Jump to content

Help with mysql_query!

mat3000000

By mat3000000
in PHP Coding Help

 Share

Recommended Posts

mat3000000 Member

mat3000000

Posted
Posted

Hi, why won't this work, there is no error messages so it gets to this point, but won't redirect???

(Obviously a lot is missed out here)

 

$query = mysql_query("SELECT * FROM `users` WHERE `username`='$username'");
if ($username==$dbusername&&$password==$dbpassword)
{ 	
$_SESSION['user'] = $username;

while($row = mysql_fetch_array($query)){ 
$type = $row['Type'];
if ($type=="0") {
header("Location: chefpanel.php");
}else{
header("Location: restpanel.php");
}
}  

}
else
 $errors[] = 'Password Incorrect';	
}
else
 $errors[] = 'Username Incorrect';

Link to comment
https://forums.phpfreaks.com/topic/225880-help-with-mysql_query/
Share on other sites
litebearer Member

litebearer

Posted
Posted

Compare your code to this...

$username = some value;
$password = some value;
$query = mysql_query("SELECT Type FROM users WHERE username='$username' AND password = '$password'");
$result = mysql_query($query);
if(mysql_num_rows($result)!=1) {
/* bad name or password */
/* redirect back to form */
}

$_SESSION['user'] = $username;
$row = mysql_fetch_array($query);
$type = $row['Type'];
if ($type=="0") {
header("Location: chefpanel.php");
}else{
header("Location: restpanel.php");
}

mat3000000 Member

mat3000000

Posted
  • Author
Posted

Here is my full code?

 

$query = mysql_query("SELECT * FROM `users` WHERE `username`='$username'");
$numrows = mysql_num_rows($query);

if ($numrows!=0)
{
while($row = mysql_fetch_assoc($query))
{
	$dbusername = $row['username'];
	$dbpassword = $row['password'];
}
if ($username==$dbusername&&$password==$dbpassword)
{ 	
$_SESSION['user'] = $username;


while($row = mysql_fetch_array($query)){ 
$type = $row['Type'];
if ($type=="0") {
header("Location: chefpanel.php");
}else{
header("Location: restpanel.php");
}

} }
else
 $errors[] = 'Password Incorrect';	
}
else
 $errors[] = 'Username is not in our Database';

litebearer Member

litebearer

Posted
Posted

Look CLOSELY at all the comments...

<?PHP
/* first you have you acquire the username form somewhere */
/* presuming you are coming here from a form, where the field name is username  and other is password */
/* a good plan to check if the form is submitted - but for now we will  skip that  as well as cleansing data */
$username = $_POST['username'];
$password = $_POST['password']; /* again for simplicity we are not doing any hashing */

/* here you connect to your database */
include('dp.php'); /* or whtever your connection code is */

/* next create your query to see if its a good username AND password */
/* what's point of a password if you are not going to use it to protect access? */
$query = mysql_query("SELECT * FROM users WHERE username ='$username' AND password = '$password'");

/* now you have to ACTUALLY EXECUTE the query */
/* once again I am ignoring proper protocal and not making provision for errors */
/* $result is the 'resource'/'identifer' of the EXECUTED query */
$result = mysql_query($query);

/* NOW we can see if the EXECUTED query has found a match - by rights ONE and ONLY ONE record should be found */
$numrows = mysql_num_rows($result);

/* if no records found OR too many records found - send them back to the form */
if ($numrows!=1){
/* redirect back to the form page */
}

$_SESSION['user'] = $username;

/* since we only have one record with which to deal, no need for a loop */
$row = mysql_fetch_array($result);
$type = $row['Type'];

if ($type=="0") {
header("Location: chefpanel.php");
}else{
header("Location: restpanel.php");
}
?>

DavidAM Member

DavidAM

Posted
Posted

The query is executed on the first line of the code snippet:

$query = mysql_query("SELECT * FROM `users` WHERE `username`='$username'");

 

The problem is that you are using while ($row = ...) twice on the same result set. The first WHILE loop has already processed ALL records, so the second while loop is not finding any data and is skipping the entire body of the loop.

 

If you are expecting only ONE row from the query, you do NOT need to use a WHILE loop at all.  Check to see if the query was successful, then fetch the data into $row (or whatever) and go from there.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.