ciaran1987 Posted April 23, 2009 Share Posted April 23, 2009 Hi Guys I am trying to create an authentication system using a tutorial where a user enters there username and pass,it is saved in an SQL DB ,they then gain access to the system when they enter a username and pass that is saved in the DB but I am having trouble. <form method="post" action="insert.php"> Full Name: (Example: Michael R Maguire) <br /> <input type="text" name="user_name" size="50" maxlength="50"/> (50 Characters Max) <br /> <br /> User Name: <br /> <input type="text" name="SHA_PW" size="20" maxlength="20"/> (20 Characters Max) <br /> <br /> <input type="submit" value="Create User" /> </form> <?php $user_name = $_POST['user_name']; $SHA_PW = $_POST['SHA_PW']; $dbname = "heskdb"; $conn = mysql_connect ("localhost","root","password") or die ('cannot connect to database error: '.mysql_error()); mysql_select_db ($dbname); if(empty($user_name) || empty($SHA_PW)) { echo "<h2>Please fill in all fields</h2>\n"; echo "Please use the back button in your browsers and fill in all required fields.\n"; die (); } $sql="insert into teamtutorials_test ,users (`User_ID` , `user_name` , `sha_pw`) values ('NULL','$user_name','sha1($SHA_PW)')"; mysql_query($sql) or die (mysql_error()." $sql"); ?> <form method="post" action="session.php"> Full Name: (Example: Michael R Maguire) <br /> <input type="text" name="user_name" size="50" maxlength="50"/> (50 Characters Max) <br /> <br /> User Name: <br /> <input type="text" name="password" size="20" maxlength="20"/> <br /> <br /> <input type="submit" value="Create User" /> </form> <?php session_start(); if (isset($_POST['username']) && isset($_POST['password'])) { $username = $_POST['username']; $password = $_POST['password']; $conn = mysql_connect ("localhost","root","password") or die ('cannot connect to database error: '.mysql_error()); $sql = mysql_query("select count(*) from teamtutorials_test where user_name = '$username' and sha_pw = sha1('$password')") or die(mysql_error()); $results = mysql_result($sql, "0"); if ($results == 0){ header( 'Location:http:/www.yahoo.com'); } else { $_SESSION['valid_user'] = $username header( 'Location:http://wwww.google.ie'); } } ?> The error that I am receiving says parse error line 24(where the google URL is entered). Does anybody have any idea where I am going wrong? Many thanks in advance Quote Link to comment https://forums.phpfreaks.com/topic/155350-help-with-an-authentication-system/ Share on other sites More sharing options...
MadTechie Posted April 23, 2009 Share Posted April 23, 2009 $_SESSION['valid_user'] = $username should be $_SESSION['valid_user'] = $username; Quote Link to comment https://forums.phpfreaks.com/topic/155350-help-with-an-authentication-system/#findComment-817286 Share on other sites More sharing options...
ciaran1987 Posted April 23, 2009 Author Share Posted April 23, 2009 $_SESSION['valid_user'] = $username should be $_SESSION['valid_user'] = $username; Exellent,Thanks MT.Now I am getting just a blank white page when I enter in a username and and pass,whther that username is correct or not.Any ideas?(I`m a PHP newbie)Thanks Quote Link to comment https://forums.phpfreaks.com/topic/155350-help-with-an-authentication-system/#findComment-817297 Share on other sites More sharing options...
MadTechie Posted April 23, 2009 Share Posted April 23, 2009 Nope thats not right change if (isset($_POST['username']) && isset($_POST['password'])) { $username = $_POST['username']; $password = $_POST['password']; to if (isset($_POST['user_name']) && isset($_POST['password'])) { $username = $_POST['user_name']; $password = $_POST['password']; Quote Link to comment https://forums.phpfreaks.com/topic/155350-help-with-an-authentication-system/#findComment-817306 Share on other sites More sharing options...
