Jump to content

[SOLVED] alright i was wrong cant figure it out

thewooleymammoth

By thewooleymammoth
in PHP Coding Help

 Share

Recommended Posts

thewooleymammoth Advanced Member

thewooleymammoth

Posted
Posted 

<?php
$username="root";
$password="";
$database="userlist";
$table="login";
$user=$_POST['username'];
$userpass=$_POST['password'];
$connectmysql=mysql_connect('localhost',$username,$password) or die(mysql_error());
$selectdb=mysql_select_db($database) or die(mysql_error());
$query=mysql_query("SELECT*FROM $table WHERE username='$user'");
$result=mysql_fetch_assoc($query) or die('error');
$user2=$_COOKIE['auth'];
$makecookie=setcookie ('auth','$user');

if($_COOKIE['auth'])
  {
  echo "welcome $user2"; 
  }
  
elseif (!isset($_POST['loggedin']))
  {
  echo "<a>please login:</a><br>
  <form method='post'  action='index.php'>
  Username:<input type='text' name='username'><br>
  Password:<input type='text' name='password'><br>
  <input type='submit' name='loggedin' value='Log In'><br>
  <a href='resister.php'>Register here</a>";
  }

elseif (isset($_POST['loggedin']))
  {
  $connectmysql;
  $selectdb;
    if($user == $result['username'])
    {
      if($userpass == $result['password'])
      {
      $makecookie;
      echo "You have logged in succesfully";
      }
      elseif ($userpass != $result['password'])
      {
      echo "bad user/password combonation please try again.1";      
      }
    }
    elseif ($user !== $result['username'])
    {
    echo "bad user/password combonation please try again.2";
    }
  }

else
{
echo "error";
}
  ?>

 

i just get the "error" which means none of the conditions are met... and i dont see how its possible for none of them to be met... thanks

Link to comment
Share on other sites
roopurt18 Advanced Member

roopurt18

Posted
Posted

How do you know the string "error" that you're seeing is not from this line:

$result=mysql_fetch_assoc($query) or die('error');

 

You also have this line:

$makecookie=setcookie ('auth','$user');

You should probably drop the single quotes around the variable $user.

 

What are you trying to accomplish with the line:

$makecookie;

 

Also, you have spelled combination wrong.

Link to comment
Share on other sites
thewooleymammoth Advanced Member

thewooleymammoth

Posted
  • Author
Posted

ah thanks.. i am getting the error from the line.

$result=mysql_fetch_assoc($query) or die('error');

 

and originally i had something like this

elseif (isset($_POST['loggedin']))
  {
  $connectmysql;
  $selectdb;
    if($user == $result['username'])
    {
      if($userpass == $result['password'])
      {
      setcookie ('auth','$user');
      echo "You have logged in succesfully";
      }
      elseif ($userpass != $result['password'])
      {
      echo "bad user/password combonation please try again.1";      
      }
    }
    elseif ($user !== $result['username'])
    {
    echo "bad user/password combonation please try again.2";
    }

 

but it said it couldnt modify header or something like that, so i thought if i make it as a variable at the top of the page it might do it right... idk i was just expiramenting and left it. help with that would be apreciated also, but now i need to know why im getting an error from this line

 

$result=mysql_fetch_assoc($query) or die('error');

thanks again

Link to comment
Share on other sites
roopurt18 Advanced Member

roopurt18

Posted
Posted

Why don't you replace 'error' with mysql_error() and get some output that's actually useful.

 

Web servers will send what's called header information to a browser before any of the actual web page is sent.  Headers basically warn the browser what the content it's about to receive actually is.  For example, if the web server is sending a basic HTML file, it will warn the browser that the incoming content is of type text/html.  If instead the web server were about to send a PDF file, it would warn the browser that the incoming content is of type application/pdf so that the browser knows to open it with a PDF reader.  This is an oversimplified explanation.

 

The catch with headers is they must come before any of the actual page or document.  Certain PHP functions, set_cookie() being one of them, modify header information.  Therefore when you have any sort of echo, print, print_r, etc. statement and then call set_cookie, PHP is going to complain at you.

