Jump to content

PHP and MY SQL Problem

bhikha

By bhikha
in PHP Coding Help

 Share

Recommended Posts

bhikha Newbie

bhikha

Posted
Posted

Can anyone see what is wrong with the following code? I am trying to set up a password feature on my website but i keep coming back with error messages when testing!

 

{
$Link = mysql_connect($Host, $User, $Password);

$Query = "SELECT Username, PassWord, name FROM $table_1 WHERE Username = '$UserName' AND Password ('$PassWord')";
$Result = mysql_db_query ($DBName, $Query, $Link);

(LINE 50)$num_rows= mysql_num_rows($Result);
(LINE 51)$PassWordMatch=mysql_fetch_array($Res…

if(!($num_rows))
{

$message = "User Name Not Recongised, Please Try Again!";
(LINE 57)header("location: login.php?message=$message");
}
else
{
if($PassWord !=$PassWordMatch['PassWord'])
{

$message = "Password Wrong, Please Login Again!";
header("location: login.php?message=$message");
}
else
{
$_SESSION['name'] = $PassWordMatch['name'];

$message = "Welcome ".$Username."You are now logged in<br>Please continue to<br>use the site!";
header("location: index.html?message=$message");
}
}
}

 

The Errors:

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /web/users/j9041310/ICA/PHP/checkDetails… on line 50

 

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /web/users/j9041310/ICA/PHP/checkDetails… on line 51

 

Warning: Cannot modify header information - headers already sent by (output started at /web/users/j9041310/ICA/PHP/checkDetails… in /web/users/j9041310/ICA/PHP/checkDetails… on line 57

 

Edit KP: added code tags

Link to comment
Share on other sites
WebStyles Newbie

WebStyles

Posted
Posted

The whole script is wrong, think about what it's doing for a second:

 

1. connects to database (ok so far)

2. grabs username and password, from database where username and password match the ones you already have (oppss... in next step you'll see why this is not what you want )

3. check if any rows were returned (if not assume username was wrong. WHY? it could also be a wrong password, you have no way of knowing this)

4. mysql_fetch_array($Res); (where does $Res come from???)

5. header() will only work if you have not outputted anything to the page yet.

6. if($PassWord != $PassWordMatch['PassWord']) // this will NEVER work because you specifically said: grab user,pass where pass is equal to my pass

7. you use $UserName in you query then $Username ( lowercase N) in the last message. One of them is incorrect.

 

Think simple, try something like this:

1. connect to database.

2. grab only password from database where username = '$username' (no need to grab the username because you already have it)

3. if there are no results, then username does not exist

4. if there is a result, compare password with the one returned from database

5. redirect accordingly.

 

hope this helps

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.