gladwell Posted June 23, 2009 Share Posted June 23, 2009 This is the bare bones of a login page I'm writing. Everything is working except that the echo statement in the else clause is always on the page. I expected it to only appear when an incorrect u/p combo is entered and login.php is presented again. What's wrong with the way I've written the conditional statement? <?php if (isset($_POST['submit'])) { } $username = $_POST['username']; $password = $_POST['password']; $query = "SELECT * FROM table WHERE username like '$username' AND password like '$password'"; if ($result = mysql_query ($query)){ if ($row = mysql_fetch_array ($result)) { //username and password are in the database header('Location: http://url_here/index.php'); exit; } else { //username and password not in database. echo '<p><font color="red">The username and password combination you entered does not match those on file. Please try again.</font></p>'; } } ?> Here's the form code: <form action = "<?php echo $_SERVER['PHP_SELF'];?>" method="POST"> <fieldset> <p>Username: <input type = "text" name ="username" size ="10" maxlength="20" ></p> <p>Password: <input type = "password" name ="password" size ="20" maxlength ="20" /></p> <div align="center"><input type ="submit" name="submit" value="Login" /></p></div> </fieldset> </form> Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/ Share on other sites More sharing options...
will35010 Posted June 23, 2009 Share Posted June 23, 2009 Shouldn't your code be this: <?php if (isset($_POST['submit'])) { } $username = $_POST['username']; $password = $_POST['password']; $query = "SELECT * FROM table WHERE username like '$username' AND password like '$password'"; if ($result = mysql_query ($query)){ if ($row = mysql_fetch_array ($result)) { //username and password are in the database header('Location: http://url_here/index.php'); exit; } else //username and password not in database. echo '<p><font color="red">The username and password combination you entered does not match those on file. Please try again.</font></p>'; } ?> Here's the form code: <form action = "<?php echo $_SERVER['PHP_SELF'];?>" method="POST"> <fieldset> <p>Username: <input type = "text" name ="username" size ="10" maxlength="20" ></p> <p>Password: <input type = "password" name ="password" size ="20" maxlength ="20" /></p> <div align="center"><input type ="submit" name="submit" value="Login" /></p></div> </fieldset> </form> Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-861935 Share on other sites More sharing options...
exhaler Posted June 23, 2009 Share Posted June 23, 2009 try this: <?php if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; $query = "SELECT * FROM table WHERE username = '$username' AND password = '$password'"; $result = mysql_query($query); if (mysql_num_rows($result) == 1) { if ($row = mysql_fetch_array ($result)) { //username and password are in the database header('Location: http://url_here/index.php'); exit; } else { //username and password not in database. echo '<p><font color="red">The username and password combination you entered does not match those on file. Please try again.</font></p>'; } } } ?> don't use the "LIKE" when checking use the "=" instead since the username and password are unique Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-861942 Share on other sites More sharing options...
gladwell Posted June 23, 2009 Author Share Posted June 23, 2009 That took care of the echo statement always showing on the page, but now I get this error message: Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource I originally had mysql_num_rows() in the query but couldn't get passed this error message, so I changed it to what is shown in my original post. I have read that this error is thrown when something is wrong with the query. But I don't think anything is wrong with the query since it works when I change the function to ($row = mysql_fetch_array ($result)). Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-861952 Share on other sites More sharing options...
will35010 Posted June 23, 2009 Share Posted June 23, 2009 You need to include your link to the database. It doesn't know how to connect. http://us2.php.net/function.mysql-query Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-861954 Share on other sites More sharing options...
will35010 Posted June 23, 2009 Share Posted June 23, 2009 You need to include your link to the database. It doesn't know how to connect. http://us2.php.net/function.mysql-query At least you do with mysqli. Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-861956 Share on other sites More sharing options...
gladwell Posted June 23, 2009 Author Share Posted June 23, 2009 The connect information is all in an include file that is not shown in my post. Are you saying it can't be contained in an include file? Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-861962 Share on other sites More sharing options...
