Jump to content

[SOLVED] Trying To Convert Old PHP Syntax To New... Without Success! :(

EmperorJazzy

By EmperorJazzy
in PHP Coding Help

 Share

Recommended Posts

EmperorJazzy Member

EmperorJazzy

Posted
Posted

Hi All,

 

Your assistance would be apprciated. I'm attempting to convert old PHP syntax to the new PHP syntax. Previously this form worked like a charm, though now, it does nothing exciting at all.

 

Could you give me guidance as to how I might address some issues;

 

1 - I understand that variables from a POST method are now prefixed with $_POST (I've attempted to use this below). Is this usage correct?

 

2 - I'm not sure how to call/reference the variables created from the mySQL query - Is it $_SERVER?

 

3 - And now I've created new variables to check password, and user existance, should these be prefixed $_POST also?

 

Thank you in advance for your assistance!

 

** WHOLE CODE DUMP ** 

<html>
  <head>
    <title>Website Title</title>

<?
if (($REQUEST_METHOD=='POST'))
{
mysql_pconnect("localhost","username","password")
					or die("Unable to connect to SQL server");
mysql_select_db("DBName") or die("Unable to select database");

$query = "SELECT * FROM tblUsers WHERE usrnme = $_POST['$usrnme']";
$fldchk = mysql_query($query) or die('mysql_error');

?> Past Connection<?

if (mysql_num_rows($fldchk) > 0)
{
	$pwchk = mysql_result($fldchk,0,"PWord");

	if ($pssword == $pwchk)
	{
		session_register($_POST["$usrnme"]);
		$log_user = $_POST["$usrnme"];

		// Use the session variable utype to show or hide the Admin links
		$ordersite = "index1.php";

	}
    		else
	{
		$wrongpw = 1;
	}
}
else
{
	$usrex = 1;
}
}


?>
  </head>

<body>


          <form method="post" action="index.php">

              Username
              <input type="text" name="usrnme" size="10" maxlength="10">
              <br>
              <br>
              Password
              <input type="password" name="pssword" size="10" maxlength="10">
              <br>



              <a href="mailto:email@home.com"><small>Forgotten your password?</small></a>


              <input type="image" src="images/rings.jpg" name=login alt="Login">

          </form>
         <p>

<?
if ($usrex == 1)
{
?>
            This user is not in the system.
            <br>
            Please <a href="mailto:user@home.com">email us</a> for account enquiries.
<?
}
if ($wrongpw == 1)
{
?>
            Incorrect password for <strong><? echo $usrnme; ?></strong>.
            <br>
            Please <a href="mailto:user@home.com">email us</a> if you have forgotten your password.
<?
}
?>         

  </body>
</html>

Link to comment
Share on other sites
MasterACE14 Advanced Member

MasterACE14

Posted
Posted 

<?php
if (($_REQUEST=='POST')) // im not 100% sure about $_REQUEST
{
mysql_connect("localhost","username","password") // removed the p from pconnect
					or die("Unable to connect to SQL server");
mysql_select_db("DBName") or die("Unable to select database");

$query = "SELECT * FROM `tblUsers` WHERE `usrnme` =" . $_POST['$usrnme'] . ""; // added ` and added 
                                                                                                         // periods to concoct the $_POST 
$fldchk = mysql_query($query) or die('mysql_error');

?> Past Connection<?php

if (mysql_num_rows($fldchk) > 0)
{
	$pwchk = mysql_result($fldchk,0,"PWord");

	if ($pssword == $pwchk)
	{
		$_SESSION["username"] = $_POST["$usrnme"]; // $_SESSION global is much more flexible then
                                                                                        // register function
		$log_user = $_POST["$usrnme"];

		// Use the session variable you type to show or hide the Admin links
		$ordersite = "index1.php";

	}
    		else
	{
		$wrongpw = 1;
	}
}
else
{
	$usrex = 1;
}
}


?>
  </head>

<body>


          <form method="post" action="index.php">

              Username
              <input type="text" name="usrnme" size="10" maxlength="10">
              <br>
              <br>
              Password
              <input type="password" name="pssword" size="10" maxlength="10">
              <br>



              <a href="mailto:email@home.com"><small>Forgotten your password?</small></a>


              <input type="image" src="images/rings.jpg" name=login alt="Login">

          </form>
         <p>

<?php
if ($usrex == 1)
{
?>
            This user is not in the system.
            <br>
            Please <a href="mailto:user@home.com">email us</a> for account enquiries.
<?php
}
if ($wrongpw == 1)
{
?>
            Incorrect password for <strong><? echo $usrnme; ?></strong>.
            <br>
            Please <a href="mailto:user@home.com">email us</a> if you have forgotten your password.
<?php
}
?>

 

I think that should just about do it.  :)

 

Regards ACE

 

 

Link to comment
Share on other sites
MasterACE14 Advanced Member

MasterACE14

Posted
Posted 

$_POST["$usrnme"];

You don't put a dollar sign for the value inside the brackets. Change it to

$_POST['usrnme'];

 

if (($_REQUEST=='POST'))

Instead of that, I would use

if (isset($_POST['usrnme']))

 

Other than that, I think MasterACE14 hit them all.

 

Thanks, completely missed the $ sign lol  :D

Link to comment
Share on other sites
EmperorJazzy Member

EmperorJazzy

Posted
  • Author
Posted

Thanks all, appreciate your time. I've managed to now have the form 'work' however, if the incorrect information is entered, the errors are not showing.

