p>"; $msg .= "<p>Authorized Users' Menu:"; $msg .= "<ul><li><a href=\"listing15.9.php\">secret page</a></li></ul>"; } else { //redirect back to login if not authorized header("Location: listing15.7.php"); exit; } ?> <html> <head> <title>Listing 15.8 User Login</title> </head> <body> <? print "$msg"; ?> </body> </html> It just keeps redirecting me to the login, as if the username and password I enter is incorrect. The contents of the table were: create table auth_users ( id int not null primary key auto_increment, f_name varchar(50), l_name varchar(50), email varchar(150), username varchar(25), password varchar (75) ); And... insert into auth_users values ('', 'John', 'Doe', '[email protected]', 'jdoe', password('doepass'); The last php page, I can't even get to because the first one doesn't work, but here's the script for it in case I run into problems with it as well: <?php if ($_COOKIE[auth] == "1") $msg = "<p>You are an authorized user.</p>"; } else { //redirect back to login form if not authorized header("Location: listing15.7.php"); exit; } ?> <html> <head> <title>Listing 15.8 Accessing a restricted page</title> </head> <body> <?php print "$msg"; ?> </body> </html> What am I doing wrong on the first php code? Why won't it log in the user jdoe with password doepass? Link to comment https://forums.phpfreaks.com/topic/121072-solved-help-with-authorization-script/ Share on other sites More sharing options...
Fadion Posted August 24, 2008 Share Posted August 24, 2008 The only one who can debug the code is you. First post the whole code in [ code ] tags, so it gets colored correctly and we can look at it. Next, i found a possible error in your code: $sql = "select f_name, l_name from auth_users where username = '$_POST[username]' AND password = password('$_POST[password]')"; You have try replacing it with: $sql = "SELECT f_name, l_name FROM auth_users WHERE username='{$_POST['username']}' AND password=password('{$_POST['password']}')"; I added single quotes in the $_POST indexes. Hope this fixes it. If not, check if the values from post are coming by printing them in different places of the script. Link to comment https://forums.phpfreaks.com/topic/121072-solved-help-with-authorization-script/#findComment-624189 Share on other sites More sharing options...
twilitegxa Posted August 24, 2008 Author Share Posted August 24, 2008 It didn't fix the problem. Here is the code again, with code tags. Form: (listing15.7.php) <html> <head> <title>Listing 15.7 User Login Form</title> </head> <body> <h1>Login Form</h1> <form mehtod="post" action="listing15.8.php"> <p><strong>Username:</strong> <input type="text" name="username"></p> <p><strong>Password:</strong> <input type="password" name="password"></p> <p><input type="submit" name="submit" value="Login"</p> </form> </body> </html> PHP: (listing15.8.php) <?php //check for required fields from the form if ((!$_POST[username]) || (!$_POST[password])) { header("Location: listing15.7.php"); exit; } //connect to server and select database $conn = mysql_connect("localhost", "root", "") or die(mysql_error()); mysql_select_db("smrpg",$conn) or die(mysql_error()); //create and issue the query $sql = "select f_name, l_name from auth_users where username = '$_POST[username]' AND password = password('$_POST[password]')"; $result = mysql_query($sql,$conn) or die(mysql_error()); //get the number of rows in the result set; should be 1 if a match if (mysql_num_rows($result) == 1) { //if authorized, get the value of f_name l_name $f_name = mysql_result($result, 0, 'f_name'); $l_name = mysql_result($result, 0, 'l_name'); //set authorization cookie setcookie("auth", "1", 0, "/", "yourdomain.com", 0); //prepare message for printing, and user menu $msg = "<p>$f_name $l_name is authorized!</p>"; $msg .= "<p>Authorized Users' Menu:"; $msg .= "<ul><li><a href=\"listing15.9.php\">secret page[/url]</li></ul>"; } else { //redirect back to login if not authorized header("Location: listing15.7.php"); exit; } ?> <html> <head> <title>Listing 15.8 User Login</title> </head> <body> <? print "$msg"; ?> </body> </html> It just keeps redirecting me to the login, as if the username and password I enter is incorrect. The contents of the table were: create table auth_users ( id int not null primary key auto_increment, f_name varchar(50), l_name varchar(50), email varchar(150), username varchar(25), password varchar (75) ); And... insert into auth_users values ('', 'John', 'Doe', '[email protected]', 'jdoe', password('doepass'); Link to comment https://forums.phpfreaks.com/topic/121072-solved-help-with-authorization-script/#findComment-624317 Share on other sites More sharing options...
twilitegxa Posted September 22, 2008 Author Share Posted September 22, 2008 I figured out my problem. First of all, I had method spelled wrong in my first page. Secondly, I had the page directing to the wrong page if the user was authorized. Thanks for all the help you guys! Link to comment https://forums.phpfreaks.com/topic/121072-solved-help-with-authorization-script/#findComment-647509 Share on other sites More sharing options...
twilitegxa Posted September 22, 2008 Author Share Posted September 22, 2008 I also changed the <? to <?php and that seemed to help as well. Link to comment https://forums.phpfreaks.com/topic/121072-solved-help-with-authorization-script/#findComment-647510 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.