947740 Posted June 23, 2009 Share Posted June 23, 2009 With mysql_num_rows(), you need the result (as a variable) inbetween the parentheses. http://us2.php.net/function.mysql-num-rows Of course, that is what you did. So, that appears to mean that your query did not work. So, add a echo mysql_error($link_variable_name) to figure out what the problem is. Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-861964 Share on other sites More sharing options...
gladwell Posted June 23, 2009 Author Share Posted June 23, 2009 Isn't this showing the result as a variable in between the ()? $result = mysql_query($query); if (mysql_num_rows($result) == 1) { if ($row = mysql_fetch_array ($result)) { Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-861971 Share on other sites More sharing options...
947740 Posted June 23, 2009 Share Posted June 23, 2009 It is. And I said you did that... With mysql_num_rows(), you need the result (as a variable) inbetween the parentheses. http://us2.php.net/function.mysql-num-rows Of course, that is what you did. Now, the rest of my quote: So, that appears to mean that your query did not work. So, add a echo mysql_error($link_variable_name) to figure out what the problem is. Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-861973 Share on other sites More sharing options...
gladwell Posted June 23, 2009 Author Share Posted June 23, 2009 The error message is the same. Do I have the mysql_errno in the right place? $result = mysql_query($query); if (mysql_num_rows($result) == 1) { if ($row = mysql_fetch_array ($result)) { //username and password are in the database header('Location: http://url_here/index.php'); exit; } else { //username and password not in database. echo '<p><font color="red">The username and password combination you entered does not match those on file. Please try again.</font></p>'; echo mysql_errno($conn) . ": " . mysql_error($conn) . "\n"; } } Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-861992 Share on other sites More sharing options...
947740 Posted June 23, 2009 Share Posted June 23, 2009 Move it to right after $result = mysql_query($query). Putting it in your conditional statements will make it to where you don't catch the error every time, at least how you have it set up. Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-861995 Share on other sites More sharing options...
gladwell Posted June 23, 2009 Author Share Posted June 23, 2009 Changed the location and am now getting this error message Cannot modify header information - headers already sent with a reference to line 10 of the code which is this echo mysql_errno($conn) . ": " . mysql_error($conn) . "\n"; I originally had this error message which I fixed by moving the script into the <head></head> section of the page. Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-862027 Share on other sites More sharing options...
947740 Posted June 23, 2009 Share Posted June 23, 2009 So...now your code is getting to the header()? If it is getting that far, then your mysql_num_rows() is working, which means there is no error...which means your problem is solved. Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-862037 Share on other sites More sharing options...
gladwell Posted June 23, 2009 Author Share Posted June 23, 2009 No, not solved. I'm currently getting the header error: Cannot modify header information - headers already sent with a reference to line 10 of the code (below) which is the mysql_errno function I added to get more information on the error. echo mysql_errno($conn) . ": " . mysql_error($conn) . "\n"; Before I posted my original question, I was getting a header error that I fixed, I believe because I moved the location of the script. If I use this script $query = "SELECT * FROM table WHERE username like '$username' AND password like '$password'"; if ($result = mysql_query ($query)){ if ($row = mysql_fetch_array ($result)) { //username and password are in the database header('Location: http://url_here/index.php'); exit; } else //username and password not in database. echo '<p><font color="red">The username and password combination you entered does not match those on file. Please try again.</font></p>'; } I get everything I want except that the echo message displays all the time, which I figure indicates I have a problem with the conditional statement. If I use this code <?php if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; $query = "SELECT * FROM table WHERE username = '$username' AND password = '$password'"; $result = mysql_query($query); if (mysql_num_rows($result) == 1) { if ($row = mysql_fetch_array ($result)) { //username and password are in the database header('Location: http://url_here/index.php'); exit; } else { //username and password not in database. echo '<p><font color="red">The username and password combination you entered does not match those on file. Please try again.</font></p>'; } } } ?> The echo message disappears, but I then get this error message: Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-862074 Share on other sites More sharing options...
947740 Posted June 23, 2009 Share Posted June 23, 2009 Okay...try this and let me know what happens: <?php if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; $query = "SELECT * FROM table WHERE username = '$username' AND password = '$password'"; if($result = mysql_query($query)) { if (mysql_num_rows($result) == 1) { if ($row = mysql_fetch_array ($result)) { //username and password are in the database header('Location: http://url_here/index.php'); exit; } else { //username and password not in database. echo '<p><font color="red">The username and password combination you entered does not match those on file. Please try again.</font></p>'; } } } else { echo mysql_errno($conn) . ": " . mysql_error($conn) . "\n"; } } ?> Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-862083 Share on other sites More sharing options...
gladwell Posted June 24, 2009 Author Share Posted June 24, 2009 Sorry for the delay in responding to your suggestion 947740-had to go to work. This is interesting. I'm no longer getting any error messages, but when the login page reloads after an invalid u/p, the echo statement doesn't appear. Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-862396 Share on other sites More sharing options...