 

<?php
if ($usrex == 1)
{
?>
            This user is not in the system.
            <br>
            Please <a href="mailto:user@home.com">email us</a> for account enquiries.
             <?php
             }
             ?>

 

Any ideas? If you require further information, I can provide :)

 

Try this web address to see output; http://www.internetfella.com.au/gift_registry/index.php

Link to comment
Share on other sites
EmperorJazzy Member

EmperorJazzy

Posted
  • Author
Posted

Ok gents... thanks for your help again. I changed a few things;

 


if($_SERVER['REQUEST_METHOD'] == 'POST')

 

and

 

$query = "SELECT * FROM tblUsers WHERE usrnme='" . $_POST['usrnme'] ."'";

 

Essentially, the $_SERVER request started to pass through the code. Came up with Query error. Checked the syntax of the query, and altered as above. Now it's returning goodness.

 

All - Thanks very much. You know this means there could be more queries coming from me?! :P

Link to comment
Share on other sites
EmperorJazzy Member

EmperorJazzy

Posted
  • Author
Posted

OK can I unsolve?! Haha... ;)

 

Unfortunately, the error checking works, but the correct comparison doesn't. EG> Password matches that entered by the user.

 

Basically, I want the page to be redirected if it's the correct password for the user. Simple (so I thought). Ideas?

 

	$pwchk = mysql_result($fldchk,0,"PWord");

	if ($pssword == $pwchk)
	{
		$_SESSION["usrnme"] = $_POST["usrnme"];

		$log_user = $usrnme;

		// Use the session variable utype to show or hide the Admin links
		$ordersite = "index1.php";


		$direct_site = "http://www.internetfella.com.au";

		?>

		<script>
		document.location = '<?php echo $direct_site; ?>';
		</script>

Link to comment
Share on other sites
MasterACE14 Advanced Member

MasterACE14

Posted
Posted

its simple alright, you've just done it the hard way  ;D

 

this part:

<script>
		document.location = '<?php echo $direct_site; ?>';
		</script>

 

change it to this:

<?php
header("Location: http://www.internetfella.com.au");

 

ps. I like your website, Im guessing you live down in Victoria? or not to far from it? I live in Sydney ^^

Link to comment
Share on other sites
EmperorJazzy Member

EmperorJazzy

Posted
  • Author
Posted

Full code... Sorry for delay in posting.

 


<html>
  <head>
    <title>Website Title</title>

<?php
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
mysql_connect("localhost","username","password") or die("Unable to connect to SQL server");
mysql_select_db("database") or die("Unable to select database");

$query = "SELECT * FROM tblUsers WHERE usrnme='" . $_POST['usrnme'] ."'";

$fldchk = mysql_query($query) or die('mysql_error with query - '.$query);

if (mysql_num_rows($fldchk) > 0)
{
	$pwchk = mysql_result($fldchk,0,"PWord");

	if ($pssword == $pwchk)
	{
		$_SESSION["usrnme"] = $_POST["usrnme"];

		$log_user = $usrnme;

		// Use the session variable utype to show or hide the Admin links
		$ordersite = "index1.php";


		$direct_site = "http://www.internetfella.com.au";


		header("Location: " . $direct_site . "");

	}
    		else
	{
		$wrongpw = 1;
	}
}
else
{
	$usrex = 1;
}
}

?>

</head>

<body>


          <form method="post" action="index.php">

              Username
              <input type="text" name="usrnme" size="10" maxlength="10">
              <br>
              <br>
              Password
              <input type="password" name="pssword" size="10" maxlength="10">
              <br>



              <a href="mailto:user@home.com.au"><small>Forgotten your password?</small></a>


              <input type="image" src="images/rings.jpg" name=login alt="Login">

          </form>
         <p>

<?php
if ($usrex == 1)
{
?>
            This user is not in the system.
            <br>
            Please <a href="mailto:user@home.com.au">email us</a> for account enquiries.
<?php
}
elseif ($wrongpw == 1)
{
?>
            Incorrect password for <strong><? echo $_POST["usrnme"]; ?></strong>.
            <br>
            Please <a href="mailto:user@home.com.au">email us</a> if you have forgotten your password.
<?php
}
?>         

  </body>
</html>

Link to comment
Share on other sites
MasterACE14 Advanced Member

MasterACE14

Posted
Posted

no problem  :)

 

before this:

<?php
$query = "SELECT * FROM tblUsers WHERE usrnme='" . $_POST['usrnme'] ."'";

 

you should put this:

<?php
if(!isset($_POST['usrnme']) || $_POST['usrnme'] == '') { die("please enter a username"); }

 

or better yet, replace this:

<?php
if($_SERVER['REQUEST_METHOD'] == 'POST')

 

with what I said above. That may fix the problem. Because then your starting Form Validation before anything has happened. Further more increasing your security, and stopping any unneccesary MySQL queries from happening.

 

 

Link to comment
Share on other sites
MasterACE14 Advanced Member

MasterACE14

Posted
Posted

you could also double up with the validation right at the start like this:

<?php
if(!isset($_POST['usrnme']) || $_POST['usrnme'] == '') && if(!isset($_POST['pssword']) || $_POST['pssword'] == '')
{ die("please enter a username and password"); }

 

I found the problem with the password part, you haven't put the password $_POST into a common variable, you have if ($pssword == $pwchk) but their is no $pssword = $_POST["pssword"];

 

so put in what I've typed above, and put in the $pssword variable sometime before it is used.

 

and I think that may just fix your problem  ;)

 

Regards ACE

Link to comment
Share on other sites
EmperorJazzy Member

EmperorJazzy

Posted
  • Author
Posted

Ok, past that issue because of a silly $_POST being left out. Little things. :S

 

Now... the next part was to redirect the user. The below is the code I'm using, however, is not redirecting the page. Ideas?

 

		$direct_site = "http://www.internetfella.com.au";


		header("Location: " . $direct_site . "");

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.