Jump to content

Archived

This topic is now archived and is closed to further replies.

SilverNova

Why doesn't this work?! :\

Recommended Posts

A session script, which seems to do nothing but display a blank screen after logging in with it.

Is there anything visibly wrong with it?

[code]
<?php

session_start(); //start a sessions :D

$username = $_POST["username"]; //get the username from the form, as $username
$password = md5($_POST["password"]); //get the password from the form in md5

$users = mysql_connect("localhost", "lov3dco_users", "test");
    if(!$users) //error checking :D
        {
            echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";
        }

mysql_select_db("lov3dco_users");  //select what database to use


$recieve = "SELECT * FROM users WHERE username='".mysql_real_escape_string($username)."' AND `password`='".mysql_real_escape_string($password)."'";


echo $receive;

$query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query

if($rows = mysql_num_rows($query)) //if the query resulted with a row, start the sessions and go to the index

{
    $_SESSION["password"] = $password; //store the users password in a sesions var
    $_SESSION["username"] = $username; //store the username in a session var
   
header("Location: index.php");

}

else //if not, end incorrect sessions, and go to the index

{
    @session_destroy();

}


?>
[/code]

Share this post


Link to post
Share on other sites
session_start(); //start a sessions :D
put that at the very very very top, that space is enough to kill it, just that one line of space, is enough to kill the entire script.

Share this post


Link to post
Share on other sites
and cut on display errors in the php.ini and you will probably notice it says headers already sent/

Share this post


Link to post
Share on other sites
[quote author=businessman332211 link=topic=102574.msg407232#msg407232 date=1154440520]
and cut on display errors in the php.ini and you will probably notice it says headers already sent/
[/quote]

Ok, forgive me for being such a noob here.. I don't think I use a php.ini file -

www.lov3d.com/test.htm

user=test
pass=test

I've also taken out the space at the beginning as you instructed, so line one now reads:
[code]
<?php session_start(); //start a sessions :D
[/code]

Any guidance would be very much appreciated! Thanks Joyel  :)

Share this post


Link to post
Share on other sites
1.  Open php.ini
2.  Click on find and replace
3.  Type in "display_errors" without quotation marks.
4.  You will come to a line that reads display_errors = off
it if is set to this, change it to on.
5. again go to the type, use the find and replace function to find something.
6.  Search for "error_reporting" as you did before without quotation marks.
you will see error_reporting = something here
make sure that something here reads
E_ALL & ~E_NOTICE
After that tell me what errors you get.
Also it's not necessary to have session above that, just right below it like
<?php
session_start();
?>
in it's own island, will make sure that is not the problem

Share this post


Link to post
Share on other sites
Don't echo if you plan to use a 'header' statement (see: echo $receive;).
I copied your code and replaced the 2 vars for username and password and it runs fine.

Ronald  :cool:


Share this post


Link to post
Share on other sites
That depends on what you mean by echo.  Echo should be fine, you have no choice on a fully functional live site.  I have session_start() header across the top of every page, and i have to fill my pages with a lot of echo's because almost everything is dynamic.  THat shouldn't have anything to do with it, unless it's simply the location of the echo.

Share this post


Link to post
Share on other sites
I got a php.ini file from php.net:

http://cvs.php.net/viewvc.cgi/php-src/php.ini-recommended?revision=1.179.2.11.2.2&view=markup

Changed what you said:

[code]
error_reporting  =  E_ALL & ~E_NOTICE

; Print out errors (as a part of the output).  For production web sites,
; you're strongly encouraged to turn this feature off, and use error logging
; instead (see below).  Keeping display_errors enabled on a production web site
; may reveal security information to end users, such as file paths on your Web
; server, your database schema or other information.
display_errors = On
[/code]

And then put the php.ini file in the same (main) directory.

