btr2007 Posted December 12, 2007 Share Posted December 12, 2007 Help - I am having difficulty with the following. For the mysql_query if I set the user and pass to what is actually in the table it works. But if I leave it as shown I get an error message. Can someone tell me what is wrong mysql_connect($sqlhost, $sqluser, $sqlpass); // Connecting To MySql mysql_select_db($sqldb); // Selecting MySql Database $client = $_POST['username']; // Setting The Variable (Always User Different Variable Names Than What Is In Your HTML Forms) $pass = md5($_POST['password']); // Setting The Variable (Always User Different Variable Names Than What Is In Your HTML Forms - Password Should Also Always Be MD5 Encrypted) $clientcheck2 = mysql_query("SELECT * FROM users WHERE user= $client AND pass= $pass"); // Check If Any Users Match Username & Password Entered $clientcheck = mysql_num_rows($clientcheck2); // Number Of Results Of The Query if ($clientcheck > '0') { // If One Or More Users Were Found Link to comment https://forums.phpfreaks.com/topic/81396-solved-mysql-query-doesnt-work/ Share on other sites More sharing options...
revraz Posted December 12, 2007 Share Posted December 12, 2007 $clientcheck2 = mysql_query("SELECT * FROM users WHERE user= '$client' AND pass= '$pass'"); Add the single quotes Also, the Passwords in the DB are already hashed with md5 right? Link to comment https://forums.phpfreaks.com/topic/81396-solved-mysql-query-doesnt-work/#findComment-413077 Share on other sites More sharing options...
btr2007 Posted December 12, 2007 Author Share Posted December 12, 2007 Yes they are Link to comment https://forums.phpfreaks.com/topic/81396-solved-mysql-query-doesnt-work/#findComment-413079 Share on other sites More sharing options...
marcus Posted December 12, 2007 Share Posted December 12, 2007 If revraz's solution didn't help add an or die(mysql_error()); statement at the end of the query Link to comment https://forums.phpfreaks.com/topic/81396-solved-mysql-query-doesnt-work/#findComment-413083 Share on other sites More sharing options...
btr2007 Posted December 12, 2007 Author Share Posted December 12, 2007 The solution from revraz comes up login failed. Will try the next solution now Link to comment https://forums.phpfreaks.com/topic/81396-solved-mysql-query-doesnt-work/#findComment-413086 Share on other sites More sharing options...
trq Posted December 12, 2007 Share Posted December 12, 2007 You need to do some debuging. Try... <?php $client = $_POST['username']; $pass = md5($_POST['password']); $sql = "SELECT * FROM users WHERE user = '$client' AND pass = '$pass'"; if ($result = mysql_query($sql)) { if (mysql_num_rows($result)) { echo "We have results": } else { echo "No records found"; } } else { echo mysql_error() . "<br />$sql"; } ?> Link to comment https://forums.phpfreaks.com/topic/81396-solved-mysql-query-doesnt-work/#findComment-413087 Share on other sites More sharing options...
btr2007 Posted December 12, 2007 Author Share Posted December 12, 2007 mgallforever solution said login failed also. Will try solution from Thorpe now Link to comment https://forums.phpfreaks.com/topic/81396-solved-mysql-query-doesnt-work/#findComment-413089 Share on other sites More sharing options...
marcus Posted December 12, 2007 Share Posted December 12, 2007 try this <?php mysql_connect($sqlhost, $sqluser, $sqlpass) or die(mysql_error()); mysql_select_db($sqldb); $client = mysql_real_escape_string($_POST['username']); $pass = mysql_real_escape_string($_POST['password']); if ($client && $pass) { $sql = "SELECT * FROM `users` WHERE `user`='" . $client . "'"; $res = mysql_query($sql) or die(mysql_error()); if (mysql_num_rows($res) == 0) { echo "Username does not exist!\n"; } else { $sql2 = "SELECT * FROM `users` WHERE `user`='" . $client . "' AND `pass`='" . md5($pass) . "'"; $res2 = mysql_query($sql2) or die(mysql_error()); if (mysql_num_rows($res2) == 0) { echo "Invalid username and password combination!\n"; } else { // log them in } } } else { echo "You must supply both username and password!\n"; } ?> Link to comment https://forums.phpfreaks.com/topic/81396-solved-mysql-query-doesnt-work/#findComment-413090 Share on other sites More sharing options...
btr2007 Posted December 12, 2007 Author Share Posted December 12, 2007 Just tried the Thorpe solution and it said not finding records. Will try the next solution. Feel like we are close to getting it done but something not quite right Link to comment https://forums.phpfreaks.com/topic/81396-solved-mysql-query-doesnt-work/#findComment-413093 Share on other sites More sharing options...
btr2007 Posted December 12, 2007 Author Share Posted December 12, 2007 We got the invalid username and password combination Just a thought what collaboration should the table have Link to comment https://forums.phpfreaks.com/topic/81396-solved-mysql-query-doesnt-work/#findComment-413102 Share on other sites More sharing options...
marcus Posted December 12, 2007 Share Posted December 12, 2007 Can you verify the passwords are md5 encrypted? Link to comment https://forums.phpfreaks.com/topic/81396-solved-mysql-query-doesnt-work/#findComment-413105 Share on other sites More sharing options...
btr2007 Posted December 12, 2007 Author Share Posted December 12, 2007 They are encrypted. It appears to be working now. Well everything except the cookie stuff! We will have a play around with that to try and get that working now though. Thanks for the help! Link to comment https://forums.phpfreaks.com/topic/81396-solved-mysql-query-doesnt-work/#findComment-413121 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.