John_S Posted September 14, 2008 Share Posted September 14, 2008 Hello all, I am a PHP newbie and recently I started to make my own CMS, however already after 1 page I discovered that there is a mistake in my code which I can't find therefore I'd like to ask you all if you could help me please. Here's my code: <?php //This file contains the whole script. // File: includes/functions.php function db_connect() { $host = 'localhost'; $user = 'root'; $password = ''; $database = 'test'; $connection = mysql_connect($host,$username,$password) or die ('Error while executing the query, can not connect to the database.'); $database = mysql_select_db($database, $connection) or die ('Error while executing the query, can not select database.'); return $database; } //File .../Login.php include('includes/functions.php'); if (isset($_POST['username']) and isset($_POST['password'])) { db_connect(); $username = $_POST['username']; $password = md5($_POST['password']); $tmp = mysql_query('SELECT username FROM users WHERE username = "$username" AND password = "$password"'); $num = mysql_num_rows($tmp); if ($num < 0 or $num > 1) { exit("Wrong login information. Please try again."); } $tmp = mysql_query('SELECT staff FROM users WHERE username = "$username"'); switch($tmp) { case "1"; session_start(); $_SESSION['user'] = $_POST['username']; $_SESSION['permissions'] = "1"; break; case "2"; session_start(); $_SESSION['user'] = $_POST['username']; $_SESSION['permissions'] = "2"; break; default: break; } echo '<meta HTTP-EQUIV= "REFRESH" content="0"; url=http://localhost/index.php">'; } else { print "No data entered. Please return and enter your login information in the required fields."; } //////////////////////////////////////////////////////////// end. /////////////////////////////////////////////// ?> Thanks a lot in advance. Yours John_S Quote Link to comment Share on other sites More sharing options...
peranha Posted September 14, 2008 Share Posted September 14, 2008 what error are you getting? Quote Link to comment Share on other sites More sharing options...
PFMaBiSmAd Posted September 14, 2008 Share Posted September 14, 2008 What have you done to troubleshoot where the problem is? What is it doing that is incorrect? Programming help forums can only help with specific problems and can only help when you provide sufficient information about what you see in front of you. Quote Link to comment Share on other sites More sharing options...
John_S Posted September 14, 2008 Author Share Posted September 14, 2008 Well I always get the "ELSE" part. It doesn't verify informations in IF (login.php file) Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted September 14, 2008 Share Posted September 14, 2008 check if anything is being posted, and check if the post names are correct $_POST['post_name']; <input name="Post_name"> Quote Link to comment Share on other sites More sharing options...
John_S Posted September 14, 2008 Author Share Posted September 14, 2008 Seems ok for me: <form id="user_login" name="user_login" method="post" action="login.php"> <label>Username <input type="text" name="username" id="username" /></label> <label>Password <input type="password" name="password" id="password" /></label><br /> <label>Submit <input type="submit" name="submit" id="submit" value="Submit" /></label> </form> Quote Link to comment Share on other sites More sharing options...
redarrow Posted September 14, 2008 Share Posted September 14, 2008 put session_start once at the top off ur page please delete the rest.......... also add if($_POST['submit']){ // do somthink } Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted September 14, 2008 Share Posted September 14, 2008 try this <?php session_start(); //This file contains the whole script. // File: includes/functions.php function db_connect() { $host = 'localhost'; $user = 'root'; $password = ''; $database = 'test'; $connection = mysql_connect($host,$username,$password); $database = mysql_select_db($database, $connection); if($connection && $database) { return true; } else { $error = "Error while executing the query"; return $error; } } //File .../Login.php include('includes/functions.php'); if (isset($_POST['submit'])) { echo db_connect(); $username = $_POST['username']; $password = md5($_POST['password']); $tmp = mysql_query('SELECT username FROM users WHERE username = "$username" AND password = "$password"') or die(mysql_error()); $num = mysql_num_rows($tmp) or die(mysql_error()); if ($num < 0 or $num > 1) { exit("Wrong login information. Please try again."); } $tmp = mysql_query('SELECT staff FROM users WHERE username = "$username"') or die(mysql_error()); switch($tmp) { case "1"; $_SESSION['user'] = $_POST['username']; $_SESSION['permissions'] = "1"; break; case "2"; $_SESSION['user'] = $_POST['username']; $_SESSION['permissions'] = "2"; break; default: break; } echo '<meta HTTP-EQUIV= "REFRESH" content="0"; url=http://localhost/index.php">'; } else { echo "No data entered. Please return and enter your login information in the required fields.";//i dont like print } //////////////////////////////////////////////////////////// end. /////////////////////////////////////////////// ?> Quote Link to comment Share on other sites More sharing options...
