mcerveni Posted October 1, 2009 Share Posted October 1, 2009 here's an example of the site: www.rimdev.sgspoint.com/agentcenter breakdown of code and what it's supposed to do: [*] Check user to see if he/she exists in another database [*] if the user exists, check in current database if the user exists in 'users' table [*] if they do not exist in the 'users' table, then show the 'create account' button [*] if they do exist in the 'users' table, then go to the else statement and login user there is one record in the 'users' table, and when you put it the username which is: CA123456 password is: test it just says 'try again' when it really should log in the user. any help appreciated! i've been on this for hours lol...please help. <?php $ca = $_GET['ca']; $pass = $_GET['pass']; $position = "FLA"; $caNum = strtoupper($ca); $handle = mysql_connect($host,$user,$pwd); mysql_select_db($stats, $handle); mysql_query("USE $stats",$handle); $sql = "SELECT * FROM employee WHERE EmpID = '$caNum' && Position = '$position'"; $row = mysql_fetch_assoc(mysql_query($sql)); if($row['EmpID'] == $caNum && $row['Position'] == $position) { session_start(); $_SESSION['user'] = $row['AgentName']; //user has a session because i took out the values of first and last name when you log in in the login function. $user = $_SESSION['user']; $handle2 = mysql_connect($host,$user,$pwd); mysql_select_db($agentcenter_database, $handle2); mysql_query("USE $agentcenter_database",$handle2); $sql2 = "SELECT * FROM users WHERE empID = '$caNum'"; $row2 = mysql_fetch_assoc(mysql_query($sql2)); if ($row2['empID'] != $caNum) { echo '<input type="submit" value="Create Account" class="loginBtn" onclick="createAccount();"> '; } else { $handle3 = mysql_connect($host,$user,$pwd); mysql_select_db($agentcenter_database, $handle3); mysql_query("USE $agentcenter_database",$handle3); $query3 = "SELECT * FROM users WHERE empID = '$caNum'"; $row3 = mysql_fetch_assoc(mysql_query($query3)); if($row3['password'] == $pass) { $_SESSION['agent_logged_in'] = TRUE; $picture = $row3['picture']; echo '<center> <img src="images/badge_pics/'.$picture.'" style="border:1px solid black"> </center>'; echo '<span style="font-size:18px"><b>'. $user .'</b> </span>'; echo '<br><span style="font-size:18px"><b> <i> RIM </i> </b> </span>'; echo '<br> <b> <a href="index.php"> Continue </b> </a>'; } else { echo " <br> <br> <span style='font-size:17px'> <img src='images/invalid.JPG'> <center><a href='index.php'> Try Again </a> </center> </span> "; } } } else { echo " <br> <br> <span style='font-size:17px'> <img src='images/invalid.JPG'> <center><a href='index.php'> Try Again </a> </center> </span> "; } ?> Quote Link to comment Share on other sites More sharing options...
RussellReal Posted October 1, 2009 Share Posted October 1, 2009 in the database when adding to it.. do you hash your passwords? that could be the reason.. because thats the only check that goes to else tht isn't correct Quote Link to comment Share on other sites More sharing options...
mcerveni Posted October 1, 2009 Author Share Posted October 1, 2009 nope, it's not hashed... it's : password varchar(20) if you put in a different username like CA705556 , it should show the 'create account' button because that username is not in the 'users' table yet Quote Link to comment Share on other sites More sharing options...
Philip Posted October 1, 2009 Share Posted October 1, 2009 Where does $stats come from? Also, why are you selecting the database & then querying a use database, thats kinda redundant. Quote Link to comment Share on other sites More sharing options...
RussellReal Posted October 1, 2009 Share Posted October 1, 2009 Where does $stats come from? Also, why are you selecting the database & then querying a use database, thats kinda redundant. yeah lol he uses 3 different connections, and I think 2 of them use the same tables he shoudl just make ONE connection @ the top and change the database accordingly Quote Link to comment Share on other sites More sharing options...
mcerveni Posted October 1, 2009 Author Share Posted October 1, 2009 i have a include functions.php page and in there it has: $host = "localhost"; $user = "root"; $pwd = "password"; $queue_center_database = "queue_center"; $agentcenter_database = "agentcenter"; $stats = "stats"; in this login page i'm only changing between the stats database and agentcenter database. each of those have different tables, so no, i'm not using the same table in those databases. Quote Link to comment Share on other sites More sharing options...
redarrow Posted October 1, 2009 Share Posted October 1, 2009 Sorry mate there just being sarky, what there all saying is use a join and one database connection.... Quote Link to comment Share on other sites More sharing options...
RussellReal Posted October 1, 2009 Share Posted October 1, 2009 Sorry mate there just being sarky, what there all saying is use a join and one database connection.... yeah also I really do not see why this isn't working like 30 mins ago I broke it up in my notepad++ and everything looks fine.. its definately something wrong with the password from the row and the password supplied.. change: if($row3['password'] == $pass) { to: echo $row3['password']." ~~ ".$pass; if($row3['password'] == $pass) { and see if they match up Quote Link to comment Share on other sites More sharing options...
redarrow Posted October 1, 2009 Share Posted October 1, 2009 if your form input's are not named how does it work your form? CA Number <input type="text" id="ca" size=30" maxlength="8"> <br> Password <input type="password" id="pass" size="30" maxlength="15"> id= << this is for the css and not a form element is it ? where name="pass" and name="ca" Quote Link to comment Share on other sites More sharing options...
mcerveni Posted October 1, 2009 Author Share Posted October 1, 2009 when i do that...it doesn't print out the password because it skips all the way to "please try again" Quote Link to comment Share on other sites More sharing options...
mcerveni Posted October 1, 2009 Author Share Posted October 1, 2009 what? lol..no no.. <input type="text" id="ca"> is definitley correct. the id is pulled by my ajax code i have. but yes, id is for css as well as javascript functions. var ca = encodeURI(document.getElementById('ca').value); that's why there's an id in the input. Quote Link to comment Share on other sites More sharing options...
