ciaran1987 Posted April 23, 2009 Share Posted April 23, 2009 Hi Guys I am trying to create an authentication system using a tutorial where a user enters there username and pass,it is saved in an SQL DB ,they then gain access to the system when they enter a username and pass that is saved in the DB but I am having trouble. <form method="post" action="insert.php"> Full Name: (Example: Michael R Maguire) <br /> <input type="text" name="user_name" size="50" maxlength="50"/> (50 Characters Max) <br /> <br /> User Name: <br /> <input type="text" name="SHA_PW" size="20" maxlength="20"/> (20 Characters Max) <br /> <br /> <input type="submit" value="Create User" /> </form> <?php $user_name = $_POST['user_name']; $SHA_PW = $_POST['SHA_PW']; $dbname = "heskdb"; $conn = mysql_connect ("localhost","root","password") or die ('cannot connect to database error: '.mysql_error()); mysql_select_db ($dbname); if(empty($user_name) || empty($SHA_PW)) { echo "<h2>Please fill in all fields</h2>\n"; echo "Please use the back button in your browsers and fill in all required fields.\n"; die (); } $sql="insert into teamtutorials_test ,users (`User_ID` , `user_name` , `sha_pw`) values ('NULL','$user_name','sha1($SHA_PW)')"; mysql_query($sql) or die (mysql_error()." $sql"); ?> <form method="post" action="session.php"> Full Name: (Example: Michael R Maguire) <br /> <input type="text" name="user_name" size="50" maxlength="50"/> (50 Characters Max) <br /> <br /> User Name: <br /> <input type="text" name="password" size="20" maxlength="20"/> <br /> <br /> <input type="submit" value="Create User" /> </form> <?php session_start(); if (isset($_POST['username']) && isset($_POST['password'])) { $username = $_POST['username']; $password = $_POST['password']; $conn = mysql_connect ("localhost","root","password") or die ('cannot connect to database error: '.mysql_error()); $sql = mysql_query("select count(*) from teamtutorials_test where user_name = '$username' and sha_pw = sha1('$password')") or die(mysql_error()); $results = mysql_result($sql, "0"); if ($results == 0){ header( 'Location:http:/www.yahoo.com'); } else { $_SESSION['valid_user'] = $username header( 'Location:http://wwww.google.ie'); } } ?> The error that I am receiving says parse error line 24(where the google URL is entered). Does anybody have any idea where I am going wrong? Many thanks in advance Link to comment https://forums.phpfreaks.com/topic/155350-help-with-an-authentication-system/ Share on other sites More sharing options...
MadTechie Posted April 23, 2009 Share Posted April 23, 2009 $_SESSION['valid_user'] = $username should be $_SESSION['valid_user'] = $username; Link to comment https://forums.phpfreaks.com/topic/155350-help-with-an-authentication-system/#findComment-817286 Share on other sites More sharing options...
ciaran1987 Posted April 23, 2009 Author Share Posted April 23, 2009 $_SESSION['valid_user'] = $username should be $_SESSION['valid_user'] = $username; Exellent,Thanks MT.Now I am getting just a blank white page when I enter in a username and and pass,whther that username is correct or not.Any ideas?(I`m a PHP newbie)Thanks Link to comment https://forums.phpfreaks.com/topic/155350-help-with-an-authentication-system/#findComment-817297 Share on other sites More sharing options...
MadTechie Posted April 23, 2009 Share Posted April 23, 2009 Nope thats not right change if (isset($_POST['username']) && isset($_POST['password'])) { $username = $_POST['username']; $password = $_POST['password']; to if (isset($_POST['user_name']) && isset($_POST['password'])) { $username = $_POST['user_name']; $password = $_POST['password']; Link to comment https://forums.phpfreaks.com/topic/155350-help-with-an-authentication-system/#findComment-817306 Share on other sites More sharing options...
