qqim Posted April 10, 2013 Share Posted April 10, 2013 Hi I'm not sure if I am in right place... I used some online code, adapted it to my site and it does not work!! I think it is a small problem, perhaps of the php file not getting the correct data from the form. Could somebody help me, as I am very new to this business? If affirmative I will paste the relevant code here Quote Link to comment Share on other sites More sharing options...
Love2c0de Posted April 10, 2013 Share Posted April 10, 2013 Welcome qqim, Sure, paste your code and we can take a look. Kind regards, L2c. Quote Link to comment Share on other sites More sharing options...
qqim Posted April 10, 2013 Author Share Posted April 10, 2013 You saved a dying man.... Thanks! I believe some code is a bit out of fashion, but right now all I want is to get it going. Later, I will look at ways of doing changes and making it safer. I expect you will need part of the code in the form, and information on the database. login.phpHTML document text <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html> <head> <title> New Document </title> <meta name="Generator" content="EditPlus"> <meta name="Author" content=""> <meta name="Keywords" content=""> <meta name="Description" content=""> </head> <body> <?php$host="localhost"; // Host name $username="pintotou_camilo"; // Mysql username $password="*******"; // Mysql password $db_name="pintotou_agents"; // Database name $tbl_name="Agents"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB");// username and password sent from form $user=$_POST['username']; $password=$_POST['password']; // To protect MySQL injection (more detail about MySQL injection) //$username = stripslashes($username); //$password = stripslashes($password); //$username = mysql_real_escape_string($username); //$password = mysql_real_escape_string($password);$sql="SELECT * FROM $tbl_name WHERE user='$user' and password='$password'"; $result=mysql_query($sql);// Mysql_num_row is counting table row $count=mysql_num_rows($result); // If result matched $user and $password, table row must be 1 rowif($count==1){// Register $username, $password and redirect to file "login_success.php"session_register("user");session_register("password"); header("/Pinto/login_success.php"); } else { echo "Wrong Username or Password, or you have not registered yet.<br> Please, go back and either reenter your login details, or press the register button"; } ?> </body></html> Quote Link to comment Share on other sites More sharing options...
qqim Posted April 10, 2013 Author Share Posted April 10, 2013 (edited) ...and this is the relevant code in the index.html which is in the root directory at the server The fields in the database table are called 'user' and 'password' <div class="loginarea"> <form method="post" action="./Pinto/login.php"> <div> <label for="IATA">IATA number or acceptance code *</label> <input name="IATA" id="username" type="text"> <label for="username">Username:</label> <input name="username" id="username" type="text"> <label for="password">Password:</label> <input name="password" id="password" type="password"> <input type="submit" value="Login"> <a href="#">Forgot Password?</a><br> <p> <a href="Pinto/form.php">Register</a> </p> </div> </form> </div> Edited April 10, 2013 by qqim Quote Link to comment Share on other sites More sharing options...
Love2c0de Posted April 10, 2013 Share Posted April 10, 2013 First thing I see is change this: mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); To this: mysql_connect($host, $username, $password)or die("cannot connect"); mysql_select_db($db_name)or die("cannot select DB"); because you are saving those values into variables, there is no need to put them within quotes. Run a print_r($_POST) statement at the top of the php script and what does it return? Kind regards, L2c. Quote Link to comment Share on other sites More sharing options...
qqim Posted April 10, 2013 Author Share Posted April 10, 2013 (edited) Hi I'm going to do that in a mom, but let me add that I placed echos at various places in the code anf they printed out on screen $sql="SELECT * FROM $tbl_name WHERE user='$user' and password='$password'"; $result=mysql_query($sql); echo "So far"; // Mysql_num_row is counting table row $count=mysql_num_rows($result); echo "so good"; Edited April 10, 2013 by qqim Quote Link to comment Share on other sites More sharing options...
qqim Posted April 10, 2013 Author Share Posted April 10, 2013 (edited) I changed and got a white page when I tried. earlier with the old code I used to get the echoes messag about wrong username and password. Tried to put the old code back on but, now I still get white page I've put an echo with your code and it worked up to there, I guess: $count=mysql_num_rows($result); echo "hello"; Edited April 10, 2013 by qqim Quote Link to comment Share on other sites More sharing options...
qqim Posted April 10, 2013 Author Share Posted April 10, 2013 (edited) I ran the print... but got a "Website cannot display the page". Did you mean placing it here, like this? <?php print_r($_POST) $host="localhost"; // Host name$username="pintotou_camilo"; // Mysql username Edited April 10, 2013 by qqim Quote Link to comment Share on other sites More sharing options...
qqim Posted April 10, 2013 Author Share Posted April 10, 2013 Does this make any diffrence, having just one dot before the forward slash? <form method="post" action="./Pinto/login.php"> <form method="post" action="./Pinto/login.php"> Quote Link to comment Share on other sites More sharing options...
qqim Posted April 10, 2013 Author Share Posted April 10, 2013 I tried to see again if it worked with the code you asked me to change and this time it went all the way and returned. However, somehow it is not recognizing that the user and password are the same. is it possible to firce the sript to echo the result of if($count==1) Wrong Username or Password, or you have not registered yet.Please, go back and either reenter your login details, or press the register button Quote Link to comment Share on other sites More sharing options...
qqim Posted April 10, 2013 Author Share Posted April 10, 2013 This is the part that's been worrying me all day, if I am not changing around the filed names. $sql="SELECT * FROM $tbl_name WHERE user='$user' and password='$password'";$result=mysql_query($sql); Quote Link to comment Share on other sites More sharing options...
qqim Posted April 10, 2013 Author Share Posted April 10, 2013 Well, I think we are getting somewhere. I came to the conclusion that you get the message about wrong userbane ab dpassword if they are actually wrong, but get a white page if they are correct. In that case, it looks as if it is working and the problem might be with the login_success.php Are you stll there? qim Quote Link to comment Share on other sites More sharing options...
qqim Posted April 10, 2013 Author Share Posted April 10, 2013 the problems seem to be in: a)session_register and related functions which appear to be deprecated b)in session register what is the 'user' supposed to be? c)$password seems to refer to the access to the database (mypassword) and to the visitor's password! d) the other php file has the same deprecated problems and same 'user' Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.