Then, just to make sure - changed lines 1 and 2 of test.php:

[code]
<?php
session_start(); //start a sessions :D
[/code]

____

I've taken out the line
[code]
echo $recieve
[/code]

This was only here in the small hope to find what was going wrong.
Explain what you changed to get it working please Ron?! I now have this code:

[code]
<?php
session_start(); //start a sessions :D

$username = $_POST["username"]; //get the username from the form, as $username
$password = md5($_POST["password"]); //get the password from the form in md5

$users = mysql_connect("localhost", "lov3dco_users", "test");
    if(!$users) //error checking :D
        {
            echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";
        }

mysql_select_db("lov3dco_users");  //select what database to use


$recieve = "SELECT * FROM users WHERE username='".mysql_real_escape_string($username)."' AND `password`='".mysql_real_escape_string($password)."'";

$query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query

if($rows = mysql_num_rows($query)) //if the query resulted with a row, start the sessions and go to the index

{
    $_SESSION["password"] = $password; //store the users password in a sesions var
    $_SESSION["username"] = $username; //store the username in a session var
   
header("Location: index.php");

}

else //if not, end incorrect sessions, and go to the index

{
    @session_destroy();

}


?>
[/code]

Share this post


Link to post
Share on other sites
Alright your header location is off
[code]header('Location: ' . $page);[/code]
That should get it to accept it.
Change that to be safe.
Now what is it doing, you said it's not working, is it not working at all, what error is coming up, the reason it worked for ron and not for you, could be his settings in relation to yours, or you could simply be having some sort of db interation error.  I need to know exactly what it's doing, what error it's giving you, everything.  If not then sprinkle
echo mysql_error();
after each and every mysql db call, and tell me the output, run some of these tests on it, give me something to look at, something to work with, an error message something.

Share this post


Link to post
Share on other sites
nevermind I looked at it, paste this over what you ahve and tell me what happens
[code]<?php

session_start(); //start a sessions :D

$username = $_POST["username"]; //get the username from the form, as $username
$password = md5($_POST["password"]); //get the password from the form in md5

$users = mysql_connect("localhost", "lov3dco_users", "test");
    if(!$users) //error checking :D
        {
            echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";
        }

mysql_select_db("lov3dco_users");  //select what database to use

$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$recieve = "SELECT * FROM users WHERE username =  '$username' AND password = '$password';";


$query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query

if($rows = mysql_num_rows($query)) //if the query resulted with a row, start the sessions and go to the index

{
    $_SESSION['password'] = $password; //store the users password in a sesions var
    $_SESSION['username'] = $username; //store the username in a session var
$page = "index.php";   
header('Location: ' . $page

}

else //if not, end incorrect sessions, and go to the index

{
    session_destroy(); // you don't need at here, it's pointless.

}


?>[/code]

Share this post


Link to post
Share on other sites
Try those tell me what happens after that.  That should make it do what you are wanting it to, if not let me know.

Share this post


Link to post
Share on other sites
[code]<?php
session_start(); //start a sessions :D

$username = $_POST["username"]; //get the username from the form, as $username
$password = md5($_POST["password"]); //get the password from the form in md5

$users = mysql_connect("localhost", "lov3dco_users", "test");
    if(!$users) {
          echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";
          exit();
        }

mysql_select_db("lov3dco_users");  //select what database to use
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$recieve = "SELECT * FROM users WHERE username =  '$username' AND password = '$password';";
$query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query

if($rows = mysql_num_rows($query)){
    $_SESSION['password'] = $password; //store the users password in a sesions var
    $_SESSION['username'] = $username; //store the username in a session var
$page = "index.php";   
header('Location: ' . $page);
}else {
    session_destroy();
}


?>[/code]
Like that instead.  SOrry trying some stuff here, the paste put a space at the top, use this here and tlel me what happens.  If it remains blank I want you to try something else.

