Jump to content

Archived

This topic is now archived and is closed to further replies.

PC Nerd

SQL Error

Recommended Posts

im using the following SQL to scource from a database(mysql)

[code]$User_SQL = "SELECT User_Name, `Password` FROM Table_1 WHERE User_Name = '$User_Name' ";[/code]

the User_Name is defined from a $_POST array, and i noticed that the page is sending the data like an GET statement, but i told the html to send it as POST.  then i define $User_Name from the Post array.  why is the data being sent like this, and how can i stop it.  im pretty sure that this is the problem but i dont know how to frix it

can anyone help me

P.S.
  i think this is the reason my problem continued after my last question. 

Share this post


Link to post
Share on other sites
Can you show the html for the form please.

also....

are you defining

$User_Name = $_POST['User_Name']

if not then it would look like you are relying on register globals being ON and it is now defualt to OFF (the correct settng IMO).

you could try this.....

$User_SQL = "SELECT `User_Name`, `Password` FROM Table_1 WHERE User_Name = '" . $_POST['User_Name'] ."' ";
$User_SQL = mysql_query($User_SQL);

Share this post


Link to post
Share on other sites
yes, i am defining User_Name as you showed, and ive changed the $_POST[] to$_REQUEST[] but there is no difference

ill post the supporting code next

Share this post


Link to post
Share on other sites
ok, the sorounding code to the sql definition is

[code]include("URL/inc files/Database link.inc");
                $User_Name = $_REQUEST['User_Name'];
$User_SQL = "SELECT User_Name, Password FROM Table_1 WHERE User_Name = '$User_Name' ";

$result = @mysql_query($User_SQL, $DB_Server);

                if(!$result){
                        echo "Unable to perform query: $User_SQL<br>";
                        echo mysql_error();
                 }

$confirm = mysql_fetch_array($result);

if($confirm['User_Name'] == $_POST['User_Name'] and $confirm['Password'] == $_POST['Password']){
[/code]


And the login form is

[code]<h3>Player Login</h3>
<form action="B_A-Login.php" action="POST"> <p>Player Name: <input type=test name=User_Name></p>
<p>Password: <INPUT type=password name=Password</p>
<p><input type=submit value=send></p>
</form>
[/code]


if there is anything i have missed, let me know (the inc file is not posted because i am 99% sure the error is not ther although i am new and might be wrong  if you want it let me know)
Thanks PC NErd

Share this post


Link to post
Share on other sites
[quote]<form action="B_A-Login.php" action="POST">[/quote]

Needs to be:
<form action="B_A-Login.php" method="POST">

Share this post


Link to post
Share on other sites
thanks, that works  but now the page is echoing the entire contents of the inc file, but i think ive come accros this problem before, so ill have a llok at it.

thanks again

Pc Nerd

Share this post


Link to post
Share on other sites
No problem,

Im guessing that the problem with the included file is that your php is unlikely to be set up to parse .inc files, so you will have to rename it to something like file.inc.php

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.