Jump to content

[SOLVED] Value in database is 1 brings error, value 2 brings authorization


Anxious

Recommended Posts

<?php 	  
      /* checks if user is activated or not */
  $q = "SELECT activated FROM ".TBL_USERS." WHERE username = '$username'";
  if($activated == "1")
      {
         return 3;
      }  ?>

 

Is this right to be seeing if the value in database is "1" that it brings up the error field (result 3). If its not 1, and its 2 instead, it doesn't bring up error field.

 

I've tried everything I can find of. Just not sure

Can you help?

You need to actually submit the query and get the results. You're not submitting the query and you're never assigning $activated to anything, so that if statement will never be true. You'd need something more like this:

 

<?php
$results = mysql_query("SELECT activated FROM ".TBL_USERS." WHERE username = '$username' LIMIT 1");
$row = mysql_fetch_array($results);

if($row['activated'] == 1) {
     return 3;
}
?>

You could always try something like:

 

<?php
$results = mysql_query("SELECT COUNT(*) as count FROM ".TBL_USERS." WHERE `username`='$username' AND `activated`='1' LIMIT 1");
$row = mysql_fetch_array($results);

if($row['count'] > 0) {
     return 3;
}
?>

 

If this function is made for checking if the user is activated or not, you may want to try returning a boolean true/false instead of an integer.

The whole 'login' code, the that has the error fields on, nothing to do with database.

 

<?php
   function login($subuser1, $subpass1, $subremember){
      global $database, $form;  //The database and form object

      /* Username error checking */
      $field = "user1";  //Use field name for username
      if(!$subuser1 || strlen($subuser1 = trim($subuser1)) == 0){
         $form->setError($field, "* Username not entered");
      }
      else{
         /* Check if username is not alphanumeric */
         if(!eregi("^([0-9a-z])*$", $subuser1)){
            $form->setError($field, "* Username not alphanumeric");
         }
      }

      /* Password error checking */
      $field = "pass1";  //Use field name for password
      if(!$subpass1){
         $form->setError($field, "* Password not entered");
      }
      
      /* Return if form errors exist */
      if($form->num_errors > 0){
         return false;
      }

      /* Checks that username is in database and password is correct */
      $subuser1 = stripslashes($subuser1);
      $result = $database->confirmUserPass($subuser1, md5($subpass1));

      /* Check error codes */
      if($result == 1){
         $field = "user1";
         $form->setError($field, "* Username not found");
      }
      else if($result == 2){
         $field = "pass1";
         $form->setError($field, "* Invalid password");
      }
  else if($result == 3){
     $field = "activate";
	 $form->setError($field, "* Account not activated");
  }
      
      /* Return if form errors exist */
      if($form->num_errors > 0){
         return false;
      }

      /* Username and password correct, register session variables */
      $this->userinfo  = $database->getUserInfo($subuser1);
      $this->username  = $_SESSION['username'] = $this->userinfo['username'];
      $this->userid    = $_SESSION['userid']   = $this->userinfo['userid'];
      $this->userlevel = $this->userinfo['userlevel'];
      
      /* Insert userid into database and update active users table */
      $database->addActiveUser($this->username, $this->time);
      $database->removeActiveGuest($_SERVER['REMOTE_ADDR']);

      if($subremember){
         setcookie("cookname", $this->username, time()+COOKIE_EXPIRE, COOKIE_PATH);
	 setcookie("cookpass", $this->password, time()+COOKIE_EXPIRE, COOKIE_PATH);
	 setcookie("cookact",  $this->activated,   time()+COOKIE_EXPIRE, COOKIE_PATH); 
         setcookie("cookid",   $this->userid,   time()+COOKIE_EXPIRE, COOKIE_PATH);
      }

      /* Login completed successfully */
      return true;
   }
?> 

 

Ths following little snippet is what is involved in the code above, which is the error field.  

<?php
else if($result == 3){
     $field = "activate";
	 $form->setError($field, "* Account not activated");
  }
?>

 

If I did...

<?php
      $results = "SELECT activated FROM ".TBL_USERS." WHERE username = '$username' LIMIT 1";
      $row = mysql_fetch_array($results, $this->connection);
      if($row['activated'] == 2) {
          return 0; /* user logged in successfully */
  }
          else
  {
	 return 3;  /* indicates user not activated */
      } ?>

 

It always says my accounts not activated, even when it is.

 

If I swapped it round to this..

<?php
      $results = "SELECT activated FROM ".TBL_USERS." WHERE username = '$username' LIMIT 1";
      $row = mysql_fetch_array($results, $this->connection);
      if($row['activated'] == 1) {
          return 3; /* indicates user not activated */
  }
          else
  {
	 return 0;  /* user logged in successfully */
      } ?>

 

It then always logs me in even if its not activated.

 

I'm confused as to why it does this.

Try dumping some stuff to the browser so you can see what's being used...

 

<?php
      $results = "SELECT activated FROM ".TBL_USERS." WHERE username = '$username' LIMIT 1";
echo 'QUERY:'.$results.'<br>';
      $row = mysql_fetch_array($results, $this->connection);
vardump($row);
      if($row['activated'] == 1) {
          return 3; /* indicates user not activated */
     }
          else
     {
       return 0;  /* user logged in successfully */
      } ?>

 

Try that - you might have to right-click and view source to read the var_dump() output clearly.

Done, I now have these errors.

 

Warning: Missing argument 4 for Session::login(), called in /home/myveeco/public_html/process.php on line 50 and defined in /home/myveeco/public_html/include/session.php on line 93

QUERY:SELECT activated FROM users WHERE username = 'JeanieTallis' LIMIT 1

 

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /home/myveeco/public_html/include/database.php on line 61

 

Fatal error: Call to undefined function vardump() in /home/myveeco/public_html/include/database.php on line 62

 

session.php

line 93 is

 <?php
   function login($subuser1, $subpass1, $subremember, $activated){
?>

 

Database.php

Line 61 and 62 is

<?php
      $row = mysql_fetch_array($results, $this->connection);
vardump($row);
?>

 

Thank you so much for trying to help.

oops my bad - typo - meant to type var_dump($row);

 

Is the query as it should be? Is there data in the database with "JeanieTallis" as the username?

 

The invalid resource is saying your $this->connection isn't a valid connection (mysql_connect() didn't work or mysql_select_db() didn't work)

Nice. It works, thanks.

 

Can you tell me what I had to actually do?

 

      $q = "SELECT password FROM ".TBL_USERS." WHERE username = '$username'";
      $result = mysql_query($q, $this->connection);
      if(!$result || (mysql_numrows($result) < 1)){
         return 1; //Indicates username failure
      }

 

Thats to check if the user entered in the textbox is in the database, I followed the same format for both the two top lines, and then did..

if($row['activated'] == 1) {
          return 3; /* indicates user not activated */
     }

So it should of worked like it should do.

 

So what was it that I actually needed..

Just to help me understand.

mysql_fetch_array(), mysql_fetch_object(), mysql_fetch_assoc() and the like all require the RESULT from a mysql_query() call to work.

 

You were skipping the mysql_query() call and passing it a query in text form which it doesn't understand.

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.