Jump to content

php login always results "fales", Undefined variable error

jmcc

By jmcc
in PHP Coding Help

Recommended Posts

jmcc Member

jmcc

Posted
Posted

Need help with two error in my code.

 

Errors:

1.  Notice: Undefined variable: rowAccount in C:\Program Files\Apache Software  Foundation\Apache2.2\htdocs\login.php on line 22

2.  When I try to login I keep on getting the response that I dont exist in the database, but I do, and have tested database connection.

 

Login Code:

 

<?php
require_once("connection.php"); // database connection

session_start();

// catch field data

$userid =    (isset($_POST['userid']));
$password =  (isset($_POST['password']));
$submitted = (isset($_POST['submitted']));

if ($userid && $password) {
//////////////////////////////////
$query =sprintf("SELECT * FROM users where user_name = '$userid' and user_password = '$password'");
$result =@mysql_query($query);
$rowAccount =@mysql_fetch_array($result);
/////////////////////////////////

echo $rowAccount;
}

if ($rowAccount){

$_SESSION['id'] = $rowAccount['user_id'];

header("location:welcome.php");
exit;

}elseif($submitted){

echo "You dont exists on our record";

}
?>

 

Connection Code:

 

<?php
///////////////////////////
$database  =  "test";
$username	=  "jay";
$password	=  "jm041682";
//////////////////////////

$link	=mysql_connect('localhost', $username, $password);
$db	=@mysql_select_db($database, $link);

?>

 

 

I would appreciate any suggestions.

JonnoTheDev Regular Member

JonnoTheDev

Posted
Posted

This error is generated due to the variable $rowAccount not having a data type. Probably due to your sql query not returning a result. Also you are surpressing errors using @ You should get your query to die or have an error routine setup upon errors.

i.e.

if(!$result = mysql_query($query)) {
  die(mysql_error());
}

You can disable notices by changing the error_reporting parameter in your php.ini file

 

i.e

error_reporting  =  E_ALL & ~E_NOTICE

Shows all errors except notices

Ken2k7 Member

Ken2k7

Posted
Posted

1. Don't display DB info.

2. Your logic is a bit off. You checked if $password and $username is set, but you never checked if the form is submitted or is set. And in your elseif ($submitted) clause, you want to print out you don't exist. I think you mean if $submitted, then fetch the data.

3. The $rowAccount is undefined because if $username or $password is not set, then the if statement above it (which sets $rowAccount) won't get executed; ergo, $rowAccount is undefined.

 

Something along the lines of this -

<?php

if (isset($_POST['submitted'])) { // if the form is submitted and the values are also set
     $username = $_POST['username'];
     $password = $_POST['password'];
     
     // use mysql_real_escape_string() to escape the data here.
     $username = mysql_real_escape_string($username);
     // same for password
     
     // select the data here.
     $result = mysql_query('SQL_HERE') or trigger_error(mysql_error()); // or if we have an error, throw it.
     // get the data etc.
}

 

Hope that helps clarify things.

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.