 

Now you tried to fix it by placing

$makecookie=setcookie ('auth','$user');

at the top of your script.  What this does is calls the function and stores the function's return value in a variable $makecookie.  This does not save the statement into a variable to be executed later; it calls the function immediately.  Therefore, in conjunction with your first if statement:

if($_COOKIE['auth'])

The cookie will always be set!  The way you have structured your code the first if block should always execute; that is how I knew it was your die() statement that was printing the "error" string.  It was impossible for your code to execute the other statement that outputs "error."

 

I suggest you read up a little more in the PHP manual about functions, return values, and how to make use of them.

 

As for the actual statement:

$makecookie=setcookie ('auth','$user');

This will set a cookie named auth with the value $user and not the contents of the variable $user.  For example, if $user holds the value "bob", the value of your cookie will not be "bob;" it will be "$user."

 

Variables are only replaced with their values inside of double quoted strings:

$makecookie=setcookie ('auth',"$user"); // Note the double quotes!

 

But since there is no other string inside the double quotes, why not just use the variable?

$makecookie=setcookie ('auth',$user); // No quotes

 

Now let's look at your line:

$makecookie;

 

Since $makecookie stores the result of a function call, in this case either true or false, this statement is equivalent to one of the following (depending on what the function returned)

  // this one
  true;

  // or this one
  false;

 

Both of them are valid PHP statements AFAIK, but neither does anything useful.

 

As for actually figuring out what's wrong with your code, here are some steps you can follow.  First, insert the following at the bottom of your file.  This function will allow you to dump useful information about your data.  After all, you know what the data should be, so make sure it's what you're expecting.

  function dbg_echo($val){
    echo '<pre style="text-align: left;">' . print_r($val, true)
       . '</pre>';
  }

 

Next, change the following:

$connectmysql=mysql_connect('localhost',$username,$password) or die(mysql_error());
$selectdb=mysql_select_db($database) or die(mysql_error());
$query=mysql_query("SELECT*FROM $table WHERE username='$user'");
$result=mysql_fetch_assoc($query) or die('error');

to

  // You do not need either the $connectmysql or $selectdb variables
  // you had.  You only need to save values in variables if you are
  // planning to use them again.  Your script makes use of neither.
  mysql_connect('localhost', $username, $password)
    or die("connect: " . mysql_error());
  mysql_select_db($database)
    or die("select_db: " . mysql_error());
  // Here you do need the $query value because you are planning
  // to use it
  $query = mysql_query("SELECT*FROM $table WHERE username='$user'")
    or die("select: " . mysql_error());
  $result = mysql_fetch_assoc($query);
  dbg_echo($result);

Link to comment
Share on other sites
thewooleymammoth Advanced Member

thewooleymammoth

Posted
  • Author
Posted

alright as far as i can tell i got the whole thing working... woot for me

 

im sure its not secure so if you feel like poking some holes in it now its fine with me. thanks again for all the help im off to the registration page! thanks again for the help. here was my final code.

<?php
$username="root";
$password="";
$database="userlist";
$table="login";
$connectmysql=mysql_connect('localhost',$username,$password) or die(mysql_error());
$selectdb=mysql_select_db($database) or die(mysql_error());
$user2=$_COOKIE['auth'];

if($_COOKIE['auth'])
  {
  echo "welcome $user2"; 
  }
  
elseif (!isset($_POST['loggedin']))
  {
  echo "<a>please login:</a><br>
  <form method='post'  action='index.php'>
  Username:<input type='text' name='username'><br>
  Password:<input type='text' name='password'><br>
  <input type='submit' name='loggedin' value='Log In'><br>
  <a href='resister.php'>Register here</a>";
  }

elseif (isset($_POST['loggedin']))
  {
  $user=$_POST['username'];
  $userpass=$_POST['password'];
  $query=mysql_query("SELECT*FROM $table WHERE username='$user'") or die(mysql_error());
  $result=mysql_fetch_assoc($query) or die(error1);
  $connectmysql;
  $selectdb;
    if($user == $result['username'])
    {
      if($userpass == $result['password'])
      {
      setcookie ('auth', $user);
      echo "You have logged in succesfully";
      }
      elseif ($userpass != $result['password'])
      {
      echo "bad user/password combanation please try again.1";      
      }
    }
    elseif ($user !== $result['username'])
    {
    echo "bad user/password combanation please try again.2";
    }
  }

else
{
echo "error";
}
  ?>

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.