RussellReal Posted October 1, 2009 Share Posted October 1, 2009 when i do that...it doesn't print out the password because it skips all the way to "please try again" it shouldn't because try again is in the else for the if I told you to put the echo above of Quote Link to comment Share on other sites More sharing options...
Philip Posted October 1, 2009 Share Posted October 1, 2009 Where does $stats come from? You're not selecting a database would be my guess. Both $stats and $agentcenter_database are undefined in that script. If you place echo mysql_error(); after the queries and run it, an error should pop up. Quote Link to comment Share on other sites More sharing options...
mcerveni Posted October 1, 2009 Author Share Posted October 1, 2009 when i put that after the query, it says "Table 'stats.users' doesn't exist" Quote Link to comment Share on other sites More sharing options...
mcerveni Posted October 1, 2009 Author Share Posted October 1, 2009 Alright, so i'm getting lost in my own code lol i can't understand why it doesn't work..and i really need this done by tonight... i got it working a bit..it gets stuck when it sees the correct username and password, it tries to log in, but says: Table 'agentcenter.employee_compo' doesn't exist username: CA705572 pass: test Someonone please help me figure out my code regarding connecting to 2 different databases. and how to do it properly. code below: <?php include('header.php'); $ca = $_GET['ca']; $pass = $_GET['pass']; $position = "FLA"; $caNum = strtoupper($ca); $handle = mysql_connect($host,$user,$pwd); mysql_select_db($stats, $handle); mysql_query("USE $stats",$handle); $query = "SELECT * FROM users WHERE empID = '$caNum' && password = '$pass' "; $result = mysql_query($query) or die(mysql_error()); $row= mysql_fetch_array($result); if($row['empID'] == $caNum && $row['password'] == $pass && $row['activated'] == "yes") { $empID = $row['empID']; $_SESSION['agent_logged_in'] = TRUE; $handle2 = mysql_connect($host,$user,$pwd); mysql_select_db($stats, $handle2); mysql_query("USE $stats",$handle2); $sql1 = "SELECT * FROM employee_compo WHERE EmpID = '$empID'"; $result1 = mysql_query($sql1) or die(mysql_error()); $row1= mysql_fetch_array($result1); $agentName = $row1['AgentName']; $_SESSION['agentName'] = $agentName; $_SESSION['empID'] = $empID; $picture = $row['picture']; echo '<center> <img src="images/badge_pics/'.$picture.'" style="border:1px solid black"> </center>'; echo '<span style="font-size:18px"><b>'. $agentName .'</b> </span>'; echo '<br><span style="font-size:18px"><b> <i> RIM </i> </b> </span>'; echo '<br> <b> <a href="index.php"> Continue </b> </a>'; } else { $query3 = "SELECT * FROM users WHERE empID = '$caNum'"; $result3 = mysql_query($query3) or die(mysql_error()); $row3= mysql_fetch_array($result3); if ($row3['empID'] != $caNum) { echo '<input type="submit" value="Create Account" class="loginBtn" onclick="createAccount();"> '; } else { echo " <br> <br> <span style='font-size:17px'> <img src='images/invalid.JPG'> <center><a href='index.php'> Try Again </a> </center> </span> "; } } ?> Quote Link to comment Share on other sites More sharing options...
mcerveni Posted October 1, 2009 Author Share Posted October 1, 2009 updated code below: <?php include('header.php'); $ca = $_GET['ca']; $pass = $_GET['pass']; $position = "FLA"; $caNum = strtoupper($ca); $query = "SELECT * FROM users WHERE empID = '$caNum' && password = '$pass' "; $result = mysql_query($query) or die(mysql_error()); $row= mysql_fetch_array($result); if($row['empID'] == $caNum && $row['password'] == $pass && $row['activated'] == "yes") { $empID = $row['empID']; $_SESSION['agent_logged_in'] = TRUE; $handle2 = mysql_connect($host,$user,$pwd); mysql_select_db($stats, $handle2); mysql_query("USE $stats",$handle2); $sql1 = "SELECT * FROM employee_compo WHERE EmpID = '$empID'"; $result1 = mysql_query($sql1) or die(mysql_error()); $row1= mysql_fetch_array($result1); $agentName = $row1['AgentName']; $_SESSION['agentName'] = $agentName; $_SESSION['empID'] = $empID; $picture = $row['picture']; echo '<center> <img src="images/badge_pics/'.$picture.'" style="border:1px solid black"> </center>'; echo '<span style="font-size:18px"><b>'. $agentName .'</b> </span>'; echo '<br><span style="font-size:18px"><b> <i> RIM </i> </b> </span>'; echo '<br> <b> <a href="index.php"> Continue </b> </a>'; } else { $handle3 = mysql_connect($host,$user,$pwd); mysql_query("USE $agentcenter_database",$handle3); $query3 = "SELECT * FROM users WHERE empID = '$caNum'"; $result3 = mysql_query($query3) or die(mysql_error()); $row3= mysql_fetch_array($result3); if ($row3['empID'] != $caNum) { echo '<input type="submit" value="Create Account" class="loginBtn" onclick="createAccount();"> '; } else { echo " <br> <br> <span style='font-size:17px'> <img src='images/invalid.JPG'> <center><a href='index.php'> Try Again </a> </center> </span> "; } } ?> Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.