Jump to content

login works on old site but not on new one...

willboudle

By willboudle
in PHP Coding Help

Recommended Posts

willboudle Newbie

willboudle

Posted
Posted

alright I'm a newb yes, but I can't for the life of me figure out why this script is working on my old site and not on my new one  :shrug: .. heres my db connect code : 

[code=php:0]<?
//$username="old_db";
//$password="oldpassword";
//$database=old_db";
//$email = "[email protected]";
//$url = "http://X6.211.136.133/~furnicure/";
$url = "http://furniturerepairman.com";         

$username="furnicure";
$password="newpassword";
$database="furnicure_db";
//$email = "[email protected]";
//$base = "http://X6.211.136.133/~furnicure/";
$base = "http://furniturerepairman.com/schedule/";

$dbHost = "willboudle.startlogicmysql.com";
//$dbHost = ":/tmp/mysql.sock";
mysql_connect($dbHost,$username,$password) or die (mysql_error());
$connect = mysql_select_db($database) or die(mysql_error()."Unable to 
select database");

?>

[/code]

 

and here is my login access code:

 

[code=php:0]
<?
session_start();
include("../dbinfo.inc.php");

// Login Access

if( !empty($usrname) && !empty($pword) )
{

    $sql = mysql_query("SELECT * FROM clients WHERE usrname = '$usrname' AND pword = '$pword'") or die(mysql_error());
    if($res=mysql_fetch_array($sql))
    {
        $_SESSION['logged_in'] = TRUE;
        $_SESSION['client_id'] = $res['id'];
        print '<script> window.location="'.$base.'schedule/add_job.php";</script>';
    }
    else
    {
        print '<script> window.location="'.$base.'login/login_error.php";';
    }


mysql_close();
}

if(empty($usrname) || empty($pword))
{
    
    print '<script> window.location="'.$base.'login/login_error.php";</script>';
}
?>

[/code]

 

and it returns the login_error.php as though both $usrname and $pword are empty

which they are not. I have created a 'fake' client with

username :new and password:new at both

http://furniturerepairman.com/schedule/login/login.php

&

http://furnicure.com/schedule/login/login.php

 

Sigh any help would be appreciated.. I must be overlooking something as this is rather simple code. Maybe something with my new server? or my php version? IDK.. thanks in advance. :D

MatthewJ Newbie

MatthewJ

Posted
Posted

It looks like you have register globals on with the old server. Try changing this

 

session_start();
include("../dbinfo.inc.php");

// Login Access

if( !empty($_POST['usrname']) && !empty($_POST['pword']) )
{

    $sql = mysql_query("SELECT * FROM clients WHERE usrname = '$_POST['usrname'] AND pword = '$_POST['pword']") or die(mysql_error());
    if($res=mysql_fetch_array($sql))
    {
        $_SESSION['logged_in'] = TRUE;
        $_SESSION['client_id'] = $res['id'];
        print '<script> window.location="'.$base.'schedule/add_job.php";</script>';
    }
    else
    {
        print '<script> window.location="'.$base.'login/login_error.php";';
    }


mysql_close();
}

if(empty($_POST['usrname']) || empty($_POST['pword']))
{
   
    print '<script> window.location="'.$base.'login/login_error.php";</script>';
}

willboudle Newbie

willboudle

Posted
  • Author
Posted

Thanks for your prompt response.

 

Well I tried that code 

 $sql = mysql_query("SELECT * FROM clients WHERE usrname = '$_POST['usrname'] AND pword = '$_POST['pword']") or die(mysql_error());

but I end up with:

 

Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /hermes/bosweb/web009/b94/sl.willboudle/public_html/furniturerepairman/schedule/login/login_access.php on line 11

 

so I appended the code a little to read

 

 $sql = mysql_query("SELECT * FROM clients WHERE usrname = {$_POST['usrname']} AND pword = {$_POST['pword']}")

 

but now I'm getting:

 

Unknown column 'new' in 'where clause'

 

//

 

also I'm not very familiar with using mysql_real_escape_string() I tried:

$sql = mysql_query("SELECT * FROM clients WHERE usrname = {$_POST['usrname']} AND pword = {$_POST['pword']}"),
mysql_real_escape_string($usrname),
            mysql_real_escape_string($pword),
or die(mysql_error());

But that doesn't seem to work, although this issue is secondary and the least of my concerns right now :P

again total newb, I've learned all my php working with Joomla & wordpress. lol trying to learn it on my own now and its daunting!!

 

greatstar00 Newbie

greatstar00

Posted
Posted

mathewJ, u forgot the single quote after $_POST['username'])."

$sql = mysql_query("SELECT * FROM clients WHERE usrname = '".mysql_real_escape_string($_POST['usrname'])."' AND pword = '".mysql_real_escape_string($_POST['pword'])."'") or die(mysql_error());

willboudle Newbie

willboudle

Posted
  • Author
Posted

YOU GUYS ARE AWESOME!!

 

that worked . thank you so much.

 

I've been banging my head on it all morning. and for you to go the step further and help add the  mysql_real_escape_string () is so appreciated. I'm definitely bookmarking this website, and then hitting the books a little harder so I can help pay it forward. Again thanks so much!!

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.