taichimasta Posted September 17, 2008 Share Posted September 17, 2008 hey this is my first post and few times here on phpfreaks, I'm not a PRO as most of you but i have been studying php a few yrs total(2 almost 3) (reading books , self taught). and I'm in need of assistance/help. my script is a WIP but i just need to figure out why isn't it reading the rows in my database , i need a 3rd party to see what I'm doing wrong. ( its usually something i missed , something small so if you could help me out it would be great) <?php // there is connection code and everything but its not here for obvious reason(s) /***************CONNECTION INFO***********************/ $connection = mysql_connect($host,$dbadmin,$dbpass) or die("Connection failed"); /**************SELECT THE DATABASE*********************/ $sel = mysql_select_db($database,$connection) or die(mysql_error()); /* or die("Confused Selection"); */ /**************SENDING QUERY TO DATQBASE***************/ $sql = "SELECT * FROM $table_1 WHERE user_name='$userme' AND user_pass='$passme'"; $res = mysql_query($sql) or die("lost Package"); $count = mysql_num_rows($res); /********************CHECKING DATABASE FOR USERNAME AND PASSWORD *******/ /***********IF USER EXIST CONTINUE IF NOT DESTORY AND GIVE A NICE MESSAGE SAYING PERSON(S) FAILED***/ if($count==1) { echo "<center>Your in</center>"; exit; } else {echo "<center>Wrong Username or Password</center>";} echo "<center>$count Party pooper</center>"; $user = mysql_real_escape_string($user); $pass = mysql_real_escape_string($pass); $user = stripslashes($user); $pass = stripslashes($pass); ?> oh before i forget it doesn't read that there are rows matching for a succefull login, it just gives me 0 because i echo is out to see if any rows are there to match. Link to comment https://forums.phpfreaks.com/topic/124576-solved-login-fail/ Share on other sites More sharing options...
genericnumber1 Posted September 17, 2008 Share Posted September 17, 2008 You're using $host as your host, not the value in $host, remove the single quotes around it if you really want it. you didn't set $userme or $passme, also you will want a space between $table_1 and WHERE. (edit: nvm you added the space) Also, you are doing a pointless stripslashes and mysql_real_escape_string() at the bottom. And it's You're in, not Your (this one is for me) Link to comment https://forums.phpfreaks.com/topic/124576-solved-login-fail/#findComment-643441 Share on other sites More sharing options...
btherl Posted September 17, 2008 Share Posted September 17, 2008 Try adding this to your code: echo "Query: $sql<br>"; A lot of problems can be solved by looking at the query your code is generating. Link to comment https://forums.phpfreaks.com/topic/124576-solved-login-fail/#findComment-643443 Share on other sites More sharing options...
taichimasta Posted September 17, 2008 Author Share Posted September 17, 2008 why is it pointless genericnumber1? i need stripslashes and mysql_real_escape_string to prevent injections. and thanks btherl i'm going to do that right now. plus the connection to the database is fine i just put filler varables there so i wouldn't accidently put the real string in to show in this forum. and yes forgive my grammer that will be fixed its less of a worry right now , my main concern is the backend/php. Link to comment https://forums.phpfreaks.com/topic/124576-solved-login-fail/#findComment-643450 Share on other sites More sharing options...
genericnumber1 Posted September 17, 2008 Share Posted September 17, 2008 why is it pointless genericnumber1? i need stripslashes and mysql_real_escape_string to prevent injections. and thanks btherl i'm going to do that right now. plus the connection to the database is fine i just put filler varables there so i wouldn't accidently put the real string in to show in this forum. and yes forgive my grammer that will be fixed its less of a worry right now , my main concern is the backend/php. They're pointless because they're below everything and you don't use the variables inside of them in the query. Also, calling stripslashes possibly will undo what escape_string does (if your mysql_real_escape_string() uses \ to escape quotes) john's kitchen becomes john\'s kitchen and then, the next line you change it back to john's kitchen As I said, pointless. Link to comment https://forums.phpfreaks.com/topic/124576-solved-login-fail/#findComment-643454 Share on other sites More sharing options...
taichimasta Posted September 17, 2008 Author Share Posted September 17, 2008 oh your right, ! fixing that now Link to comment https://forums.phpfreaks.com/topic/124576-solved-login-fail/#findComment-643455 Share on other sites More sharing options...
taichimasta Posted September 17, 2008 Author Share Posted September 17, 2008 still can't login , and i checked the query/$sql it just gives me the what i wrote $sql = "SELECT * FROM users WHERE user_name='$user' AND user_pass='$pass'"; ***********************************************OUTPUT********************** SELECT * FROM users WHERE user_name='' AND user_pass='' and mysql_num_rows still gives me 0 which it shouldn't. Link to comment https://forums.phpfreaks.com/topic/124576-solved-login-fail/#findComment-643456 Share on other sites More sharing options...
genericnumber1 Posted September 17, 2008 Share Posted September 17, 2008 $user and $pass don't seem to be set, if you're getting them from the form use $user = $_POST['user'] or whatever method you use to get the username Link to comment https://forums.phpfreaks.com/topic/124576-solved-login-fail/#findComment-643457 Share on other sites More sharing options...
taichimasta Posted September 17, 2008 Author Share Posted September 17, 2008 $user = $_POST['username']; $pass = $_POST['userpass']; there set ^ its right before Link to comment https://forums.phpfreaks.com/topic/124576-solved-login-fail/#findComment-643458 Share on other sites More sharing options...
taichimasta Posted September 17, 2008 Author Share Posted September 17, 2008 holy crap that was it , i feel like an idiot thanks you and so fast. Link to comment https://forums.phpfreaks.com/topic/124576-solved-login-fail/#findComment-643460 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.