Jump to content

[SOLVED] Help with a Mysql+PHP problem

Warraven

By Warraven
in PHP Coding Help

 Share

Recommended Posts

Warraven Newbie

Warraven

Posted
Posted

Hello, I am here just asking about an error I got with my code.

I am new to PHP and Mysql and have just started a little project that is a very, very simple text based game. It's simple I have main_login.php, checklogin.php and members_area.php.

main_login.php is where you login, ofcourse. checklogin.php is checking if the username and password are correct and exist or doesn't exist and then if they are it redirects to the members_area.php which is where I store most of my code, and is where I got the error.

I am using phpMyAdmin for the database.

 

The error in members_area.php is:

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\wamp\www\members_area.php on line 11

 

Here is the code:

main_login.php

<table width="300" border="1" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="checklogin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
<td colspan="3"><strong>Member Login </strong></td>
</tr>
<tr>
<td width="78">Username</td>
<td width="6">:</td>
<td width="294"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="submit" name="Submit" value="Login"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
<table width="300" border="1" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form2" method="post" action="main_register.php">
<td>
<table width="100%" border="0" align="center" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<td colspan="3"><strong>Not Registered? </strong><input type="submit" name="Submit" value="Register"></td>
</table>
</td>
</form>
</tr>
</table>

 

checklogin.php

<?php
$host="localhost"; // Host name 
$username=""; // Mysql username 
$password=""; // Mysql password 
$db_name="test"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

 

members_area.php

<?php
$host="localhost"; // Host name 
$username=""; // Mysql username 
$password=""; // Mysql password 
$db_name="test"; // Database name 
$tbl_name="members"; // Table name

$con = mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$selected = "SELECT * FROM $tbl_name WHERE username='$myusername' and password='$myapassword'";
$user = mysql_fetch_array($selected);
?>
<?php
echo "Username: $user[username]<br>
Email: $user[email]<br>
Level: $user[level]<br>
Health: $user[health]<br>
Strength: $user[strength]<br>
Agility: $user[agility]<br>
Intellect: $user[intellect]<br>
Main Hand: $user[main_hand]<br>
Off Hand: $user[off_hand]<br>
Class: $user[class_armor]<br>";
?>

 

Please help I really want get somewhere with this.

Link to comment
Share on other sites
jesushax Advanced Member

jesushax

Posted
Posted

well this line

 

$selected = "SELECT * FROM $tbl_name WHERE username='$myusername' and password='$myapassword'";

 

you have no reference to the variables

 

$myusername and $myapassword, im presuming you have an extra 'A' in there

 

but wha tyou need to do is either post the username and password in the url which i dont advise

 

or on the checklogin.php page

 

create $_SESSION["username"] = stripslashes($myusername);

and the same for password

 

then you will have the username and password stored in a session

 

then on the members_area.php you can call the sessions

 

$myusername = $_SESSION["username"]

 

then your SQL will work, also when using sessions add session_start(); at the top of the page after the <?php tag

 

hope this helps

 

 

 

 

Link to comment
Share on other sites
Warraven Newbie

Warraven

Posted
  • Author
Posted

Thank you very much, I will test it now.

I will edit with the result.  :D

 

EDIT: Thanks again, I do not get that error anymore but I get this one;

Parse error: syntax error, unexpected T_VARIABLE in C:\wamp\www\members_area.php on line 8

 

Link to comment
Share on other sites
Warraven Newbie

Warraven

Posted
  • Author
Posted

Sure, here it is.  ;)

<?php
$host="localhost"; // Host name 
$username=""; // Mysql username 
$password=""; // Mysql password 
$db_name="test"; // Database name 
$tbl_name="members"; // Table name
$myusername = $_SESSION["username"]
$mypassword = $_SESSION["password"]

