Jump to content

MySQL error or user error?

9three

By 9three
in PHP Coding Help

 Share

Recommended Posts

9three Regular Member

9three

Posted
Posted

I'm getting this error:

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'ODBC'@'localhost' (using password: NO) in C:\Users\admin\index.php on line 42

 

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in C:\Users\admin\index.php on line 42

 

I have a login system:

 

index.php

elseif(isset($_POST['submit']))
{
  $username = mysql_real_escape_string($_POST['username']);
  $password = md5($_POST['password']);
  
  $connection = new mysql();
  $connection->connect('localhost', 'root', '');
  $connection->select('cms');
  
  $query = "SELECT Username, 
            Password 
            FROM admin 
            WHERE Username = '".mysql_real_escape_string($username)."' 
            AND Password = '".md5($password)."'"; 
  $connection->query($query);
  $connection->verifyuser();
}

 

Line 42 is where $username = mysql_real_escape_string is. The error is telling me it's not able to establish a link. I have set up to throw an exception if I can't connect but it's not throwing me that exception so it can't be my initial connection.

 

Here is my verifyuser method

 

  public function verifyuser()
  {
    $this->user = mysql_num_rows($this->query);
    if ($this->user == 1)
    {
      $username = $_SESSION['username'];
      $_SESSION['user_agent'] = 1;
      echo '<meta http-equiv="refresh" content="0;index.php" />';
    }

 

I'm not really able to decipher the error  :-\

 

Link to comment
https://forums.phpfreaks.com/topic/139585-mysql-error-or-user-error/
Share on other sites
castis Newbie

castis

Posted
Posted

move the connection piece above where you get your username and password from $_POST

 

edit: when using mysql_real_escape_string, the mysql extension automatically checks for an open connection, since procedural code goes top to bottom, you're trying to use the function and THEN connect. You need to be connected and THEN use the function.

 

elseif(isset($_POST['submit']))
{
  $connection = new mysql();
  $connection->connect('localhost', 'root', '');
  $connection->select('cms');

  $username = mysql_real_escape_string($_POST['username']);
  $password = md5($_POST['password']);
  
  $query = "SELECT Username, 
            Password 
            FROM admin 
            WHERE Username = '".mysql_real_escape_string($username)."' 
            AND Password = '".md5($password)."'"; 
  $connection->query($query);
  $connection->verifyuser();
}

9three Regular Member

9three

Posted
  • Author
Posted

Argh, problem just popped up...

 

The code seems to be running through just fine. What's happening though is that my method verifryuser is checking for the result, and if it finds one, it defines the sessions and refreshes the page. When the page refreshes and the browser starts to read the code, and it finds the sessions it shows the hidden content.

 

But for some reason, the sessions are not setting. I can tell because the page refreshes but I stay in the log in form.

 

  public function verifyuser()
  {
    $this->user = mysql_num_rows($this->query);
    if ($this->user == 1)
    {
      $username = $_SESSION['username'];
      $_SESSION['user_agent'] = 1;
      echo '<meta http-equiv="refresh" content="0;index.php" />';
    }
    else
    {
      display_denied_login();
    }
  }

 

The login doesn't fail because it doesn't redirect me to the display_denied_login() function, which displays "Access denied".

 

In procedural ways, this code works fine, but since I'm trying to get used to OOP it might not work the same.

castis Newbie

castis

Posted
Posted

what are the contents of your index.php file?

 

also, users dont really like the waiting periods. if you use the header relocation, they're automatically sent to where you want them to go.

 

  public function verifyuser()
  {
    $this->user = mysql_num_rows($this->query);
    if ($this->user == 1)
    {
      $username = $_SESSION['username'];
      $_SESSION['user_agent'] = 1;
      header('location:index.php');
    }
    else
    {
      display_denied_login();
    }
  }

9three Regular Member

9three

Posted
  • Author
Posted

Well if the session is set

 

authenticate();
if(!empty($_SESSION['user_agent']) && !empty($_SESSION['username']))
{
  $username = $_SESSION['username'];
  echo <<<__HTML
<div id="wrapper">
__HTML;
include_once ('includes/navigation/navigation.php');
display_content_top();
}

 

authenticate function has

 

/**
* Start a session, regenerate session ID on every page
* Authenticate user on every page if it fails, destroy session
*/
function authenticate()
{
  session_start();
  session_regenerate_id();

  $_SESSION['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
  if ($_SESSION['user_agent'] != $_SERVER['HTTP_USER_AGENT'])
  {
    $_SESSION = array(); 
    session_unset();
    session_destroy();
    header('error/unathorized.php');
  }
}

 

if sessions are not set then

 

elseif(isset($_POST['submit']))
{ 
  $connection = new mysql();
  $connection->connect('localhost', 'root', '');
  $connection->select('cms');
  $username = escape($_POST['username']);
  $password = secure($_POST['password']);
  $query = "SELECT Username, 
            Password 
            FROM admin 
            WHERE Username = '$username' 
            AND Password = '$password'"; 
  $connection->query($query);
  $connection->verifyuser();
}
else
{
  display_login(); 
}

include_once('includes/footer/footer.php');
?>

 

All of this is in my index.php

9three Regular Member

9three

Posted
  • Author
Posted

okay here it is:

 

<?php
include_once('includes/includes.php');
authenticate();
check_login();
include_once('includes/header/header.php');

if(!empty($_SESSION['user_agent']) && !empty($_SESSION['username']))
{
  $username = $_SESSION['username'];
  echo <<<__HTML
<div id="wrapper">
__HTML;
include_once ('includes/navigation/navigation.php');
display_content_top();

echo <<<__HTML
<table class="contenttable" width="100%" border="0" cellspacing="0" cellpadding="1">
<tr>
<td class="contentinside" background="images/content_bg.jpg">
Welcome to the admin panel $username
</td>
</tr>
<tr>
<td>                    
<p>Lorem ipsum dolor sit amet, consectetur adipiscing elit. Quisque ligula urna, congue id, ultrices non, placerat eget, elit. Nulla lacinia nulla ultricies ligula. Proin velit. Pellentesque imperdiet, velit vel ultricies rhoncus, sem neque vulputate est, sit amet ultricies eros est vitae justo. Vivamus hendrerit, lacus vitae hendrerit tristique, nisi mauris ultrices justo, quis ornare tellus lacus porta eros. Nulla sagittis. Mauris tempor, sem vitae imperdiet euismod, diam massa imperdiet felis, ut luctus mauris eros eget lacus. Donec consequat. Aenean consectetur erat eu erat. Pellentesque porttitor placerat nisl. Vivamus dictum lacus feugiat urna. Ut posuere nisl nec dui cursus aliquet. Praesent a diam. Sed auctor elementum ipsum. Aliquam aliquet facilisis neque. </p>
</td>
</tr>
</table>
<br />
__HTML;

display_content_bottom();
?>

</div>

<?php
include_once('includes/footer/footer.php');

}
elseif(isset($_POST['submit']))
{ 
  $connection = new mysql();
  $connection->connect('localhost', 'root', '');
  $connection->select('cms');
  $username = escape($_POST['username']);
  $password = secure($_POST['password']);
  $query = "SELECT Username, 
            Password 
            FROM admin 
            WHERE Username = '$username' 
            AND Password = '$password'"; 
  $connection->query($query);
  $connection->verifyuser();
}
else
{
  display_login(); 
}

include_once('includes/footer/footer.php');
?>

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.