princeofpersia Posted May 16, 2011 Share Posted May 16, 2011 Hi guys, I had my code working fine as a login page untill I added sprintf and mysql_real_escape_string and since then when i test the form to login, server keep loading and then come up with this msg Fatal error: Maximum execution time of 30 seconds exceeded in ../Dashboard/index.php on line 35 which is (Line 35) while($row=mysql_fetch_array(mysql_query($getpin))){ I have my code below, can u please help me what is wrong? im coding in dreamweaver and it doesnt have any error in there. <?php include ('includes/db/db.php'); ?> <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-type" content="text/html; charset=utf-8" /> <title></title> <link rel="stylesheet" href="./css/reset.css" type="text/css" media="screen" title="no title" /> <link rel="stylesheet" href="./css/text.css" type="text/css" media="screen" title="no title" /> <link rel="stylesheet" href="./css/form.css" type="text/css" media="screen" title="no title" /> <link rel="stylesheet" href="./css/buttons.css" type="text/css" media="screen" title="no title" /> <link rel="stylesheet" href="./css/login.css" type="text/css" media="screen" title="no title" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /></head> <body> <div id="login"> <h1>Dashboard</h1> <?php if (isset($_POST['login']) && $_POST['login']){ $email=addslashes(strip_tags($_POST['email'])); $in_password=addslashes(strip_tags($_POST['password'])); $pin=addslashes(strip_tags($_POST['pin'])); $password=md5($in_password); if (!$email || !$in_password || !$pin) echo "<div class='error'>Please fill all required fields</div>"; else{ $getpin=sprintf("SELECT * FROM users WHERE UserEmail='%s' AND UserPassword='%s'", mysql_real_escape_string($email) , mysql_real_escape_string($password)); while($row=mysql_fetch_array(mysql_query($getpin))){ $pin_email=$row['UserEmail']; $pin_id=$row['UserId']; $pin_company_id=$row['company_id']; $pass=$row['UserPassword']; } $get=sprintf("SELECT pin FROM company WHERE company_id='%s' AND active='%s'", mysql_real_escape_string($pin_company_id), mysql_real_escape_string(1)) ; while($row=mysql_fetch_array(mysql_query($get))){ $pin_num= $row['pin']; } if($password==$pass && $pin_num==$pin && $email==$pin_email) { echo"success"; } else { echo "<div class='error'>Login Failed, Login details are incorrect!</div>"; } } } ?> <div id="login_panel"> <form action="" method="post" accept-charset="utf-8" /> <div class="login_fields"> <div class="field"> <label for="email">Email</label> <input type="text" name="email" value="" id="email" tabindex="1" placeholder="[email protected]" /> </div> <div class="field"> <label for="password">Password <small><a href="forgotpassword.php">Forgot Password?</a></small></label> <input type="password" name="password" value="" id="password" tabindex="2" placeholder="password" /> <div class="field"> <label for="pin">Pin Number</small></label><input type="password" name="pin" value="" id="password" tabindex="2" placeholder="pin"/> </div> </div> </div> <!-- .login_fields --> <div class="login_actions"> <input type="submit" name="login" value="Login" class="btn btn-grey"/> </div> </form> </div> <!-- #login_panel --> </div> <!-- #login --> </body> </html> thanks you all in advance. Link to comment https://forums.phpfreaks.com/topic/236547-sprintf-server-error/ Share on other sites More sharing options...
princeofpersia Posted May 16, 2011 Author Share Posted May 16, 2011 any one? Link to comment https://forums.phpfreaks.com/topic/236547-sprintf-server-error/#findComment-1216030 Share on other sites More sharing options...
kenrbnsn Posted May 16, 2011 Share Posted May 16, 2011 Don't put the query in the while statement. When you do that, you're re-executing the query every time. Do something like <?php $getpin=sprintf("SELECT * FROM users WHERE UserEmail='%s' AND UserPassword='%s'", mysql_real_escape_string($email) , mysql_real_escape_string($password)); $rs = mysql_query($getpin); while($row=mysql_fetch_assoc($rs)){ ?> Ken Link to comment https://forums.phpfreaks.com/topic/236547-sprintf-server-error/#findComment-1216043 Share on other sites More sharing options...
princeofpersia Posted May 16, 2011 Author Share Posted May 16, 2011 thanks ken, ill give it a try Link to comment https://forums.phpfreaks.com/topic/236547-sprintf-server-error/#findComment-1216047 Share on other sites More sharing options...
princeofpersia Posted May 16, 2011 Author Share Posted May 16, 2011 worked like charm, u r an start Ken, thanks mate Link to comment https://forums.phpfreaks.com/topic/236547-sprintf-server-error/#findComment-1216051 Share on other sites More sharing options...
Pikachu2000 Posted May 16, 2011 Share Posted May 16, 2011 And don't use addslashes along with mysql_real_escape_string. In fact, don't use addslashes at all with MySQL. Link to comment https://forums.phpfreaks.com/topic/236547-sprintf-server-error/#findComment-1216054 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.