dancojocaru2000 Posted July 24, 2015 Share Posted July 24, 2015 Hello! I wrote the folowing script. It basically sends a HTML 401 Unauthorized error that displays a login box. After that it collects the info an does the login stuff that a form does. Now, here comes the problems: In both Access and MySQL connections method (basically only the method to connect is different because both use SQL, just one is a file and other is a server) I get this error: Fatal error: Call to a member function fetch() on boolean in C:\xampp\htdocs\login.php on line 66 Here is the file: <?php error_reporting(E_ALL); ini_set('display_errors', '1'); session_start(); if (!isset($_SERVER['PHP_AUTH_USER'])) { header('WWW-Authenticate: Basic realm="Login to Bitcoin Double Machine, cancel to sign up"'); header('HTTP/1.0 401 Unauthorized'); //echo 'You canceled the login. Click <a href="test.php">here</a> to retry.'; echo "<script type='text/javascript'> var msg = \"LOGIN CANCELLED. PLEASE REFRESH OR SIGN UP\"; msg = \" ... \" + msg;pos = 0; function scrollTitle() { document.title = msg.substring(pos, msg.length) + msg.substring(0, pos); pos++; if (pos > msg.length) pos = 0 window.setTimeout(\"scrollTitle()\",300); } scrollTitle(); </script>"; echo "<h1>To sign up, use the button below</h1>"; echo "<a href=\"signup.php\" style=\"-webkit-appearance: button;-moz-appearance: button; appearance: button; text-decoration: none; color: initial\">Sign Up</a>"; echo "<br><br>"; echo "<iframe src=\"../401.php\" seamless style=\"width:100%;height:80%\"></iframe>"; unset($_SERVER['PHP_AUTH_USER']); unset($_SERVER['PHP_AUTH_PW']); exit; } else { #Connecting to database $dbFile = $_SERVER["DOCUMENT_ROOT"] . "/LOGINDATABASE.mdb"; if (!file_exists($dbFile)) { die("Database " . $dbFile . " not found! Please copy this error and report it through the contact page."); } else { echo "Database found. Searching for your user account. Please be patient."; } $db = new PDO("odbc:DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=$dbFile; Uid=; Pwd=;"); #Connected to database #Starting login script $user = $_SERVER['PHP_AUTH_USER']; $pass = $_SERVER['PHP_AUTH_PW']; #Clearing login box if user and pass are set so that a refresh would show the box again #NOT WORKING. HELP! #if (isset($user)) { # if (isset($pass)) { # unset($_SERVER['PHP_AUTH_USER']); # unset($_SERVER['PHP_AUTH_PW']); # } else { # die("Password not set. Copy this and sent it to site administrator through contact page."); # } #} else { # die("Username not set. Copy this and sent it to site administrator through contact page."); #} # #Starting database check for login details $sql = "SELECT *"; $sql .= " FROM Login"; $sql .= " WHERE userName = '" . $user . "'"; $sql .= " AND pass ='" . $pass . "'"; $result = $db->query($sql); while ($row = $result->fetch()) { if(!empty($row["Username"]) AND !empty($row["Password"])) { $_SESSION['user'] = $row["user"]; echo "Login Succefull!"; } else { echo "You entered wrong username and/or password. Please refresh this page to retry. It may be possible that your account doesn't exist. In this case, cancel the login box and sign up."; } } } ?> Also, if you can help me with the line 44-56 part, because it isn't working. (I commented it just to be sure it isn't the problem. Again, thank you for help! Quote Link to comment Share on other sites More sharing options...
Solution Ch0cu3r Posted July 24, 2015 Solution Share Posted July 24, 2015 You are getting that error because your query is failing, due to an error, to see what the error is you can use erroInfo. change line 65 to 78 to be $result = $db->query($sql); // check query did not fail (returns false on error) if($result) { while ($row = $result->fetch()) { if(!empty($row["Username"]) AND !empty($row["Password"])) { $_SESSION['user'] = $row["user"]; echo "Login Succefull!"; } else { echo "You entered wrong username and/or password. Please refresh this page to retry. It may be possible that your account doesn't exist. In this case, cancel the login box and sign up."; } } } // query failed else { $error = $db->erroInfo(); trigger_error('Unable to process login query. DB Error: ' . $error[2]); } Quote Link to comment Share on other sites More sharing options...
dancojocaru2000 Posted July 24, 2015 Author Share Posted July 24, 2015 (edited) Fatal error: Call to undefined method PDO::erroInfo() in C:\xampp\htdocs\login.php on line 86 There: $error = $db->erroInfo(); Edited July 24, 2015 by dancojocaru2000 Quote Link to comment Share on other sites More sharing options...
fastsol Posted July 24, 2015 Share Posted July 24, 2015 (edited) This is misspelled, missing a r $error = $db->erroInfo(); //Should be $error = $db->errorInfo(); Edited July 24, 2015 by fastsol Quote Link to comment Share on other sites More sharing options...