Share this post


Link to post
Share on other sites
I found the problem

[code]<?php
session_start(); //start a sessions :D

$username = $_POST["username"]; //get the username from the form, as $username
$password = md5($_POST["password"]); //get the password from the form in md5

$users = mysql_connect("localhost", "lov3dco_users", "test");
    if(!$users) {
          echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";
          exit();
        }

mysql_select_db("lov3dco_users");  //select what database to use
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$recieve = "SELECT * FROM users WHERE username =  '$username' AND password = '$password';";
$query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query

if($rows = mysql_fetch_array($query)){
    $_SESSION['password'] = $password; //store the users password in a sesions var
    $_SESSION['username'] = $username; //store the username in a session var
$page = "index.php";   
header('Location: ' . $page);
}else {
    session_destroy();
}


?>[/code]

Use exactly what I show above, I changed mysql_num_rows to mysql_fetch_array that should make it run smoothly.  don't forget to upload the php.ini file, ti's not showing your errors.  Either that or your host doesn't support it.

Share this post


Link to post
Share on other sites
Weel, if it helps: here is the code I ran and it works fine. Only changed the redirect to dummy.php and it shows.
[code]<?php

session_start(); //start a sessions :D
$username = "ronverdonk"; //get the username from the form, as $username
$password = sha1("ronnie09"); //get the password from the form in md5
$users = mysql_connect("localhost", "ronverdonk", "ronnie09");
    if(!$users) //error checking :D
        {
            echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";
        }
mysql_select_db("vwso");  //select what database to use
$recieve = "SELECT * FROM authorized_users WHERE userid='".
mysql_real_escape_string($username).
"' AND `passwd`='".mysql_real_escape_string($password)."'";
$query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query
if($rows = mysql_num_rows($query)) //if the query resulted with a row, start the sessions and go to the index
{
    $_SESSION["password"] = $password; //store the users password in a sesions var
    $_SESSION["username"] = $username; //store the username in a session var
    header("Location: index.phpx");
}
else //if not, end incorrect sessions, and go to the index
{
    @session_destroy();
}
?>[/code]

Share this post


Link to post
Share on other sites
[code]<?php
session_start(); //start a sessions :D

$username = $_POST["username"]; //get the username from the form, as $username
$password = md5($_POST["password"]); //get the password from the form in md5

$users = mysql_connect("localhost", "lov3dco_users", "test");
    if(!$users) {
          echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";
          exit();
        }

mysql_select_db("lov3dco_users");  //select what database to use
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$recieve = "SELECT * FROM users WHERE username =  '$username' AND password = '$password';";
$query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query

if($rows = mysql_fetch_array($query)){
    $_SESSION['password'] = $password; //store the users password in a sesions var
    $_SESSION['username'] = $username; //store the username in a session var
$page = "index.php";   
header('Location: ' . $page);
}else {
    session_destroy();
}


?>[/code]
For now just run that, copy that code, and paste it over yours.  I redid a few things, replaced a few things, and rewrote your whole query, also double check to make sure you uploaded the php.ini file as well.

Share this post


Link to post
Share on other sites
[quote author=businessman332211 link=topic=102574.msg407287#msg407287 date=1154445340]
I found the problem

[code]<?php
session_start(); //start a sessions :D

$username = $_POST["username"]; //get the username from the form, as $username
$password = md5($_POST["password"]); //get the password from the form in md5

$users = mysql_connect("localhost", "lov3dco_users", "test");
    if(!$users) {
          echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";
          exit();
        }

mysql_select_db("lov3dco_users");  //select what database to use
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$recieve = "SELECT * FROM users WHERE username =  '$username' AND password = '$password';";
$query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query

if($rows = mysql_fetch_array($query)){
    $_SESSION['password'] = $password; //store the users password in a sesions var
    $_SESSION['username'] = $username; //store the username in a session var
$page = "index.php";   
header('Location: ' . $page);
}else {
    session_destroy();
}


?>[/code]

Use exactly what I show above, I changed mysql_num_rows to mysql_fetch_array that should make it run smoothly.  don't forget to upload the php.ini file, ti's not showing your errors.  Either that or your host doesn't support it.
[/quote]

I tried the exact code you used above and the one previous, businessman.

It's STILL not showing anything wrong!!! My php.ini file is in the same directory as test.php and all files are in the main directory anyway.

This is what test.htm looks like
[code]
<html>
<form action="test.php" method="post">
Username: <input type="text" name="username" size="30"><br><br>
Password: <input type="password" name="password" size="30"><br><br>
<input type="submit" value="Login!">
</form>
</html>
[/code]

Nothing wrong there, right?

