Foser Posted June 22, 2007 Share Posted June 22, 2007 <?php include("config.php"); $user = $_POST['user']; $pw = md5(sha1(md5(md5($_POST['pw'])))); mysql_fetch_assoc(mysql_query("SELECT password FROM user_info WHERE username = $user")); if ($pw == $user_info['password']){ mysql_fetch_assoc(mysql_query("SELECT rights FROM user_info WHERE username = $user")); echo "You are now logged in as a $user_info['rights']."; } // this is line 11 else { echo "You have typed in an incorrect password or/and username. Please try again."; } ?> The error I get is : Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in C:\WAMP\www\Tutorials\PHP_MYSQL\Simple_MySQL\Login\login.php on line 11 thanks, im not sure if i am doing the mysql fetch assoc correctly. Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/ Share on other sites More sharing options...
suma237 Posted June 22, 2007 Share Posted June 22, 2007 Try this Line 11:echo "You are now logged in as a $user_info[rights]."; Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-279948 Share on other sites More sharing options...
Foser Posted June 22, 2007 Author Share Posted June 22, 2007 Ok i've done that but now I get Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in C:\WAMP\www\Tutorials\PHP_MYSQL\Simple_MySQL\Login\login.php on line 7 also I have typed in correct password and user, and it says under the error that my info is not correct. Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-279951 Share on other sites More sharing options...
suma237 Posted June 22, 2007 Share Posted June 22, 2007 you can use fetcharray & while loop instead of mysql_fetch_assoc. Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-279981 Share on other sites More sharing options...
Foser Posted June 22, 2007 Author Share Posted June 22, 2007 how will i know which one is [1] or which one is [0] and so on? Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280000 Share on other sites More sharing options...
Foser Posted June 22, 2007 Author Share Posted June 22, 2007 I have modiied asp_tags to on in my php.ini, but still has the same problem. Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280021 Share on other sites More sharing options...
Illusion Posted June 22, 2007 Share Posted June 22, 2007 mysql_fetch_assoc(mysql_query("SELECT password FROM user_info WHERE username = $user")); mysql_fetch_assoc(mysql_query("SELECT rights FROM user_info WHERE username = $user")); Replace with mysql_fetch_assoc(mysql_query("SELECT password FROM user_info WHERE username = '$user'")); mysql_fetch_assoc(mysql_query("SELECT rights FROM user_info WHERE username = '$user'")); better you use die() wherever it is appropriate. Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280023 Share on other sites More sharing options...
Foser Posted June 22, 2007 Author Share Posted June 22, 2007 awesome works thanks a lot illusion. Now my issue is that it says my account info is not good, when it is correct... Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280042 Share on other sites More sharing options...
Illusion Posted June 22, 2007 Share Posted June 22, 2007 Now my issue is that it says my account info is not good, when it is correct... I didn't get you. Can you be more specific. Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280045 Share on other sites More sharing options...
Foser Posted June 22, 2007 Author Share Posted June 22, 2007 Well, Let say I register the name "Dog" as username and "test" as my password for example, i will try to log in with this information and it will not work. Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280049 Share on other sites More sharing options...
Illusion Posted June 22, 2007 Share Posted June 22, 2007 It all depends on how you entered the password in the database table. Here you have used encryption functions on password. Did you used the same while entering into the database. Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280051 Share on other sites More sharing options...
Foser Posted June 22, 2007 Author Share Posted June 22, 2007 Yes I have here is my registration code. <?php require("config.php"); //user data $username = mysql_real_escape_string($_POST['username']); $email = mysql_real_escape_string($_POST['mail']); $password = md5(sha1(md5(md5($_POST['pw'])))); $rights = "user"; $check_user = mysql_query("SELECT user FROM user_info WHERE user = '$username'"); $check_email = mysql_query("SELECT email FROM user_info WHERE email = '$email'"); if ($username > 0 ) { echo "This username has already been taken.<br>";} if ($email > 0 ){ echo "This E-mail has already been registered.<br>.";} else { $qu = "INSERT INTO user_info (username, email, password, rights) VALUES('$username', '$email', '$password', '$rights')"; mysql_query($qu); echo "You are now registered, you may now login.<br>"; echo "<a href=\"index.php\">Click Here To Go To The Login Page </a>"; } ?> Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280064 Share on other sites More sharing options...
Foser Posted June 22, 2007 Author Share Posted June 22, 2007 can it be because I put the mysql_real_escape_string()? Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280109 Share on other sites More sharing options...
Foser Posted June 22, 2007 Author Share Posted June 22, 2007 I checked with mysql_real_escape_string() and still does not work! Ill put both scripts in one page <?php // registration require("config.php"); //user data $username = mysql_real_escape_string($_POST['username']); $email = mysql_real_escape_string($_POST['mail']); $password = md5(sha1(md5(md5($_POST['pw'])))); $rights = "user"; $check_user = mysql_query("SELECT user FROM user_info WHERE user = '$username'"); $check_email = mysql_query("SELECT email FROM user_info WHERE email = '$email'"); if ($username > 0 ) { echo "This username has already been taken.<br>";} if ($email > 0 ){ echo "This E-mail has already been registered.<br>.";} else { $qu = "INSERT INTO user_info (username, email, password, rights) VALUES('$username', '$email', '$password', '$rights')"; mysql_query($qu); echo "You are now registered, you may now login.<br>"; echo "<a href=\"index.php\">Click Here To Go To The Login Page </a>"; } ?> //login <?php require("config.php"); $user = mysql_real_escape_string($_POST['user']); $pw = md5(sha1(md5(md5($_POST['pw'])))); mysql_fetch_assoc(mysql_query("SELECT password FROM user_info WHERE username = '$user'")) or die(mysql_error()); if ($pw == $user_info['password']){ mysql_fetch_assoc(mysql_query("SELECT rights FROM user_info WHERE username = '$user'")); echo "You are now logged in as a $user_info[rights]."; } else { echo "You have typed in an incorrect password or/and username. Please try again."; } ?> Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280214 Share on other sites More sharing options...
