franknu Posted May 25, 2007 Share Posted May 25, 2007 Ok I have this code that the user use to login the problem that i am having is that is showing the html page when the user name and password dont match it is sayig username and/or password not found. Try again? but right under is show all the whole page i want to stop right after i says: username and/or password not found. Try again? here is my code if ( isset($_POST['User_Name']) && isset($_POST['Password']) ) { $query = "SELECT * FROM business_info where User_Name='$User_Name' AND `Password`='$Password'"; } if ($result = mysql_query($query)) { if (mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); $BusinessName= $row['BusinessName']; $Keyword = $row['Keyword']; $Picture1 = $row['Picture1']; $Headline = $row['Headline']; $Slogan =$row['Slogan']; $Slogan2 = $row['Slogan2']; $Description1 =$row['Description1']; $Description2 = $row['Description2']; $Description3= $row['Description3']; $Contact2 = $row['Contact2']; $Picture2 = $row['Picture2']; $Picture3 = $row['Picture3']; $Categories=$row['Categories']; $Business_Address= $row['Business_Address']; $make=$row['make']; $type=$row['type']; $Tel= $row['Tel']; $Website=$row['Website']; } else { echo "<p><b>username and/or password not found. Try again? </b></p>"; } } else { echo "Query failed<br />$query<br />". mysql_error(); exit; } ?> <? echo' <table width="504" border="1" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC"> <tr> <td width="494"><table width="497" border="0"> <tr> <td width="487">Banner</td> </tr> <tr> <td background="fondo2.jpg">Welcome Business Name </td> </tr> Quote Link to comment https://forums.phpfreaks.com/topic/52987-login-in/ Share on other sites More sharing options...
kernelgpf Posted May 25, 2007 Share Posted May 25, 2007 Use this code- if ( isset($_POST['User_Name']) && isset($_POST['Password']) ) { $query = "SELECT * FROM business_info where User_Name='$User_Name' AND `Password`='$Password'"; } if ($result = mysql_query($query)) { if (mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); $BusinessName= $row['BusinessName']; $Keyword = $row['Keyword']; $Picture1 = $row['Picture1']; $Headline = $row['Headline']; $Slogan =$row['Slogan']; $Slogan2 = $row['Slogan2']; $Description1 =$row['Description1']; $Description2 = $row['Description2']; $Description3= $row['Description3']; $Contact2 = $row['Contact2']; $Picture2 = $row['Picture2']; $Picture3 = $row['Picture3']; $Categories=$row['Categories']; $Business_Address= $row['Business_Address']; $make=$row['make']; $type=$row['type']; $Tel= $row['Tel']; $Website=$row['Website']; } else { echo "<p><b>username and/or password not found. Try again? </b></p>"; exit; } } else { echo "Query failed<br />$query<br />". mysql_error(); exit; } ?> <? echo' <table width="504" border="1" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC"> <tr> <td width="494"><table width="497" border="0"> <tr> <td width="487">Banner</td> </tr> <tr> <td background="fondo2.jpg">Welcome Business Name </td> </tr> Quote Link to comment https://forums.phpfreaks.com/topic/52987-login-in/#findComment-261747 Share on other sites More sharing options...
franknu Posted May 25, 2007 Author Share Posted May 25, 2007 that one works, i just cant understand what is the diffrent can u explain if u dont mind in case i get the same problem in the future Quote Link to comment https://forums.phpfreaks.com/topic/52987-login-in/#findComment-261767 Share on other sites More sharing options...
jamina1 Posted May 25, 2007 Share Posted May 25, 2007 that one works, i just cant understand what is the diffrent can u explain if u dont mind in case i get the same problem in the future He added an exit; after the Try Again? statement. That's the only difference. Quote Link to comment https://forums.phpfreaks.com/topic/52987-login-in/#findComment-261770 Share on other sites More sharing options...
per1os Posted May 25, 2007 Share Posted May 25, 2007 Just a side note, your code assumes "Register Globals" is on, if you do not already know that is bad. I would change the sql statement to be this: <?php if ( isset($_POST['User_Name']) && isset($_POST['Password']) ) { $query = "SELECT * FROM business_info where User_Name='".$_POST['User_Name']."' AND `Password`='".$_POST['Password']."'"; } if ($result = mysql_query($query)) { if (mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); $BusinessName= $row['BusinessName']; $Keyword = $row['Keyword']; $Picture1 = $row['Picture1']; $Headline = $row['Headline']; $Slogan =$row['Slogan']; $Slogan2 = $row['Slogan2']; $Description1 =$row['Description1']; $Description2 = $row['Description2']; $Description3= $row['Description3']; $Contact2 = $row['Contact2']; $Picture2 = $row['Picture2']; $Picture3 = $row['Picture3']; $Categories=$row['Categories']; $Business_Address= $row['Business_Address']; $make=$row['make']; $type=$row['type']; $Tel= $row['Tel']; $Website=$row['Website']; } else { echo "<p><b>username and/or password not found. Try again? </b></p>"; exit; } } else { echo "Query failed<br />$query<br />". mysql_error(); exit; } ?> <? echo' <table width="504" border="1" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC"> <tr> <td width="494"><table width="497" border="0"> <tr> <td width="487">Banner</td> </tr> <tr> <td background="fondo2.jpg">Welcome Business Name </td> </tr> Since you were already checking if the post data was isset, why deviate away from using it, espcially when that can be a huge headache if someone decides to turn off (which it should be off) register_globals. Quote Link to comment https://forums.phpfreaks.com/topic/52987-login-in/#findComment-261777 Share on other sites More sharing options...
