deed02392 Posted October 18, 2007 Share Posted October 18, 2007 <?php // we must never forget to start the session session_start(); $errorMessage = ''; if (isset($_POST['txtUserId']) && isset($_POST['txtPassword'])) { include 'library/config.php'; include 'library/opendb.php'; $userId = $_POST['txtUserId']; $password = $_POST['txtPassword']; // check if the user id and password combination exist in database $sql = "SELECT user_id FROM tbl_auth_user WHERE user_id = '$userId' AND user_password = PASSWORD('$password')"; $result = mysql_query($sql) or die('Query failed. ' . mysql_error()); if (mysql_num_rows($result) == 1) { // the user id and password match, // set the session $_SESSION['db_is_logged_in'] = true; // after login we move to the main page header('Location: main.php'); exit; } else { $errorMessage = 'Sorry, wrong user id / password'; } include 'library/closedb.php'; } ?> <form action="" method="post" name="frmLogin" id="frmLogin"> <table width="400" border="1" align="center" cellpadding="2" cellspacing="2"> <tr> <td width="150">User Id</td> <td><input name="txtUserId" type="text" id="txtUserId"></td> </tr> <tr> <td width="150">Password</td> <td><input name="txtPassword" type="password" id="txtPassword"></td> </tr> <tr> <td width="150"> </td> <td><input name="btnLogin" type="submit" id="btnLogin" value="Login"></td> </tr> </table> </form> </body> </html> Some code I got off a guide website, won't work for me, it seems with my mysql database. Everything is set up properly ie all correct data is entered. However, I cannot ever log in. If I change the num rows result to 0 I can log in correctly. When it is 1, no dice, even though I KNOW the user and pass combination is correct. If i search the username and pass with phpmyadmin, it finds it, so why not here? Please help me, I'm trying to start a non-profit charity website, so I can't afford a coder! Quote Link to comment https://forums.phpfreaks.com/topic/73852-solved-no-query-results-despite-entry/ Share on other sites More sharing options...
deed02392 Posted October 18, 2007 Author Share Posted October 18, 2007 Sorry, let me add what happens. When I submit the correct information, the script acts as if the password combination was incorrect, and redirects me back to the login page. It doesn't set the session, as I still cannot view the main.php page (which has a php script to block you if you don't have the session etc.). But I know the session scripts are working because obviously if i set it so the results need be 0 it sets one up and directs me to main.php. Quote Link to comment https://forums.phpfreaks.com/topic/73852-solved-no-query-results-despite-entry/#findComment-372630 Share on other sites More sharing options...
lewis987 Posted October 18, 2007 Share Posted October 18, 2007 <?php // we must never forget to start the session session_start(); $errorMessage = ''; //Use the Button post than the user id and user password in the if statement if ($_POST['btnLogin']) { include 'library/config.php'; include 'library/opendb.php'; $userId = $_POST['txtUserId']; $password = $_POST['txtPassword']; // check if the user id and password combination exist in database // Ensure your SQL is correct aswell. // You Cannot Do this: PASSWORD('$password') //Use a Session in the function to use $sql = "SELECT * FROM `tbl_auth_user` WHERE `user_id` = '".$userId."' AND `user_password` = '".$_SESSION['PASS']."';"; $result = mysql_query($sql) or die('Query failed. ' . mysql_error()); if (mysql_num_rows($result) == 1) { // the user id and password match, // set the session $_SESSION['db_is_logged_in'] = true; // after login we move to the main page header('Location: main.php'); exit; } else { $errorMessage = 'Sorry, wrong user id / password'; } include 'library/closedb.php'; } ?> <form action="" method="post" name="frmLogin" id="frmLogin"> <table width="400" border="1" align="center" cellpadding="2" cellspacing="2"> <tr> <td width="150">User Id</td> <td><input name="txtUserId" type="text" id="txtUserId"></td> </tr> <tr> <td width="150">Password</td> <td><input name="txtPassword" type="password" id="txtPassword"></td> </tr> <tr> <td width="150"> </td> <td><input name="btnLogin" type="submit" id="btnLogin" value="Login"></td> </tr> </table> </form> </body> </html> Made Changes, Read the notes attached.. Especially the SQL one... it looks like you are a newbie at php and all... Quote Link to comment https://forums.phpfreaks.com/topic/73852-solved-no-query-results-despite-entry/#findComment-372641 Share on other sites More sharing options...
deed02392 Posted October 18, 2007 Author Share Posted October 18, 2007 Hi, thanks a lot for your help. I made the changes to the code as you showed me, but unfortunately it still doesn't work. I've checked my SQL database hundreds of times now. The includes I've used are fine too, the database is called 'site' (without the quotes). The table is called tbl_auth_user, and within that I have one row with user_id (primary) and user_password. I believe this all checks in with the login.php script, but still no joy. It just seems no matter how many times i try the database just never returns a result. I can't for the life of me understand this. Everything checks out. Quote Link to comment https://forums.phpfreaks.com/topic/73852-solved-no-query-results-despite-entry/#findComment-372687 Share on other sites More sharing options...
lewis987 Posted October 18, 2007 Share Posted October 18, 2007 ok, how do you encrypt your password? md5? md4? tell me and i will edit the code and make it work for you Quote Link to comment https://forums.phpfreaks.com/topic/73852-solved-no-query-results-despite-entry/#findComment-372689 Share on other sites More sharing options...
deed02392 Posted October 18, 2007 Author Share Posted October 18, 2007 the password is totally un-encrypted, this is how i see it in phpmyadmin: user_id user_password Edit Delete user pass It says this at the top as the sql query: SELECT * FROM `tbl_auth_user` LIMIT 0 , 30 Quote Link to comment https://forums.phpfreaks.com/topic/73852-solved-no-query-results-despite-entry/#findComment-372694 Share on other sites More sharing options...
deed02392 Posted October 18, 2007 Author Share Posted October 18, 2007 OK, update. I was using this website as a guide for what to do: http://www.php-mysql-tutorial.com/user-authentication/database.php. I managed to get phpmyadmin to insert the source data given on that website using the query window. When I did something strange happened... the passwords were encrypted. It seems as though the PASSWORD string encrypted them? I'm not sure by which method though. SO then I tried to login and it still failed... so I tried the source login script on that website again, putting it back in login.php and it works??? I wish I understood what was going on... will be worrying when I'm running a website to which I have no real idea how is actually running... Quote Link to comment https://forums.phpfreaks.com/topic/73852-solved-no-query-results-despite-entry/#findComment-372711 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.