Foser Posted June 23, 2007 Author Share Posted June 23, 2007 I checked with mysql_real_escape_string() and still does not work! Ill put both scripts in one page <?php // registration require("config.php"); //user data $username = mysql_real_escape_string($_POST['username']); $email = mysql_real_escape_string($_POST['mail']); $password = md5(sha1(md5(md5($_POST['pw'])))); $rights = "user"; $check_user = mysql_query("SELECT user FROM user_info WHERE user = '$username'"); $check_email = mysql_query("SELECT email FROM user_info WHERE email = '$email'"); if ($username > 0 ) { echo "This username has already been taken.<br>";} if ($email > 0 ){ echo "This E-mail has already been registered.<br>.";} else { $qu = "INSERT INTO user_info (username, email, password, rights) VALUES('$username', '$email', '$password', '$rights')"; mysql_query($qu); echo "You are now registered, you may now login.<br>"; echo "<a href=\"index.php\">Click Here To Go To The Login Page </a>"; } ?> //login <?php require("config.php"); $user = mysql_real_escape_string($_POST['user']); $pw = md5(sha1(md5(md5($_POST['pw'])))); mysql_fetch_assoc(mysql_query("SELECT password FROM user_info WHERE username = '$user'")) or die(mysql_error()); if ($pw == $user_info['password']){ mysql_fetch_assoc(mysql_query("SELECT rights FROM user_info WHERE username = '$user'")); echo "You are now logged in as a $user_info[rights]."; } else { echo "You have typed in an incorrect password or/and username. Please try again."; } ?> bump Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280649 Share on other sites More sharing options...
mmarif4u Posted June 23, 2007 Share Posted June 23, 2007 It means u wana say that u still cannot login to ur system using correct password and username. Am i right to get ur point. Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280659 Share on other sites More sharing options...
DanDaBeginner Posted June 23, 2007 Share Posted June 23, 2007 try to echo the $pw after logging in and see the data in your dbase and check if they are the same - what was the data type of your password in your table? Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280673 Share on other sites More sharing options...
Foser Posted June 23, 2007 Author Share Posted June 23, 2007 my password was put to varchar Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280746 Share on other sites More sharing options...
Foser Posted June 23, 2007 Author Share Posted June 23, 2007 It means u wana say that u still cannot login to ur system using correct password and username. Am i right to get ur point. and yes, i am logging in wit the correct data and still execute the else statement not the if. Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280749 Share on other sites More sharing options...
mmarif4u Posted June 23, 2007 Share Posted June 23, 2007 When u try to login with correct username and password what msg u get. Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280753 Share on other sites More sharing options...
Foser Posted June 23, 2007 Author Share Posted June 23, 2007 I get my else statement. //login <?php require("config.php"); $user = mysql_real_escape_string($_POST['user']); $pw = md5(sha1(md5(md5($_POST['pw'])))); mysql_fetch_assoc(mysql_query("SELECT password FROM user_info WHERE username = '$user'")) or die(mysql_error()); if ($pw == $user_info['password']){ mysql_fetch_assoc(mysql_query("SELECT rights FROM user_info WHERE username = '$user'")); echo "You are now logged in as a $user_info[rights]."; } else { echo "You have typed in an incorrect password or/and username. Please try again."; } ?> I get: You have typed in an incorrect password or/and username. Please try again. Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280776 Share on other sites More sharing options...
mmarif4u Posted June 23, 2007 Share Posted June 23, 2007 $pw = md5(sha1(md5(md5($_POST['pw'])))); R u save ur pass order in this way. Check ur code where u register a user. Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280782 Share on other sites More sharing options...
Foser Posted June 23, 2007 Author Share Posted June 23, 2007 <?php // registration require("config.php"); //user data $username = mysql_real_escape_string($_POST['username']); $email = mysql_real_escape_string($_POST['mail']); $password = md5(sha1(md5(md5($_POST['pw'])))); $rights = "user"; $check_user = mysql_query("SELECT user FROM user_info WHERE user = '$username'"); $check_email = mysql_query("SELECT email FROM user_info WHERE email = '$email'"); if ($username > 0 ) { echo "This username has already been taken.<br>";} if ($email > 0 ){ echo "This E-mail has already been registered.<br>.";} else { $qu = "INSERT INTO user_info (username, email, password, rights) VALUES('$username', '$email', '$password', '$rights')"; mysql_query($qu); echo "You are now registered, you may now login.<br>"; echo "<a href=\"index.php\">Click Here To Go To The Login Page </a>"; } ?> This is my registration code...I believe it is suited for the login too. Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280783 Share on other sites More sharing options...
mmarif4u Posted June 23, 2007 Share Posted June 23, 2007 try this query in ur login script. ("SELECT md5(sha1(md5(md5(password))) FROM user_info WHERE username = '$user'") Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280785 Share on other sites More sharing options...
Foser Posted June 23, 2007 Author Share Posted June 23, 2007 nop, I still have the same problem after applying that. Link to comment https://forums.phpfreaks.com/topic/56674-login-code-issues-mysql_fetch_assoc/#findComment-280791 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.