Jump to content

[SOLVED] Back From Scratch

Xtremer360

By Xtremer360
in PHP Coding Help

 Share

Recommended Posts

Xtremer360 Advanced Member

Xtremer360

Posted
Posted

I lost a whole bunch of my script and have started to go back through and redo it all. I have this for my code but after submitting the login part I receive this:

 

 

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/usr/local/mysql-5.0/data/mysql.sock' (2) in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 11

 

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 11

 

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Can't connect to local MySQL server through socket '/usr/local/mysql-5.0/data/mysql.sock' (2) in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 12

 

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 12

 

Warning: mysql_query() [function.mysql-query]: Can't connect to local MySQL server through socket '/usr/local/mysql-5.0/data/mysql.sock' (2) in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 14

 

Warning: mysql_query() [function.mysql-query]: A link to the server could not be established in /home/content/y/a/n/yankeefaninkc/html/mybackstage/backstage.php on line 14

Can't connect to local MySQL server through socket '/usr/local/mysql-5.0/data/mysql.sock' (2)

 

<?php 

require "backstageconfig.php";

//if the login form is submitted
if(isset($_POST['submit']))
{
    // makes sure they filled it in
    if(!$_POST['username'] || !$_POST['password'])
    {
        die('You did not fill in a required field.');
    }
   $username = mysql_real_escape_string($_POST['username']); 
   $pass = mysql_real_escape_string($_POST['password']); 

    $check = mysql_query("SELECT * FROM users WHERE username = '".$username."'")or die(mysql_error());

    //Gives error if user dosen't exist
    $check2 = mysql_num_rows($check);
    if ($check2 == 0)
    {
        die('That user does not exist in our database.');
    }
    while($info = mysql_fetch_array( $check )) 
    {
        $pass = md5(stripslashes($_POST['password']));
        $info['password'] = stripslashes($info['password']);
        //$_POST['pass'] = md5($_POST['pass']); THIS IS DONE IN THE ABOVE STATEMENT
        //gives error if the password is wrong
        if ($pass != $info['password'])
        {
            die('Incorrect password, please try again.');
        }
        else 
      
      // if login is ok then we add a cookie and send them to the correct page
        { 
            $username = stripslashes($username); 
         $_SESSION['username'] = $username; 
         $_SESSION['loggedin'] = time();
            
            // Finds out the user type
            $query = "SELECT `admin` FROM `users` WHERE `username` = '" . $username . "'";
            $result = mysql_query($query) or die(mysql_error()); 
            $row = mysql_fetch_array($result); 
            $admin = $row['admin'];
         $_SESSION['admin'] = $admin;

