Toy Posted January 30, 2011 Share Posted January 30, 2011 <?php if(!isset($_SESSION['logged_in'])) { $_SESSION['logged_in'] = false; } if($_SESSION['logged_in'] == false) { if($_SERVER["REQUEST_METHOD"] == "POST") { $username=mysql_real_escape_string($_POST['username']); $password=mysql_real_escape_string($_POST['password']); $password2=md5($password); $sql = "SELECT * FROM users WHERE username='$username' and password='$password2'"; $result = mysql_query($sql); $count = mysql_num_rows($result); if($count==1){ $_SESSION['logged_in'] = true; echo '<meta http-equiv="Refresh" content="0; url=profile"> '; } else { echo 'Sorry! Incorrect...'; } } } else { echo 'Hello '.$result[username].'The stuff you want to see! '; } ?> I basicly just wanna make the user login and then show "hello, whatever your username is, the stuff you want to see", you get it. but something allways goes wrong, could someone help me with the code :s Link to comment https://forums.phpfreaks.com/topic/226132-stuck/ Share on other sites More sharing options...
Pikachu2000 Posted January 30, 2011 Share Posted January 30, 2011 "Something always goes wrong" isn't much to go on, you know. Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167349 Share on other sites More sharing options...
Toy Posted January 30, 2011 Author Share Posted January 30, 2011 I'm sorry, I don't want to be annoying or anything but you guys see what it's supposed to do right? I just want someone to try and clean it up as it doesn't seem the work, it doesn't perform what it should. :S, sorry again, it's just, >.<. Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167355 Share on other sites More sharing options...
Pikachu2000 Posted January 30, 2011 Share Posted January 30, 2011 We aren't here to magically puke up working code for people, especially with the problem described as "it doesn't work". Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167358 Share on other sites More sharing options...
Fergal Andrews Posted January 30, 2011 Share Posted January 30, 2011 Hi Toy, Where are you making a connection to MySQL and selecting the database? If you are doing that outside of this piece of code are you sure the connection is available to it? $conn = mysql_connect('localhost', 'mysql_username', 'mysql_password') or die('Cannot connect to db server'); mysql_select_db('database_name', $conn) or die('Cannot select database'); Also you can't just access data using $result in this piece of code. You need to actually fetch the data using : $row = mysql_fetch_assoc($result); $username = $row['username']; One other thing, put quotes around array index names. Your code has: $result[username] which should be $result['username'], though as I said you can't access this value like that. Hope that helps, Fergal Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167360 Share on other sites More sharing options...
Toy Posted January 30, 2011 Author Share Posted January 30, 2011 Yes, I have a connection to the database put thanks for your input, I'll try it out. :-) Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167361 Share on other sites More sharing options...
PaulRyan Posted January 30, 2011 Share Posted January 30, 2011 Something like the following is better structured, may not be perfect though <?PHP if(isSet($_SESSION['logged_in']) && $_SESSION['logged_in'] == 'Yes') { echo 'Logged In'; } else { if($_SERVER['REQUEST_METHOD'] == 'POST') { // Make sure POST was the method used $username = mysql_real_escape_string($_POST['username']); $password = md5(mysql_real_escape_string($_POST['password'])); $query = "SELECT * FROM users WHERE username='$username' and password='$password'"; if($doQuery = mysql_query($query)) { // Check to see if query actually executes if(mysql_num_rows($doQuery)) { // Check returned rows, if none, not correct details $_SESSION['logged_in'] = 'Yes'; header('Location: profile'); exit; } else { echo 'Incorrect details.'; } } else { echo 'This query failed ['.$query.']'; } } else { echo 'POST was not the method used.'; } } ?> Regards, PaulRyan. Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167366 Share on other sites More sharing options...
Toy Posted January 30, 2011 Author Share Posted January 30, 2011 Something like the following is better structured, may not be perfect though <?PHP if(isSet($_SESSION['logged_in']) && $_SESSION['logged_in'] == 'Yes') { echo 'Logged In'; } else { if($_SERVER['REQUEST_METHOD'] == 'POST') { // Make sure POST was the method used $username = mysql_real_escape_string($_POST['username']); $password = md5(mysql_real_escape_string($_POST['password'])); $query = "SELECT * FROM users WHERE username='$username' and password='$password'"; if($doQuery = mysql_query($query)) { // Check to see if query actually executes if(mysql_num_rows($doQuery)) { // Check returned rows, if none, not correct details $_SESSION['logged_in'] = 'Yes'; header('Location: profile'); exit; } else { echo 'Incorrect details.'; } } else { echo 'This query failed ['.$query.']'; } } else { echo 'POST was not the method used.'; } } ?> Regards, PaulRyan. oh my god, thanks!!! the only issue I have left now is to display the username when logged in, I've tried various methods of fetching from query but nothing seems to happens :S if you or someone could help me with that I'd be forever grateful Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167372 Share on other sites More sharing options...
PaulRyan Posted January 30, 2011 Share Posted January 30, 2011 <?PHP if(isSet($_SESSION['logged_in']) && $_SESSION['logged_in'] == 'Yes') { $userData = "SELECT * FROM users WHERE username='{$_SESSION['logged_in_user']}' LIMIT 1"; if($doQuery = mysql_query($userData)) { if(mysql_num_rows($doQuery)) { $user = mysql_fetch_assoc($doQuery); echo '<pre>'; print_r($user); echo '</pre>'; echo 'All user data above.'; } else { echo 'No user data was returned, error occurred.'; } } else { echo 'This query failed ['.$userData.']'; } } else { if($_SERVER['REQUEST_METHOD'] == 'POST') { // Make sure POST was the method used $username = mysql_real_escape_string($_POST['username']); $password = md5(mysql_real_escape_string($_POST['password'])); $query = "SELECT username FROM users WHERE username='$username' and password='$password'"; if($doQuery = mysql_query($query)) { // Check to see if query actually executes if(mysql_num_rows($doQuery)) { // Check returned rows, if none, not correct details $getData = mysql_fetch_assoc($doQuery); $_SESSION['logged_in'] = 'Yes'; $_SESSION['logged_in_user'] = $getData['username']; header('Location: profile'); exit; } else { echo 'Incorrect details.'; } } else { echo 'This query failed ['.$query.']'; } } else { echo 'POST was not the method used.'; } } ?> Try the above code, tell me how it goes. Regards, PaulRyan. Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167380 Share on other sites More sharing options...
Toy Posted January 30, 2011 Author Share Posted January 30, 2011 Thank you so much! you're awesome Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167385 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.