Toy Posted January 30, 2011 Share Posted January 30, 2011 <?php if(!isset($_SESSION['logged_in'])) { $_SESSION['logged_in'] = false; } if($_SESSION['logged_in'] == false) { if($_SERVER["REQUEST_METHOD"] == "POST") { $username=mysql_real_escape_string($_POST['username']); $password=mysql_real_escape_string($_POST['password']); $password2=md5($password); $sql = "SELECT * FROM users WHERE username='$username' and password='$password2'"; $result = mysql_query($sql); $count = mysql_num_rows($result); if($count==1){ $_SESSION['logged_in'] = true; echo '<meta http-equiv="Refresh" content="0; url=profile"> '; } else { echo 'Sorry! Incorrect...'; } } } else { echo 'Hello '.$result[username].'The stuff you want to see! '; } ?> I basicly just wanna make the user login and then show "hello, whatever your username is, the stuff you want to see", you get it. but something allways goes wrong, could someone help me with the code :s Quote Link to comment https://forums.phpfreaks.com/topic/226132-stuck/ Share on other sites More sharing options...
Pikachu2000 Posted January 30, 2011 Share Posted January 30, 2011 "Something always goes wrong" isn't much to go on, you know. Quote Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167349 Share on other sites More sharing options...
Toy Posted January 30, 2011 Author Share Posted January 30, 2011 I'm sorry, I don't want to be annoying or anything but you guys see what it's supposed to do right? I just want someone to try and clean it up as it doesn't seem the work, it doesn't perform what it should. :S, sorry again, it's just, >.<. Quote Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167355 Share on other sites More sharing options...
Pikachu2000 Posted January 30, 2011 Share Posted January 30, 2011 We aren't here to magically puke up working code for people, especially with the problem described as "it doesn't work". Quote Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167358 Share on other sites More sharing options...
Fergal Andrews Posted January 30, 2011 Share Posted January 30, 2011 Hi Toy, Where are you making a connection to MySQL and selecting the database? If you are doing that outside of this piece of code are you sure the connection is available to it? $conn = mysql_connect('localhost', 'mysql_username', 'mysql_password') or die('Cannot connect to db server'); mysql_select_db('database_name', $conn) or die('Cannot select database'); Also you can't just access data using $result in this piece of code. You need to actually fetch the data using : $row = mysql_fetch_assoc($result); $username = $row['username']; One other thing, put quotes around array index names. Your code has: $result[username] which should be $result['username'], though as I said you can't access this value like that. Hope that helps, Fergal Quote Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167360 Share on other sites More sharing options...
Toy Posted January 30, 2011 Author Share Posted January 30, 2011 Yes, I have a connection to the database put thanks for your input, I'll try it out. :-) Quote Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167361 Share on other sites More sharing options...
PaulRyan Posted January 30, 2011 Share Posted January 30, 2011 Something like the following is better structured, may not be perfect though <?PHP if(isSet($_SESSION['logged_in']) && $_SESSION['logged_in'] == 'Yes') { echo 'Logged In'; } else { if($_SERVER['REQUEST_METHOD'] == 'POST') { // Make sure POST was the method used $username = mysql_real_escape_string($_POST['username']); $password = md5(mysql_real_escape_string($_POST['password'])); $query = "SELECT * FROM users WHERE username='$username' and password='$password'"; if($doQuery = mysql_query($query)) { // Check to see if query actually executes if(mysql_num_rows($doQuery)) { // Check returned rows, if none, not correct details $_SESSION['logged_in'] = 'Yes'; header('Location: profile'); exit; } else { echo 'Incorrect details.'; } } else { echo 'This query failed ['.$query.']'; } } else { echo 'POST was not the method used.'; } } ?> Regards, PaulRyan. Quote Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167366 Share on other sites More sharing options...
Toy Posted January 30, 2011 Author Share Posted January 30, 2011 Something like the following is better structured, may not be perfect though <?PHP if(isSet($_SESSION['logged_in']) && $_SESSION['logged_in'] == 'Yes') { echo 'Logged In'; } else { if($_SERVER['REQUEST_METHOD'] == 'POST') { // Make sure POST was the method used $username = mysql_real_escape_string($_POST['username']); $password = md5(mysql_real_escape_string($_POST['password'])); $query = "SELECT * FROM users WHERE username='$username' and password='$password'"; if($doQuery = mysql_query($query)) { // Check to see if query actually executes if(mysql_num_rows($doQuery)) { // Check returned rows, if none, not correct details $_SESSION['logged_in'] = 'Yes'; header('Location: profile'); exit; } else { echo 'Incorrect details.'; } } else { echo 'This query failed ['.$query.']'; } } else { echo 'POST was not the method used.'; } } ?> Regards, PaulRyan. oh my god, thanks!!! the only issue I have left now is to display the username when logged in, I've tried various methods of fetching from query but nothing seems to happens :S if you or someone could help me with that I'd be forever grateful Quote Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167372 Share on other sites More sharing options...
PaulRyan Posted January 30, 2011 Share Posted January 30, 2011 <?PHP if(isSet($_SESSION['logged_in']) && $_SESSION['logged_in'] == 'Yes') { $userData = "SELECT * FROM users WHERE username='{$_SESSION['logged_in_user']}' LIMIT 1"; if($doQuery = mysql_query($userData)) { if(mysql_num_rows($doQuery)) { $user = mysql_fetch_assoc($doQuery); echo '<pre>'; print_r($user); echo '</pre>'; echo 'All user data above.'; } else { echo 'No user data was returned, error occurred.'; } } else { echo 'This query failed ['.$userData.']'; } } else { if($_SERVER['REQUEST_METHOD'] == 'POST') { // Make sure POST was the method used $username = mysql_real_escape_string($_POST['username']); $password = md5(mysql_real_escape_string($_POST['password'])); $query = "SELECT username FROM users WHERE username='$username' and password='$password'"; if($doQuery = mysql_query($query)) { // Check to see if query actually executes if(mysql_num_rows($doQuery)) { // Check returned rows, if none, not correct details $getData = mysql_fetch_assoc($doQuery); $_SESSION['logged_in'] = 'Yes'; $_SESSION['logged_in_user'] = $getData['username']; header('Location: profile'); exit; } else { echo 'Incorrect details.'; } } else { echo 'This query failed ['.$query.']'; } } else { echo 'POST was not the method used.'; } } ?> Try the above code, tell me how it goes. Regards, PaulRyan. Quote Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167380 Share on other sites More sharing options...
Toy Posted January 30, 2011 Author Share Posted January 30, 2011 Thank you so much! you're awesome Quote Link to comment https://forums.phpfreaks.com/topic/226132-stuck/#findComment-1167385 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.