jimmi8 Posted April 29, 2007 Share Posted April 29, 2007 hi, im having this problem. Ive been running a system locally on my machine for a while now whilst ive been developin it. I has a login script. Im just starting to put the system live and im having problems. I think the problem may come from the fact that my local setup is php 4.3 with mysql 3 and my live system is php 5 with mysql 5 but i dont see why! Heres my login script: PHP Code: <?php if (isset($_POST['submit'])) { // Handle the form. require_once ('mysql_connect.php'); // Connect to the db. // Create a function for escaping the data. function escape_data ($data) { global $dbc; // Need the connection. if (ini_get('magic_quotes_gpc')) { $data = stripslashes($data); } return mysql_real_escape_string($data, $dbc); } // End of function. $message = NULL; // Create an empty new variable. // Check for a username. if (empty($_POST['username'])) { $u = FALSE; $message .= '<p class="error">You forgot to enter your username!</p>'; } else { $u = escape_data($_POST['username']); } // Check for a password. if (empty($_POST['password'])) { $p = FALSE; $message .= '<p class="error">You forgot to enter your password!</p>'; } else { $p = escape_data($_POST['password']); } if ($u && $p) { // If everything's OK. echo $u; echo $p; // Retrieve the user_id and first_name for that username/password combination. $query = "SELECT user_id, first_name FROM users_home WHERE username='$u' AND password=PASSWORD('$p')"; $result = @mysql_query ($query); // Run the query. $row = mysql_fetch_array ($result); // Return a record, if applicable. if ($row) { // A record was pulled from the database. // Start the session session_start(); $_SESSION['user_id'] = $row['user_id']; $_SESSION['first_name'] = $row['first_name']; $_SESSION['timestamp'] = time(); require_once ('mysql_connect.php'); // Connect to the db. $sql = ('SELECT timestamp FROM userlog WHERE user_id = ' .$_SESSION['user_id']. ' ORDER BY timestamp DESC LIMIT 1,1'); $query = mysql_query($sql); $_SESSION['lastlogin'] = $row['timestamp']; $sql = ('INSERT INTO userlog (userlog_id, user_id, timestamp) VALUES (NULL, '.$_SESSION['user_id'].', '.$_SESSION['timestamp'].''); $query = mysql_query($sql); header ("Location: http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . "/home.php"); } else { // No record matched the query. $message = '<p class="error">Im sorry, do we know you?</p>'; } mysql_close(); // Close the database connection. } else { $message .= '<p class="error">Please try again.</p>'; } } // End of the main Submit conditional. // Set the page title and include the HTML header. $page_title = 'Login'; // Print the error message if there is one. if (isset($message)) { echo '<font color="red">', $message, '</font>'; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=windows-1250"> <title>BOUDAKI-LOGIN</title> <style type="text/css"> * {font-family: "Courier New", Courier, mono; font-size: 100%; color: #000000 ; margin: 0; font-weight: bold;} input { border: 3px solid #000; margin: 7px 0 7px 0; padding: 2px; } input.submit { background-color: #fff; } #container { margin: 100px auto; width: 200px; text-align: left; } p.error { margin: 30px 0 0 20px; } #container img { margin: 0 0 15px 45px; } form { margin-left: 0px; </style> </head> <body> <div id="container"> <img src="images/face.gif" /> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> <p>Username</p><p><input type="text" class="text" name="username" size="20" maxlength="20" value="<?php if (isset($_POST['username'])) echo $_POST['username']; ?>" /></p> <p>Password</p><p><input type="password" class="text" name="password" size="20" maxlength="20" /></p> <input type="submit" class="submit" name="submit" value="Login" /> </div> </fieldset></form> </body> </html><!-- End of Form --> Now ive manually input users details in to my db using php my admin with the following query: INSERT INTO users_home (user_id,username,first_name,last_name,email,password,registration_date) VALUES ('user_01', 'james', 'smith', '[email protected]', PASSWORD('12345'), NOW() ) now when i try to login using the correct login username and password i get a Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in /websites/path_to_site/index.php on line 42 ( which is the mysql_fetch_array line. When the query is run in phpmyadmin i also dont get any results although the record is def there.... I thought it may be something to do with the PASSWORD field. Its set to VARCHAR(41) which is right as far as i know and when i check the db the password is encrypted correctly....so when i did this query to narrow it down a bit: SELECT user_id, first_name FROM users_home WHERE username='$u' i still didnt get any rows back. Could anyone think of anything it might be? Im just all out of ideas? Link to comment https://forums.phpfreaks.com/topic/49173-why-wont-this-login-script-work-different-versions-oh-php-used/ Share on other sites More sharing options...
trq Posted April 29, 2007 Share Posted April 29, 2007 You are using the MySql PASSWORD function. If you read the manual entry for this function you will find that it should NOT be used within client code as it is incompatible between MySql versions. It is intended to be used internally by MySql. To encrypt your passwords, use php's md5 function instead. Link to comment https://forums.phpfreaks.com/topic/49173-why-wont-this-login-script-work-different-versions-oh-php-used/#findComment-241017 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.