franknu Posted May 25, 2007 Author Share Posted May 25, 2007 Ok, I am having Some issues now, My main problem now is that it is not selecting from database. Meaning it is not display the value from the database when i ask it to do so. here is partial part of the codes $db = mysql_connect($host, $username, $password) or die(mysql_error()); mysql_select_db($database) or die(mysql_error()); $BusinessName = (isset($_POST['BusinessName']) ? $_POST['BusinessName'] : ''); $Slogan = (isset($_POST['Slogan']) ? $_POST['Slogan']:''); $Business_Address = (isset($_POST['Business_Address']) ? $_POST['Business_Address']:''); $Tel = (isset($_POST['Tel']) ? $_POST['Tel']:''); $Website = (isset($_POST['Website']) ? $_POST['Website']:''); $Email = (isset($_POST['Email']) ? $_POST['Email']:''); $Member_Status = (isset($_POST['Member_Status']) ? $_POST['Member_Status']:''); $Fax =(isset($_POST['Fax']) ? $_POST['Fax']:''); $type = (isset($_POST['type']) ? $_POST['type']:''); $make = (isset($_POST['make']) ? $_POST['make']:''); $Categories = (isset($_POST['Categories']) ? $_POST['Categories']:''); $Keyword = (isset($_POST['Keyword']) ? $_POST['Keyword']:''); $Picture1 = (isset($_POST['Picture1']) ? $_POST['Picture1']:''); $Headline = (isset($_POST['Headline']) ? $_POST['Headline']:''); $Slogan2 = (isset($_POST['Slogan2']) ? $_POST['Slogan2']:''); $Description1 = (isset($_POST['Description1']) ? $_POST['Description1']:''); $Description2 = (isset($_POST['Description2']) ? $_POST['Description2']:''); $Description3= (isset($_POST['Description3']) ? $_POST['Description3']:''); $Contact2 = (isset($_POST['Contact2']) ? $_POST['Contact2']:''); $Picture2 = (isset($_POST['Picture2']) ? $_POST['Picture2']:''); $Picture3 = (isset($_POST['Picture3']) ? $_POST['Picture3']:''); $Picture4 = (isset($_POST['Picture4']) ? $_POST['Picture4']:''); $User_Name = (isset($_POST['User_Name']) ? $_POST['User_Name']:''); $Password = (isset($_POST['Password']) ? $_POST['Password']: ''); $User_Name=strtolower($_POST['User_Name']); $Password=strtolower($_POST['Password']); if ( isset($_POST['User_Name']) && isset($_POST['Password']) ) { $query = "SELECT * FROM business_info where User_Name='".$_POST['User_Name']."' AND `Password`='".$_POST['Password']."'"; } if ($result = mysql_query($query)) { if (mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); $BusinessName= $row['BusinessName']; $Keyword = $row['Keyword']; $Picture1 = $row['Picture1']; $Headline = $row['Headline']; $Slogan =$row['Slogan']; $Slogan2 = $row['Slogan2']; $Description1 =$row['Description1']; $Description2 = $row['Description2']; $Description3= $row['Description3']; $Contact2 = $row['Contact2']; $Picture2 = $row['Picture2']; $Picture3 = $row['Picture3']; $Categories=$row['Categories']; $Business_Address= $row['Business_Address']; $make=$row['make']; $type=$row['type']; $Tel= $row['Tel']; $Website=$row['Website']; } else { echo "<p><b>username and/or password not found. Try again? </b></p>"; exit; } } else { echo "Query failed<br />$query<br />". mysql_error(); exit; } ?> <? echo' <table width="504" border="1" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC"> <tr> <td width="494"><table width="497" border="0"> <tr> <td width="487">Banner</td> </tr> <tr> // like this line down here should display name from database INSTEAD Is displayin (Welcome $BusinessName ) <td background="fondo2.jpg">Welcome $BusinessName </td> </tr> <tr> <td><table width="480" border="0"> <tr> Quote Link to comment https://forums.phpfreaks.com/topic/52987-login-in/#findComment-261788 Share on other sites More sharing options...
