PC Nerd Posted July 6, 2006 Share Posted July 6, 2006 im using the following SQL to scource from a database(mysql)[code]$User_SQL = "SELECT User_Name, `Password` FROM Table_1 WHERE User_Name = '$User_Name' ";[/code]the User_Name is defined from a $_POST array, and i noticed that the page is sending the data like an GET statement, but i told the html to send it as POST. then i define $User_Name from the Post array. why is the data being sent like this, and how can i stop it. im pretty sure that this is the problem but i dont know how to frix itcan anyone help me P.S. i think this is the reason my problem continued after my last question. Quote Link to comment Share on other sites More sharing options...
ToonMariner Posted July 6, 2006 Share Posted July 6, 2006 Can you show the html for the form please.also....are you defining$User_Name = $_POST['User_Name']if not then it would look like you are relying on register globals being ON and it is now defualt to OFF (the correct settng IMO).you could try this.....$User_SQL = "SELECT `User_Name`, `Password` FROM Table_1 WHERE User_Name = '" . $_POST['User_Name'] ."' ";$User_SQL = mysql_query($User_SQL); Quote Link to comment Share on other sites More sharing options...
PC Nerd Posted July 6, 2006 Author Share Posted July 6, 2006 yes, i am defining User_Name as you showed, and ive changed the $_POST[] to$_REQUEST[] but there is no differenceill post the supporting code next Quote Link to comment Share on other sites More sharing options...
PC Nerd Posted July 6, 2006 Author Share Posted July 6, 2006 ok, the sorounding code to the sql definition is[code]include("URL/inc files/Database link.inc"); $User_Name = $_REQUEST['User_Name']; $User_SQL = "SELECT User_Name, Password FROM Table_1 WHERE User_Name = '$User_Name' "; $result = @mysql_query($User_SQL, $DB_Server); if(!$result){ echo "Unable to perform query: $User_SQL<br>"; echo mysql_error(); } $confirm = mysql_fetch_array($result); if($confirm['User_Name'] == $_POST['User_Name'] and $confirm['Password'] == $_POST['Password']){[/code]And the login form is[code]<h3>Player Login</h3> <form action="B_A-Login.php" action="POST"> <p>Player Name: <input type=test name=User_Name></p> <p>Password: <INPUT type=password name=Password</p> <p><input type=submit value=send></p> </form>[/code]if there is anything i have missed, let me know (the inc file is not posted because i am 99% sure the error is not ther although i am new and might be wrong if you want it let me know)Thanks PC NErd Quote Link to comment Share on other sites More sharing options...
GingerRobot Posted July 6, 2006 Share Posted July 6, 2006 [quote]<form action="B_A-Login.php" action="POST">[/quote]Needs to be:<form action="B_A-Login.php" method="POST"> Quote Link to comment Share on other sites More sharing options...
PC Nerd Posted July 6, 2006 Author Share Posted July 6, 2006 thanks, that works but now the page is echoing the entire contents of the inc file, but i think ive come accros this problem before, so ill have a llok at it.thanks againPc Nerd Quote Link to comment Share on other sites More sharing options...
GingerRobot Posted July 6, 2006 Share Posted July 6, 2006 No problem,Im guessing that the problem with the included file is that your php is unlikely to be set up to parse .inc files, so you will have to rename it to something like file.inc.php Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.