Jump to content

Recommended Posts

<?php
    include("global-settings.php");
    session_start();
    mysql_connect($dbhost, $dbuser, $dbpass)or die("Could Not Connect: " . mysql_error());
    mysql_select_db($dbname) or die(mysql_error());
    $email      = mysql_real_escape_string(strip_tags($_POST['email']));
    $password  	= mysql_real_escape_string(strip_tags(sha1($_POST['password'])));
    $result  	= mysql_query("SELECT * FROM users WHERE username='$email' AND password='$password'");

while (mysql_fetch_array($result)) {
if ($email != $row['username'] && $password != $row['password']) { 
        $_SESSION['user_pid']    = $row['user_pid'];
        $_SESSION['firstname']   = $row['first_name'];
        header("Location: ../protected/home.php");
    } else {
        $userid_generator = uniqid(rand(), false);
        $date = date("Y/m/d");
        mysql_query("INSERT INTO users (user_pid, username, password, datetime_registered) 
        VALUES('$userid_generator', '$email', '$password', '$date')") or die(mysql_error()); 
        $_SESSION['userid'] = $userid_generator;

        $result1 = mysql_query("SELECT * FROM leaders");

        $id = $result1['id'];
        mysql_query("INSERT IGNORE INTO friends (node1id, node2id, is_leader, friends_since, friend_type)
    VALUES('$id', '$userid_generator', 'Yes', '$date', 'full')") or die(mysql_error());     
    }
}
?>

 

For some reason this code outputs a blank screen. It either has to do with my while loop or my if...else statement. Any help?

Link to comment
https://forums.phpfreaks.com/topic/248127-output-problem/
Share on other sites

need to change your while loop to

 

while ($row = mysql_fetch_array($result))

 

Edit: mikesta gave you a good way to debug code for things like this.. if your code is outputting a blank screen, and you have error_reporting set to on.. there will more than likely be a few errors sent to your error log

Link to comment
https://forums.phpfreaks.com/topic/248127-output-problem/#findComment-1274131
Share on other sites

1. Your script doesn't output anything. Of course the page is blank.

2.

if ($email != $row['username'] && $password != $row['password']) { 

That logic is wrong.

3. You don't even need that logic because you put it in the SQL query already.

"SELECT * FROM users WHERE username='$email' AND password='$password'"

4. The else block will never execute because the query won't return anything if there aren't any matching rows.

5. However because of #2 it did, and it will have every time you ran the page. Which means you probably have a bunch of duplicate rows in the users and maybe friends tables.

6. Why isn't there a UNIQUE constraint on the users.username field?

7. Do not generate ID numbers yourself. Use an AUTO_INCREMENT.

8a.

$result1 = mysql_query("SELECT * FROM leaders");

$result1 is a resultset resource. It is not a row from the query, so

$id = $result1['id'];

will not work.

8b. You need a loop there if you want the user to be friends with every leader.

9. Don't use "Yes" for a true/false column. Use a TINYINT(1) and 1/0/true/false.

10.

$password  	= mysql_real_escape_string(strip_tags(sha1($_POST['password'])));

Because you SHA1ed the password, it will never have HTML tags and will always be SQL safe. Those two functions are doing nothing for you.

11a. If you're setting $_SESSION values before redirecting, call session_write_close in between to be safe.

11b. Always exit; or die; after a header() redirect.

Link to comment
https://forums.phpfreaks.com/topic/248127-output-problem/#findComment-1274153
Share on other sites

<?php
session_start();
    include("global-settings.php");
    mysql_connect($dbhost, $dbuser, $dbpass)or die("Could Not Connect: " . mysql_error());
    mysql_select_db($dbname) or die(mysql_error());
    $email      = mysql_real_escape_string(strip_tags($_POST['email']));
    $password  	= sha1($_POST['password']);
    $result  	= mysql_query("SELECT * FROM users");

while ($row = mysql_fetch_array($result)) {
if ($row['email'] == $email && $row['password'] == $password) { 
        $_SESSION['myid'] = $row['id'];
	echo "logged in";
    } else {
        $date = date("Y/m/d");
	$id = $row['id'];
        mysql_query("INSERT INTO users (email, password, datetime_registered, is_leader) 
        	VALUES('$email', '$password', '$date', 'no')") or die(mysql_error());
	mysql_query("INSERT IGNORE INTO friends (node1id, node2id, is_leader, friends_since, friend_type)
		VALUES('$id', '$userid_generator', 'Yes', '$date', 'full')") or die(mysql_error());
	$_SESSION['myid'] = $row['id'];
	echo "new user created";
	}
    }
?>

 

Still no output. Although when I echo something at the end of the script, it outputs. But nothing outputs when the if statements are run.

Link to comment
https://forums.phpfreaks.com/topic/248127-output-problem/#findComment-1274189
Share on other sites

session_start();

include("global-settings.php");
mysql_connect($dbhost, $dbuser, $dbpass) or die("Could not connect to the database.");
mysql_select_db($dbname) or die("Could not connect to the database.");

$email = mysql_real_escape_string(strip_tags($_POST["email"]));
$password = sha1($_POST["password"]);
$result = mysql_query("SELECT * FROM users WHERE username = '{$email}' AND password = '{$password}'");

if (mysql_num_rows($result) > 0) {
$row = mysql_fetch_array($result);
$_SESSION["myid"] = $row["id"];
echo "logged in";
} else {
mysql_query("INSERT INTO users (email, password, datetime_registered, is_leader) VALUES ('{$email}', '{$password}', NOW(), 'no')");
$id = mysql_insert_id();
mysql_query("
	INSERT IGNORE INTO friends (node1id, node2id, is_leader, friends_since, friend_type)
	SELECT id, {$id}, 'Yes', NOW(), 'full'
	FROM users WHERE is_leader = 'Yes'
");

$_SESSION["myid"] = $id;
echo "new user created and logged in";
}

// session_write_close();
// header("Location: ../protected/home.php");
// exit;

?>

Link to comment
https://forums.phpfreaks.com/topic/248127-output-problem/#findComment-1274192
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.