ciaran1987 Posted April 23, 2009 Author Share Posted April 23, 2009 Nope thats not right change if (isset($_POST['username']) && isset($_POST['password'])) { $username = $_POST['username']; $password = $_POST['password']; to if (isset($_POST['user_name']) && isset($_POST['password'])) { $username = $_POST['user_name']; $password = $_POST['password']; Thanks I`ve made a few changes including the changes you re comended <form method="post" action="insert.php"> Full Name: (Example: Michael R Maguire) <br /> <input type="text" name="user_name" size="50" maxlength="50"/> (50 Characters Max) <br /> <br /> User Name: <br /> <input type="text" name="sha_pw" size="20" maxlength="20"/> (20 Characters Max) <br /> <br /> <input type="submit" value="Create User" /> </form> <?php $user_name = $_POST['user_name']; $SHA_PW = $_POST['sha_pw']; $dbname = "heskdb"; $conn = mysql_connect ("localhost","root","password") or die ('cannot connect to database error: '.mysql_error()); mysql_select_db ($dbname); if(empty($user_name) || empty($sha_pw)) { echo "<h2>Please fill in all fields</h2>\n"; echo "Please use the back button in your browsers and fill in all required fields.\n"; die (); } $sql="insert into teamtutorials_test (`User_ID` , `user_name` , `sha_pw`) values ('NULL','$user_name','sha1($sha_pw)')"; mysql_query($sql) or die (mysql_error()." $sql"); ?> <form method="post" action="session.php"> Full Name: (Example: Michael R Maguire) <br /> <input type="text" name="user_name" size="50" maxlength="50"/> (50 Characters Max) <br /> <br /> User Name: <br /> <input type="text" name="password" size="20" maxlength="20"/> <br /> <br /> <input type="submit" value="Create User" /> </form> <?php session_start(); if (isset($_POST['user_name']) && isset($_POST['password'])) { $user_name = $_POST['user_name']; $password = $_POST['password']; $dbname = "heskdb"; $conn = mysql_connect ("localhost","root","password") or die ('cannot connect to database error: '.mysql_error()); mysql_select_db ($dbname); $sql = mysql_query("select count(*) from teamtutorials_test where user_name = '$user_name' and sha_pw = sha1('$password')") or die(mysql_error()); $results = mysql_result($sql, "0"); if ($results == 0){ header( 'Location:http://www.yahoo.com'); } else { $_SESSION['valid_user'] = $user_name; header( 'Location:http://www.google.ie'); } } ?> When I enter in a name and password whether they are authorised or unauthorized both are brought to yahoo IE saying they are unauthorized Quote Link to comment https://forums.phpfreaks.com/topic/155350-help-with-an-authentication-system/#findComment-817509 Share on other sites More sharing options...
MadTechie Posted April 23, 2009 Share Posted April 23, 2009 looks fine to me except $results = mysql_result($sql, "0"); should be $results = mysql_result($sql, 0); check the database to see if the query is what you expect Quote Link to comment https://forums.phpfreaks.com/topic/155350-help-with-an-authentication-system/#findComment-817522 Share on other sites More sharing options...
ciaran1987 Posted April 23, 2009 Author Share Posted April 23, 2009 looks fine to me except $results = mysql_result($sql, "0"); should be $results = mysql_result($sql, 0); check the database to see if the query is what you expect I`ve echoed the query string and when I enter in the Username :Ciaran and pass: password it returns user_Name: CiaranPassword: password user_Name: ciaranSha Password: 4c0dffd9ee85b2520acaa4a2b2722450d583b30e But when I look at what is entered in my DB through php my admin it is as I entered.Theres something obviously going wrong somehwere. Quote Link to comment https://forums.phpfreaks.com/topic/155350-help-with-an-authentication-system/#findComment-817665 Share on other sites More sharing options...
ciaran1987 Posted April 24, 2009 Author Share Posted April 24, 2009 I have replaced sha1/sha_pw with "password" as it was confusing with various different names,hopefully this will make it easier to spot any mistakes,many thanks again. <form method="post" action="insert.php"> Full Name: (Example: Michael R Maguire) <br /> <input type="text" name="user_name" size="50" maxlength="50"/> (50 Characters Max) <br /> <br /> User Name: <br /> <input type="text" name="password" size="20" maxlength="20"/> (20 Characters Max) <br /> <br /> <input type="submit" value="Create User" /> </form> <?php $user_name = $_POST['user_name']; $password = $_POST['password']; $dbname = "heskdb"; $conn = mysql_connect ("localhost","root","password") or die ('cannot connect to database error: '.mysql_error()); mysql_select_db ($dbname); if(empty($user_name) || empty($password)) { echo "<h2>Please fill in all fields</h2>\n"; echo "Please use the back button in your browsers and fill in all required fields.\n"; die (); } $sql="insert into teamtutorials_test (`User_ID` , `user_name` , `password`) values ('NULL','$user_name','$password')"; mysql_query($sql) or die (mysql_error()." $sql"); echo "user_name: $user_name"; echo "Password: ".($password); ?> <form method="post" action="session.php"> Full Name: (Example: Michael R Maguire) <br /> <input type="text" name="user_name" size="50" maxlength="50"/> (50 Characters Max) <br /> <br /> User Name: <br /> <input type="text" name="password" size="20" maxlength="20"/> <br /> <br /> <input type="submit" value="Create User" /> </form> <?php session_start(); if (isset($_POST['user_name']) && isset($_POST['password'])) { $user_name = $_POST['user_name']; $password = $_POST['password']; $dbname = "heskdb"; $conn = mysql_connect ("localhost","root","password") or die ('cannot connect to database error: '.mysql_error()); mysql_select_db ($dbname); $sql = mysql_query("select * from teamtutorials_test where user_name = '$user_name' and password = '$password'") or die(mysql_error()); $results = mysql_result($sql, 0); if ($results == 0){ header( 'Location:http://www.yahoo.com'); } else { $_SESSION['valid_user'] = $user_name; header( 'Location:http://www.google.ie'); } } ?> Quote Link to comment https://forums.phpfreaks.com/topic/155350-help-with-an-authentication-system/#findComment-818401 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.