ciaran1987 Posted April 23, 2009 Author Share Posted April 23, 2009 Nope thats not right change if (isset($_POST['username']) && isset($_POST['password'])) { $username = $_POST['username']; $password = $_POST['password']; to if (isset($_POST['user_name']) && isset($_POST['password'])) { $username = $_POST['user_name']; $password = $_POST['password']; Thanks I`ve made a few changes including the changes you re comended <form method="post" action="insert.php"> Full Name: (Example: Michael R Maguire) <br /> <input type="text" name="user_name" size="50" maxlength="50"/> (50 Characters Max) <br /> <br /> User Name: <br /> <input type="text" name="sha_pw" size="20" maxlength="20"/> (20 Characters Max) <br /> <br /> <input type="submit" value="Create User" /> </form> <?php $user_name = $_POST['user_name']; $SHA_PW = $_POST['sha_pw']; $dbname = "heskdb"; $conn = mysql_connect ("localhost","root","password") or die ('cannot connect to database error: '.mysql_error()); mysql_select_db ($dbname); if(empty($user_name) || empty($sha_pw)) { echo "<h2>Please fill in all fields</h2>\n"; echo "Please use the back button in your browsers and fill in all required fields.\n"; die (); } $sql="insert into teamtutorials_test (`User_ID` , `user_name` , `sha_pw`) values ('NULL','$user_name','sha1($sha_pw)')"; mysql_query($sql) or die (mysql_error()." $sql"); ?> <form method="post" action="session.php"> Full Name: (Example: Michael R Maguire) <br /> <input type="text" name="user_name" size="50" maxlength="50"/> (50 Characters Max) <br /> <br /> User Name: <br /> <input type="text" name="password" size="20" maxlength="20"/> <br /> <br /> <input type="submit" value="Create User" /> </form> <?php session_start(); if (isset($_POST['user_name']) && isset($_POST['password'])) { $user_name = $_POST['user_name']; $password = $_POST['password']; $dbname = "heskdb"; $conn = mysql_connect ("localhost","root","password") or die ('cannot connect to database error: '.mysql_error()); mysql_select_db ($dbname); $sql = mysql_query("select count(*) from teamtutorials_test where user_name = '$user_name' and sha_pw = sha1('$password')") or die(mysql_error()); $results = mysql_result($sql, "0"); if ($results == 0){ header( 'Location:http://www.yahoo.com'); } else { $_SESSION['valid_user'] = $user_name; header( 'Location:http://www.google.ie'); } } ?> When I enter in a name and password whether they are authorised or unauthorized both are brought to yahoo IE saying they are unauthorized Link to comment https://forums.phpfreaks.com/topic/155350-help-with-an-authentication-system/#findComment-817509 Share on other sites More sharing options...
MadTechie Posted April 23, 2009 Share Posted April 23, 2009 looks fine to me except $results = mysql_result($sql, "0"); should be $results = mysql_result($sql, 0); check the database to see if the query is what you expect Link to comment https://forums.phpfreaks.com/topic/155350-help-with-an-authentication-system/#findComment-817522 Share on other sites More sharing options...
ciaran1987 Posted April 23, 2009 Author Share Posted April 23, 2009 looks fine to me except $results = mysql_result($sql, "0"); should be $results = mysql_result($sql, 0); check the database to see if the query is what you expect I`ve echoed the query string and when I enter in the Username :Ciaran and pass: password it returns user_Name: CiaranPassword: password user_Name: ciaranSha Password: 4c0dffd9ee85b2520acaa4a2b2722450d583b30e But when I look at what is entered in my DB through php my admin it is as I entered.Theres something obviously going wrong somehwere. Link to comment https://forums.phpfreaks.com/topic/155350-help-with-an-authentication-system/#findComment-817665 Share on other sites More sharing options...
ciaran1987 Posted April 24, 2009 Author Share Posted April 24, 2009 I have replaced sha1/sha_pw with "password" as it was confusing with various different names,hopefully this will make it easier to spot any mistakes,many thanks again. <form method="post" action="insert.php"> Full Name: (Example: Michael R Maguire) <br /> <input type="text" name="user_name" size="50" maxlength="50"/> (50 Characters Max) <br /> <br /> User Name: <br /> <input type="text" name="password" size="20" maxlength="20"/> (20 Characters Max) <br /> <br /> <input type="submit" value="Create User" /> </form> <?php $user_name = $_POST['user_name']; $password = $_POST['password']; $dbname = "heskdb"; $conn = mysql_connect ("localhost","root","password") or die ('cannot connect to database error: '.mysql_error()); mysql_select_db ($dbname); if(empty($user_name) || empty($password)) { echo "<h2>Please fill in all fields</h2>\n"; echo "Please use the back button in your browsers and fill in all required fields.\n"; die (); } $sql="insert into teamtutorials_test (`User_ID` , `user_name` , `password`) values ('NULL','$user_name','$password')"; mysql_query($sql) or die (mysql_error()." $sql"); echo "user_name: $user_name"; echo "Password: ".($password); ?> <form method="post" action="session.php"> Full Name: (Example: Michael R Maguire) <br /> <input type="text" name="user_name" size="50" maxlength="50"/> (50 Characters Max) <br /> <br /> User Name: <br /> <input type="text" name="password" size="20" maxlength="20"/> <br /> <br /> <input type="submit" value="Create User" /> </form> <?php session_start(); if (isset($_POST['user_name']) && isset($_POST['password'])) { $user_name = $_POST['user_name']; $password = $_POST['password']; $dbname = "heskdb"; $conn = mysql_connect ("localhost","root","password") or die ('cannot connect to database error: '.mysql_error()); mysql_select_db ($dbname); $sql = mysql_query("select * from teamtutorials_test where user_name = '$user_name' and password = '$password'") or die(mysql_error()); $results = mysql_result($sql, 0); if ($results == 0){ header( 'Location:http://www.yahoo.com'); } else { $_SESSION['valid_user'] = $user_name; header( 'Location:http://www.google.ie'); } } ?> Link to comment https://forums.phpfreaks.com/topic/155350-help-with-an-authentication-system/#findComment-818401 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.