947740 Posted June 24, 2009 Share Posted June 24, 2009 After looking at this script again, I realized there is a fundamental design flaw. Your if (mysql_num_rows($result) == 1) { statement is what actually determines if there is a match in the database. So, if there is not a match, nothing will show up, unless there is an error. Try this: <?php if (isset($_POST['submit'])) { $username = $_POST['username']; $password = $_POST['password']; $query = "SELECT * FROM table WHERE username = '$username' AND password = '$password'"; if($result = mysql_query($query)) { if (mysql_num_rows($result) == 1) { //username and password are in the database header('Location: http://url_here/index.php'); } else { //username and password not in database. echo '<p><font color="red">The username and password combination you entered does not match those on file. Please try again.</font></p>'; } } else { echo mysql_errno($conn) . ": " . mysql_error($conn) . "\n"; } } ?> Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-862614 Share on other sites More sharing options...
gladwell Posted June 24, 2009 Author Share Posted June 24, 2009 That did it. Thanks. To be sure I understand why it works, removing ($row = mysql_fetch_array ($result)) enables the error message to appear. mysql_fetch_array($result) is the wrong tool for the job in this script, and its presence was enough to prevent the error message from echoing? Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-862622 Share on other sites More sharing options...
947740 Posted June 24, 2009 Share Posted June 24, 2009 Short answer: yes. Well, that statement was always going to return true, unless the query itself failed. That is because unless there is a connection error or something along those lines, $result will always return a value, and $row will always be set to that value. So, regardless if the user data is correct, your script would think that the user was logged in. mysql_num_rows(), however makes sure that there is 1 row of data matching the login data, which actually does ensure that the user is logged in. Hope that makes sense. Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-862638 Share on other sites More sharing options...
gladwell Posted June 24, 2009 Author Share Posted June 24, 2009 I understand better what mysql_num_rows() does now, so that's helpful. Thank you very much for your help. I have a new issue about this script. Can I ask you or do you prefer that I post it to the board in a separate topic? Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-862645 Share on other sites More sharing options...
947740 Posted June 24, 2009 Share Posted June 24, 2009 More people might help if you make a new topic. But you can go ahead and ask it here. Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-862651 Share on other sites More sharing options...
gladwell Posted June 24, 2009 Author Share Posted June 24, 2009 Thanks. I'm trying to use session_start() to pass the first name of the logged in user to the redirect page. Here's what I have $query = "SELECT firstname FROM table WHERE username = '$username' AND password = '$password'"; if($result = mysql_query($query)) { if (mysql_num_rows($result) == 1) { //username and password are in the database session_start(); $_SESSION['firstname'] = $row[1]; header('Location: http://url_here_index.php'); } and then this code at the top of the redirect page <?php session_start(); echo "Welcome, $_SESSION['firstname']"?>; I have also tried passing $_SESSION['firstname'] as a hidden variable, but that didn't echo either. Can you recommend a way to do this? The error message get with this script is Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-862680 Share on other sites More sharing options...
947740 Posted June 24, 2009 Share Posted June 24, 2009 On the page with: $query = "SELECT firstname FROM table WHERE username = '$username' AND password = '$password'"; if($result = mysql_query($query)) { if (mysql_num_rows($result) == 1) { //username and password are in the database session_start(); $_SESSION['firstname'] = $row[1]; header('Location: http://url_here_index.php'); } Put session_start() right after the opening <?php like so: <?php session_start(); Do you have error reporting turned off in php.ini? You should have gotten an error... Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-862682 Share on other sites More sharing options...
gladwell Posted June 24, 2009 Author Share Posted June 24, 2009 Here's the error, and I read that session_start had to be at the very top of the page and that's where I have it. Parse error: syntax error, unexpected T_STRING, expecting ',' or ';' Link to comment https://forums.phpfreaks.com/topic/163362-solved-ifthen-trouble-on-login-page/#findComment-862683 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.