franknu Posted May 25, 2007 Author Share Posted May 25, 2007 i really dont understand why this is not selecting from database Quote Link to comment https://forums.phpfreaks.com/topic/52987-login-in/#findComment-261831 Share on other sites More sharing options...
per1os Posted May 25, 2007 Share Posted May 25, 2007 That would of been very useful information for when you first showed us the code, the top section with the variable declarations. This should work: <?php $db = mysql_connect($host, $username, $password) or die(mysql_error()); mysql_select_db($database) or die(mysql_error()); $BusinessName = (isset($_POST['BusinessName']) ? $_POST['BusinessName'] : ''); $Slogan = (isset($_POST['Slogan']) ? $_POST['Slogan']:''); $Business_Address = (isset($_POST['Business_Address']) ? $_POST['Business_Address']:''); $Tel = (isset($_POST['Tel']) ? $_POST['Tel']:''); $Website = (isset($_POST['Website']) ? $_POST['Website']:''); $Email = (isset($_POST['Email']) ? $_POST['Email']:''); $Member_Status = (isset($_POST['Member_Status']) ? $_POST['Member_Status']:''); $Fax =(isset($_POST['Fax']) ? $_POST['Fax']:''); $type = (isset($_POST['type']) ? $_POST['type']:''); $make = (isset($_POST['make']) ? $_POST['make']:''); $Categories = (isset($_POST['Categories']) ? $_POST['Categories']:''); $Keyword = (isset($_POST['Keyword']) ? $_POST['Keyword']:''); $Picture1 = (isset($_POST['Picture1']) ? $_POST['Picture1']:''); $Headline = (isset($_POST['Headline']) ? $_POST['Headline']:''); $Slogan2 = (isset($_POST['Slogan2']) ? $_POST['Slogan2']:''); $Description1 = (isset($_POST['Description1']) ? $_POST['Description1']:''); $Description2 = (isset($_POST['Description2']) ? $_POST['Description2']:''); $Description3= (isset($_POST['Description3']) ? $_POST['Description3']:''); $Contact2 = (isset($_POST['Contact2']) ? $_POST['Contact2']:''); $Picture2 = (isset($_POST['Picture2']) ? $_POST['Picture2']:''); $Picture3 = (isset($_POST['Picture3']) ? $_POST['Picture3']:''); $Picture4 = (isset($_POST['Picture4']) ? $_POST['Picture4']:''); $User_Name = (isset($_POST['User_Name']) ? $_POST['User_Name']:''); $Password = (isset($_POST['Password']) ? $_POST['Password']: ''); $User_Name=strtolower($_POST['User_Name']); $Password=strtolower($_POST['Password']); if ( isset($_POST['User_Name']) && isset($_POST['Password']) ) { $query = "SELECT * FROM business_info where User_Name='$User_Name' AND `Password`='$Password'"; } if ($result = mysql_query($query)) { if (mysql_num_rows($result)) { $row = mysql_fetch_assoc($result); $BusinessName= $row['BusinessName']; $Keyword = $row['Keyword']; $Picture1 = $row['Picture1']; $Headline = $row['Headline']; $Slogan =$row['Slogan']; $Slogan2 = $row['Slogan2']; $Description1 =$row['Description1']; $Description2 = $row['Description2']; $Description3= $row['Description3']; $Contact2 = $row['Contact2']; $Picture2 = $row['Picture2']; $Picture3 = $row['Picture3']; $Categories=$row['Categories']; $Business_Address= $row['Business_Address']; $make=$row['make']; $type=$row['type']; $Tel= $row['Tel']; $Website=$row['Website']; } else { echo "<p><b>username and/or password not found. Try again? </b></p>"; exit; } } else { echo "Query failed<br />$query<br />". mysql_error(); exit; } ?> <? echo' <table width="504" border="1" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC"> <tr> <td width="494"><table width="497" border="0"> <tr> <td width="487">Banner</td> </tr> <tr> // like this line down here should display name from database INSTEAD Is displayin (Welcome $BusinessName ) <td background="fondo2.jpg">Welcome $BusinessName </td> </tr> <tr> <td><table width="480" border="0"> <tr> With the code I saw above you were not explicity defining the username and password. Now that you are it is ok to use that in the query. Quote Link to comment https://forums.phpfreaks.com/topic/52987-login-in/#findComment-261836 Share on other sites More sharing options...
franknu Posted May 25, 2007 Author Share Posted May 25, 2007 well, i just copy and paste that one and nothing happends Quote Link to comment https://forums.phpfreaks.com/topic/52987-login-in/#findComment-261839 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.