$con = mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$selected = "SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$user = mysql_fetch_array($selected);
?>
<?php
echo "Username: $user[username]<br>
Email: $user[email]<br>
Level: $user[level]<br>
Health: $user[health]<br>
Strength: $user[strength]<br>
Agility: $user[agility]<br>
Intellect: $user[intellect]<br>
Main Hand: $user[main_hand]<br>
Off Hand: $user[off_hand]<br>
Class: $user[class_armor]<br>";
?>

Link to comment
Share on other sites
jesushax Advanced Member

jesushax

Posted
Posted

can you add

 

echo "<p>".$selected."</p>";

 

in the postition below and post what it says

 

$con = mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$selected = "SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
echo "<p>".$selected."</p>";
$user = mysql_fetch_array($selected);

cheers

Link to comment
Share on other sites
Warraven Newbie

Warraven

Posted
  • Author
Posted

Well I added that session_start into it, and it returned the same error I started with, and now when I run from the start I get this error in my checklogin.php file.

Parse error: syntax error, unexpected T_VARIABLE in C:\wamp\www\checklogin.php on line 23

<?php
$host="localhost"; // Host name 
$username=""; // Mysql username 
$password=""; // Mysql password 
$db_name="test"; // Database name 
$tbl_name="members"; // Table name 

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

// To Fix the error in members_area.php
create $_SESSION["username"] = stripslashes($myusername);
create $_SESSION["password"] = stripslashes($mypassword);

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword"); 
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

Link to comment
Share on other sites
jesushax Advanced Member

jesushax

Posted
Posted

start the process from the begining again but on the checklogin.php change

 

 

create $_SESSION["username"] = stripslashes($myusername);

create $_SESSION["password"] = stripslashes($mypassword);

 

To This

 

$_SESSION["username"] = $myusername;

$_SESSION["password"] = $mypassword;

Link to comment
Share on other sites
jesushax Advanced Member

jesushax

Posted
Posted

right heres your whole page for members_area.php fixed now it should work

 

let me know the results

 

<?php
session_start();
$host="localhost"; // Host name 
$username=""; // Mysql username 
$password=""; // Mysql password 
$db_name="test"; // Database name 
$tbl_name="members"; // Table name
$myusername = $_SESSION["username"];
$mypassword = $_SESSION["password"];

$con = mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
$selected = mysql_query("SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'") or die(mysql_error());
$user = mysql_fetch_array($selected);

echo "Username: ".$user["username"]."<br />";
echo "Email: ".$user["email"]."<br />";
echo "Level: ".$user["level"]."<br />";
echo "Health: ".$user["health"]."<br />";
echo "Strength: ".$user["strength"]."<br />";
echo "Agility: ".$user["agility"]."<br />";
echo "Intellect: ".$user["intellect"]."<br />";
echo "Main Hand: ".$user["main_hand"]."<br />";
echo "Off Hand: ".$user["off_hand"]."<br />";
echo "Class: ".$user["class_armor"]."<br />";
?>

Link to comment
Share on other sites
jesushax Advanced Member

jesushax

Posted
Posted

does your database have all the fiels names, username, email etc in the table test? and do they have data in?

 

is there more than one record in the table aswell? if so you will need to use a unique identifier to distingush which persons stats to display

 

a few notes

 

you may want to create a connection.php and have your database info in there then include it on your pages, will save you tpying it out over and over

 

eg.

connection.php

<?php
$uname = ''; 
$pass = ''; 
$db_name = 'test'; 
$host = 'localhost';

$con = mysql_connect($host, $uname, $pass);
if (!$con)
{
die('Could not connect: ' . mysql_error());
}

$db_selected = mysql_select_db($db_name, $con);
if (!$db_selected) 
{
die ('Can\'t use database : ' . mysql_error());
}
?>

then at the top of your pages

 

use

 

include($_SERVER['DOCUMENT_ROOT'] . '/connection.php');

 

e.g.