But yeah, still blank :\ This is getting very frustrating now ???

Share this post


Link to post
Share on other sites
It doesn't matter how many spaces there are between the opening "<?php" and the call to session_start(). What matters is that there are no spaces (or anything else) at the start of the script before the opening "<?php" tag.

What is the error you are getting, and what output are you expecting from this script?

Share this post


Link to post
Share on other sites
That is entirely not true.
if you have
<?php

session_start();
?>
it can cause errors with headers already sent, it's happened a thousand times just because it doesn't doesn't mean it can't.
Now what I suspect, is you have your form, above everything else.  If this is the case, show me the entire page, from top to bottom.
then the entire form page from top to bottom.
if they are the same page, display them both.
If they are seperate pages show

Form page
code here



Processor page
code here

In the next post and let me look over it some.

Share this post


Link to post
Share on other sites
Well, i'm expecting to be logged in and thus redirected to the main page - index.php

But nothing is happening - just a blank page. Try it if you like, i'm using the script businessman has last posted.

http://www.lov3d.com/test.htm

Username = test
Password = test

Any ideas?

Many thanks for the help so far guys





Form page: (test.htm)

[code]
<html>
<form action="test.php" method="post">
Username: <input type="text" name="username" size="30"><br><br>
Password: <input type="password" name="password" size="30"><br><br>
<input type="submit" value="Login!">
</form>
</html>
[/code]


Processor Page: (test.php)

[code]
<?php
session_start(); //start a sessions :D

$username = $_POST["username"]; //get the username from the form, as $username
$password = md5($_POST["password"]); //get the password from the form in md5

$users = mysql_connect("localhost", "lov3dco_users", "test");
    if(!$users) {
          echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";
          exit();
        }

mysql_select_db("lov3dco_users");  //select what database to use
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$recieve = "SELECT * FROM users WHERE username =  '$username' AND password = '$password';";
$query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query

if($rows = mysql_num_rows($query)){
    $_SESSION['password'] = $password; //store the users password in a sesions var
    $_SESSION['username'] = $username; //store the username in a session var
$page = "index.php";   
header('Location: ' . $page);
}else {
    session_destroy();
}


?>
[/code]

Share this post


Link to post
Share on other sites
And the first thing is going to be to test to make sure the script is reading anything at all.  It might not be matching the criteria.  Put
echo "test1";
echo "test"2;
echo "test3";
at different interval's to see where the script is running and where it's not, if at all.

Share this post


Link to post
Share on other sites
Businessman what king arthur ment was it doesnt matter how much space you have between <?php and session_start();, but what does matter is the space before the opening <?php tag. Any whitespace after <?php is not outputted to the browser, unless you are echo/print'ing it.

Share this post


Link to post
Share on other sites
oh ok, I didn't know that, thanks for telling me

[code]<?php
session_start(); //start a sessions :D
echo "test1";
$username = $_POST["username"]; //get the username from the form, as $username
$password = md5($_POST["password"]); //get the password from the form in md5

$users = mysql_connect("localhost", "lov3dco_users", "test");
    if(!$users) {
          echo "<p>Sorry! We could not log you in at this time. Please Try again later!</p>";
          exit();
        }
echo "test3";
mysql_select_db("lov3dco_users");  //select what database to use
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);
$recieve = "SELECT * FROM users WHERE username =  '$username' AND password = '$password';";
$query = mysql_query($recieve) or die("Unable to peform query - " . mysql_error()); //do the query
echo "test4";
if($rows = mysql_num_rows($query)){
    $_SESSION['password'] = $password; //store the users password in a sesions var
    $_SESSION['username'] = $username; //store the username in a session var
$page = "index.php";   
echo "test5";
header('Location: ' . $page);
}else {
echo "test6";
    session_destroy();
}


?>[/code]

Share this post


Link to post
Share on other sites
If the user "test" does not exist in the database with password "test" encoded with md5 then yes you will get a blank page as it will just get to the session_destroy() and the end of the script.

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.