John_S Posted September 14, 2008 Author Share Posted September 14, 2008 I did as you said and it seems to be working but only a part of the script, it does the switch and the redirect function, but it doesn't initiate session variables So I arrive back on index.php page without the session variables set. I think it is a MySQL query error but I don't see where could it be ??? Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted September 14, 2008 Share Posted September 14, 2008 did u try my code ^^? Quote Link to comment Share on other sites More sharing options...
John_S Posted September 14, 2008 Author Share Posted September 14, 2008 did u try my code ^^? Yes, I see "1" and no more code at all. Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted September 14, 2008 Share Posted September 14, 2008 my code should of worked , so was there any errors or anything from it? Quote Link to comment Share on other sites More sharing options...
John_S Posted September 14, 2008 Author Share Posted September 14, 2008 I rechecked your code, the "1" was my error so I corrected it, but same as below, it redirects me to the main page without initialising the session variables :/ Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted September 14, 2008 Share Posted September 14, 2008 how do you know the session isnt created?? Have u put session_start(); at the top of everypage? Quote Link to comment Share on other sites More sharing options...
John_S Posted September 14, 2008 Author Share Posted September 14, 2008 Yes, and I know that since I have a echo which displays $_SESSION['user'] or Guest depending if the user is logged in or not, but each time I activate the script, it shows Guest. :'( Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted September 14, 2008 Share Posted September 14, 2008 show the code for that bit, that is probably where the problem is Quote Link to comment Share on other sites More sharing options...
keyurshah Posted September 15, 2008 Share Posted September 15, 2008 The problem lies in your switch statement case "1"; session_start(); $_SESSION['user'] = $_POST['username']; $_SESSION['permissions'] = "1"; break; Put a colon [:] instead of semi-colon [;]. case "1"; should be case "1": ... ... ... A semi-colon ends a php statement. Hence it seems that the moment you start a case it ends. Quote Link to comment Share on other sites More sharing options...
John_S Posted September 15, 2008 Author Share Posted September 15, 2008 Will try it, thanks Quote Link to comment Share on other sites More sharing options...
John_S Posted September 15, 2008 Author Share Posted September 15, 2008 Tried, sadly it doesn't work Quote Link to comment Share on other sites More sharing options...
DeanWhitehouse Posted September 15, 2008 Share Posted September 15, 2008 show the code for that bit, that is probably where the problem is Quote Link to comment Share on other sites More sharing options...
John_S Posted September 16, 2008 Author Share Posted September 16, 2008 Here it is: if (isset($_POST['username']) and isset($_POST['password'])) { db_connect(); $username = $_POST['username']; $password = md5($_POST['password']); $tmp = mysql_query('SELECT username FROM users WHERE username = "$username" AND password = "$password"'); $num = mysql_num_rows($tmp); if ($num < 0 or $num > 1) { exit("Wrong login information. Please try again."); } $tmp = mysql_query('SELECT staff FROM users WHERE username = "$username"'); switch($tmp) { case "1"; session_start(); $_SESSION['user'] = $_POST['username']; $_SESSION['permissions'] = "1"; break; case "2"; session_start(); $_SESSION['user'] = $_POST['username']; $_SESSION['permissions'] = "2"; break; default: break; } echo '<meta HTTP-EQUIV= "REFRESH" content="0"; url=http://localhost/index.php">'; } Quote Link to comment Share on other sites More sharing options...
KevinM1 Posted September 16, 2008 Share Posted September 16, 2008 You need to fetch the second query's results. You also need to swap your double and single quotes around: $tmp = mysql_query("SELECT staff FROM users WHERE username = '$username'"); $row = mysql_fetch_assoc($tmp); $staff = $row['staff']; switch($staff) { case "1": session_start(); $_SESSION['user'] = $_POST['username']; $_SESSION['permissions'] = "1"; break; case "2": . . . } Quote Link to comment Share on other sites More sharing options...
John_S Posted September 16, 2008 Author Share Posted September 16, 2008 Thanks! It works now! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.