#########################################
######## ADMIN SCRIPT CAN BE ADDED BELOW
#########################################
if(isset($_SESSION['admin'])) { ?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta http-equiv="Content-Language" content="en-us">
<meta name="language" content="en-us">
<title>Backstage V1 Administration Console</title>
<link rel="stylesheet" href="backstage.css" type="text/css" media="screen">
<link rel="stylesheet" href="backstage_print.css" type="text/css" media="print">
<script src="prototype.js" type="text/javascript"></script>
<script src="scriptaculous.js" type="text/javascript"></script>
<script type="text/javascript" src="ajax.js"></script>
<script type="text/javascript">
var page = document.cookie.match(/page=[\w][\w\-\.]+;/);
if(page != null) {
    ajaxpage("page", "content");
} else {
    ajaxpage("home", "content");
}
</script>
<link rel=stylesheet href=backstage.css type=css media=screen>
<link rel=stylesheet href=backstage_print.css type=css media=print>
</head>
<body>
<div id=container>
<div class=header>
<table cellpadding="0" cellspacing="0" border="0" width="95%">
<tr>
<td width=110 align=center></td>
<td></td>
<td width=40 valign=bottom align=right>
<a href="#" onclick="ajaxpage('home', 'content'); return false;">Home</a> | <a href="#" onclick="ajaxpage('logout', 'content'); return false;">Logout</a> | <a target="_blank" href="http://kansasoutlawwrestling.com/phpBB3">Forums</a></td>
</tr>
</table>
</div>
<div id=container2>
<div id=nav>
<?php if(isset($_SESSION['loggedin']))   { ?>
<h1>Character</h1>
<ul>
<li><a href="#" onclick="ajaxpage('bio', 'content'); return false;">Bio</a></li>
<li><a href="#" onclick="ajaxpage('allies', 'content'); return false;">Allies</a></li>
<li><a href="#" onclick="ajaxpage('rivals', 'content'); return false;">Rivals</a></li>
<li><a href="#" onclick="ajaxpage('quotes', 'content'); return false;">Quotes</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']))   { ?>
<h1>Submit</h1>
<ul>
<li><a href="#" onclick="ajaxpage('roleplay', 'content'); return false;">Roleplay</a></li>
<li><a href="#" onclick="ajaxpage('news', 'content'); return false;">News</a></li>
<li><a href="#" onclick="ajaxpage('match', 'content'); return false;">Match</a></li>
<li><a href="#" onclick="ajaxpage('seg', 'content'); return false;">Seg</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?>  
<h1>Handler</h1>
<ul>
<li><a href="#" onclick="ajaxpage('directory', 'content'); return false;">Directory</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?>  
<h1>Booking</h1>
<ul>
<li><a href="#" onclick="ajaxpage('champions', 'content'); return false;">Champions</a></li>
<li><a href="#" onclick="ajaxpage('booker', 'content'); return false;">Booker</a></li>
<li><a href="#" onclick="ajaxpage('compiler', 'content'); return false;">Compiler</a></li>
<li><a href="#" onclick="ajaxpage('archives', 'content'); return false;">Archives</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?>  
<h1>Fed Admin</h1>
<ul>
<li><a href="#" onclick="ajaxpage('handlers', 'content'); return false;">Handlers</a></li>
<li><a href="#" onclick="ajaxpage('characters', 'content'); return false;">Characters</a></li>
<li><a href="#" onclick="ajaxpage('applications', 'content'); return false;">Applications</a></li>
<li><a href="#" onclick="ajaxpage('eventnames', 'content'); return false;">Event Names</a></li>
<li><a href="#" onclick="ajaxpage('titlenames', 'content'); return false;">Title Names</a></li>
<li><a href="#" onclick="ajaxpage('matchtypes', 'content'); return false;">Match Types</a></li>
<li><a href="#" onclick="ajaxpage('divisions', 'content'); return false;">Divisions</a></li>
<li><a href="#" onclick="ajaxpage('countries', 'content'); return false;">Arenas</a></li>
</ul>
<?php } ?>
<?php if(isset($_SESSION['loggedin']) && $_SESSION['admin'] == 1) { ?>  
<h1>Site Admin</h1>
<ul>
<li><a href="#" onclick="ajaxpage('templates', 'content'); return false;">Templates</a></li>
<li><a href="#" onclick="ajaxpage('content', 'content'); return false;">Content</a></li>
<li><a href="#" onclick="ajaxpage('biosconfig', 'content'); return false;">Bio Configuration</a></li>
<li><a href="#" onclick="ajaxpage('newscat', 'content'); return false;">News Categories</a></li>
<li><a href="#" onclick="ajaxpage('menus', 'content'); return false;">Menus</a></li>
</ul>
<?php } ?>
</div>
<div id=content>
</div>
<div id="footer">Backstage 1 © 2009
</div>
</div>
</div>
</body>
</html>
<?php  
#########################################
######## ADMIN SCRIPT HAS TO END ABOVE
#########################################
    }
        } 
    } 
} 
else 
{
// if they have not submitted the form
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta http-equiv="Content-Style-Type" content="text/css">
<meta http-equiv="Content-Language" content="en-us">
<meta name="language" content="en-us">
<title>Backstage V1 Administration Console</title>
<link rel="stylesheet" href="backstage.css" type="text/css" media="screen">
<link rel="stylesheet" href="backstage_print.css" type="text/css" media="print">
<script src="prototype.js" type="text/javascript"></script>
<script src="scriptaculous.js" type="text/javascript"></script>
<script type="text/javascript" src="ajax.js"></script>
<link rel=stylesheet href=backstage.css type=css media=screen>
<link rel=stylesheet href=backstage_print.css type=css media=print>
</head>
<body>
<div id=login>
<form method="POST" action="/mybackstage/backstage.php">
<h1>KOW Backstage</h1>
<p><label>Username:<br><input type="text" name="username" id="log" tabindex="1"></label></p>
<p><label>Password:<br><input type="password" name="password" id="pwd" tabindex="2"></label></p>
<p style="text-align: center;"><input type="submit" class="button" name="submit" id="submit" value="Login »" tabindex="4"></p>
</form>
</div>
</body>
</html>
<?php
}
?>

Link to comment
Share on other sites
Xtremer360 Advanced Member

Xtremer360

Posted
  • Author
Posted

This is what I have in my backstageconfig.php file:

 

<?php

ob_start();
$host="?"; // Host name 
$username="?"; // Mysql username 
$password="?"; // Mysql password 
$db_name="?"; // Database name 


// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");


// To protect MySQL injection (more detail about MySQL injection)
$username = stripslashes($username);
$password = stripslashes($password);
$username = mysql_real_escape_string($username);
$password = mysql_real_escape_string($password);

?>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.