 

<?php
session_start();
include($_SERVER['DOCUMENT_ROOT'] . '/connection.php');
$myusername = $_SESSION["username"];
$mypassword = $_SESSION["password"];

$selected = mysql_query("SELECT * FROM members WHERE username='$myusername' and password='$mypassword'") or die(mysql_error());
$user = mysql_fetch_array($selected);

echo "Username: ".$user["username"]."<br />";
echo "Email: ".$user["email"]."<br />";
echo "Level: ".$user["level"]."<br />";
echo "Health: ".$user["health"]."<br />";
echo "Strength: ".$user["strength"]."<br />";
echo "Agility: ".$user["agility"]."<br />";
echo "Intellect: ".$user["intellect"]."<br />";
echo "Main Hand: ".$user["main_hand"]."<br />";
echo "Off Hand: ".$user["off_hand"]."<br />";
echo "Class: ".$user["class_armor"]."<br />";
?>
[\code]

makes things easier to manage and quicker too

Link to comment
Share on other sites
jesushax Advanced Member

jesushax

Posted
Posted

ok firstly we now need to include the IDs into a session

 

also we will include a loop that will tell us if there has been any results reutned

 

so back to checklogin.php

 

here we go

 

tell me what comes up...

 

checklogin.php

<?php
include($_SERVER['DOCUMENT_ROOT'] . '/connection.php');

// username and password sent from form 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT id FROM members WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql) or die(mysql_error());
//below we check for results then if we have results set sessions, if not write the error
if (mysql_num_rows($result) > 0) {
$user = mysql_fetch_array($result); 
$_SESSION["ID"] = $user["id"];//here we get the users ID

header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

 

members_area.php

<?php
session_start();

$ID = $_SESSION["ID"];

$selected = mysql_query("SELECT * FROM members WHERE id='$ID'") or die(mysql_error());
if (mysql_num_rows($selected) > 1) {
while ($user = mysql_fetch_array($selected)) {

echo "Username: ".$user["username"]."<br />";
echo "Email: ".$user["email"]."<br />";
echo "Level: ".$user["level"]."<br />";
echo "Health: ".$user["health"]."<br />";
echo "Strength: ".$user["strength"]."<br />";
echo "Agility: ".$user["agility"]."<br />";
echo "Intellect: ".$user["intellect"]."<br />";
echo "Main Hand: ".$user["main_hand"]."<br />";
echo "Off Hand: ".$user["off_hand"]."<br />";
echo "Class: ".$user["class_armor"]."<br />";
}

}else {
echo "<p>Sorry there are no results for this person</p>";
}
?>

 

 

Link to comment
Share on other sites
jesushax Advanced Member

jesushax

Posted
Posted

have you created connection.php and filed in your details

connection.php

?php

$uname = '';

$pass = '';

$db_name = 'test';

$host = 'localhost';

 

$con = mysql_connect($host, $uname, $pass);

if (!$con)

{

die('Could not connect: ' . mysql_error());

}

 

$db_selected = mysql_select_db($db_name, $con);

if (!$db_selected)

{

die ('Can\'t use database : ' . mysql_error());

}

?>

 

oops and my bad

 

under members_area.php

after the session_start();

put this

include($_SERVER['DOCUMENT_ROOT'] . '/connection.php');

Link to comment
Share on other sites
jesushax Advanced Member

jesushax

Posted
Posted

right ok then then there is no id for that person

 

have you inserted any data into the tabe?

 

do the fields have values?

 

for starts lets make sure the session ID has a value

 

in members area add this after

 

$ID = $_SESSION["ID"];

echo "<p>The Current Session ID is:".$ID."</p>";

 

then tell me if there is a number after the : when you preview the page

 

Link to comment
Share on other sites
jesushax Advanced Member

jesushax

Posted
Posted

no probs, copy and paste this in there with your username and pass

 

<?php
$uname = ''; 
$pass = ''; 
$db_name = 'test'; 
$host = 'localhost';

$con = mysql_connect($host, $uname, $pass);
if (!$con){
die('Could not connect: ' . mysql_error());
}

$db_selected = mysql_select_db($db_name, $con);
if (!$db_selected){
die ('Can\'t use database : ' . mysql_error());
}
?>
[\code]

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.