dancojocaru2000 Posted July 24, 2015 Author Share Posted July 24, 2015 Notice: Unable to process login query. DB Error: [Microsoft][ODBC Microsoft Access Driver] Too few parameters. Expected 1. (SQLExecute[-3010] at ext\pdo_odbc\odbc_stmt.c:254) in C:\xampp\htdocs\login.php on line 87 I suppose this is from database and not PHP related, but someone has the solution? Quote Link to comment Share on other sites More sharing options...
fastsol Posted July 24, 2015 Share Posted July 24, 2015 Do an echo on the $sql var and see if the query string looks correct. Quote Link to comment Share on other sites More sharing options...
dancojocaru2000 Posted July 24, 2015 Author Share Posted July 24, 2015 (edited) I'm completely messed up. I solved that error by gettion SQL to select only by the username and then if the passwords are the same (database and entered) it will do the rest. It looks like this: $sql = "SELECT * FROM Login WHERE Username = '" . $_SERVER['PHP_AUTH_USER'] . "'"; if($result) { while ($row = $result->fetch()) { echo $row['Password']; echo $_SERVER['PHP_AUTH_PW']; if(!empty($row["Username"]) AND !empty($row["Password"])) { if($_SERVER['PHP_AUTH_PW'] == $row["Password"]) { $_SESSION['user'] = $row["Username"]; echo "Login Succefull, " . $_SESSION['user'] . "!"; } else { die("<br>Wrong password!"); //THIS GETS ON THE SCREEN. };} else { echo "You entered wrong username and/or password. Please refresh this page to retry. It may be possible that your account doesn't exist. In this case, cancel the login box and sign up."; } } } // query failed else { $error = $db->errorInfo(); trigger_error('Unable to process login query. DB Error: ' . $error[2]); } } ?> I cutted unnecessary lines that are found above, in other replyes. The output: Database found. Searching for your user account. Please be patient. dan***srl dan***srl Wrong password! For testing,, the password is dan***srl. PLEASE TELL ME WHY IS IT WRONG PASSWORD IF THEY ARE THE SAME? I censored the passwords, in the entered field and database there are not any stars/asterisks. Edited July 24, 2015 by dancojocaru2000 Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted July 24, 2015 Share Posted July 24, 2015 Use var_dump to analyse the values correctly var_dump($_SERVER['PHP_AUTH_PW']); echo '<br />'; var_dump($row["Password"]); Whats the output now for the password values? Quote Link to comment Share on other sites More sharing options...
dancojocaru2000 Posted July 24, 2015 Author Share Posted July 24, 2015 (edited) string(9) "danu***rl" string(20) "danu***rl" Edited July 24, 2015 by dancojocaru2000 Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted July 24, 2015 Share Posted July 24, 2015 The passwords do not match because $row["Password"] contains 20 characters (11 of those being whitespace, non printable characters), whereas $_SERVER['PHP_AUTH_PW'] contains 9 characters. How are you adding the password to the database? Quote Link to comment Share on other sites More sharing options...
dancojocaru2000 Posted July 24, 2015 Author Share Posted July 24, 2015 I really don't even know. But how am I supposed to do here. Because if I set the database pass field to only 9 characters... Just tell me please how to make this show TRUE. Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted July 24, 2015 Share Posted July 24, 2015 As I said the problem is the password you have stored in the database has 20 characters, The password you had typed into the password field in the browser is only 9 characters. Therefore the passwords do not match. In order for the passwords to match they must be the same. If you are using the same password as when you added the password to the database, then there is likely an issue with the code that adds the password to the database, for some reason extra characters are being added your password. So can you tell us the code that adds the password to the database. Quote Link to comment Share on other sites More sharing options...
dancojocaru2000 Posted July 24, 2015 Author Share Posted July 24, 2015 (edited) I added it using MS Access. I don't know anything else... Is there a way to make the php script to add automatically the spaces needed to reach 20 characters? Edited July 24, 2015 by dancojocaru2000 Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted July 25, 2015 Share Posted July 25, 2015 What is the datatype for the password field in your database? Quote Link to comment Share on other sites More sharing options...
dancojocaru2000 Posted July 25, 2015 Author Share Posted July 25, 2015 In Access 2013 (or 2016 Preview) it is called Long text Quote Link to comment Share on other sites More sharing options...
dancojocaru2000 Posted July 25, 2015 Author Share Posted July 25, 2015 In Access 2013 (or 2016 Preview) it is called Long text. Is there a SQL command that shows it? (There is a almost hidden SQL command processor in Access) Quote Link to comment Share on other sites More sharing options...
dancojocaru2000 Posted July 25, 2015 Author Share Posted July 25, 2015 SOLVED IT! I SET IT TO SHORT TEXT. QUESTION SOLVED! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.