dj scousey Posted January 30, 2008 Share Posted January 30, 2008 Hi all, I seem to have run into a little bit of a problem. I have recently set up a login script, that is using php & MySQl but also Flash. I have the login script created in Flash, and it points the $_POST data to the php file which then connects to the MySQL server & database. The only problem is, i am more than sure it is connecting (as i receive no errors), but there is no data being stored inside the table... i have checked everything that i can think of, and still no luck. Here is a link to the zipped file i have (of all the files that are getting used in the script). Click Here. Any help that anyone could offer, would be muchly appreciated. Thanks in advance, Mike Quote Link to comment Share on other sites More sharing options...
fenway Posted January 30, 2008 Share Posted January 30, 2008 I prefer not to download files.... post the relevant code snippet with your insert statement. Quote Link to comment Share on other sites More sharing options...
dj scousey Posted January 31, 2008 Author Share Posted January 31, 2008 This is the Config File <?php header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); error_reporting(E_ALL); $host = 'localhost'; $dbuser = ''; $dbpass = ''; $dbname = ''; $table = 'user_auth'; $db = @mysql_connect($host,$dbuser,$dbpass) or die("error=could not connect to $host"); $db = mysql_select_db($dbname); if(!$db) { print "error=could not connect to $dbname table"; exit; } ?> Here is the functions.php file <? error_reporting(E_ALL); function valid_email($email) { // check if email is valid if( !eregi("^[a-z0-9]+([_\\.-][a-z0-9]+)*" ."@([a-z0-9]+([\.-][a-z0-9]+))*$",$email, $regs)) { return false; } else if( gethostbyname($regs[2]) == $regs[2] ) { // if host is invalid return false; } else { return true; } } function valid_userName($name) { // check valid input name if(!eregi("^[a-z0-9]{8,15}$",$name)) { return false; } else { return true; } } function valid_password($pwd) { // check valid password if(!eregi("^[a-z0-9]{6,8}$",$pwd)) { return false; } else { return true; } } ?> This is the SQL query i used to open the table insie of the database: CREATE TABLE tutorial_user_auth ( userID int(20) unsigned NOT NULL auto_increment, userName varchar(15) NOT NULL default '0', userPassword varchar(32) NOT NULL default '0', userMail varchar(255) NOT NULL default '', userQuestion varchar(255) NOT NULL default '', userAnswer varchar(255) NOT NULL default '', PRIMARY KEY (userID), UNIQUE KEY userMail(userMail), UNIQUE KEY userName(userName) ) TYPE=MyISAM; and finally this is the MAIN file (user.php) that runs all the checks and queres for logins, registration, forgotten passwords etc. <? require_once('conf.inc.php'); require_once('functions.php'); // --- // register new user // --- function register($username,$pass,$email,$question,$answer) { GLOBAL $db, $table; $username = trim($username); $pass = trim($pass); $email = trim($email); $question = addslashes(trim($question)); $answer = addslashes(trim($answer)); $validEmail = valid_email($email); $validName = valid_userName($username); $validPass = valid_password($pass); if(!$validName) return "error=invalid name"; if(!$validPass) return "error=invalid password"; if(!$validEmail) return "error=invalid email"; $pass = md5(trim($pass)); // all checks ok $query = @mysql_query("INSERT INTO $table (userName,userPassword,userMail,userQuestion,userAnswer) VALUES " ."('$username','$pass','$email','$question','$answer')"); if(!$query) { return "error=" . mysql_error(); } else { return "user=ok"; } } // --- // login, check user // --- function login($username,$pass) { GLOBAL $db,$table; $username = trim($username); $pass = md5(trim($pass)); $query = mysql_query("SELECT * FROM $table WHERE userName = '$username' AND userPassword = '$pass'"); return mysql_num_rows($query); } // --- // forget password // --- function forget($email) { GLOBAL $db,$table; $email = trim($email); $query = mysql_query("SELECT userName, userQuestion from $table WHERE userMail = '$email'"); if(mysql_num_rows($query)<1) { return "error=email not present into database"; } $row = mysql_fetch_array($query); return "userName=$row[userName]&userQuestion=" . stripslashes($row['userQuestion']); } // --- // generate new password // --- function new_password($username,$email,$answer) { GLOBAL $db,$table; $username = trim($username); $email = trim($email); $answer = addslashes(trim($answer)); $query = mysql_query("SELECT * FROM $table WHERE userName = '$username' AND userMail = '$email' AND userAnswer = '$answer'"); if(mysql_num_rows($query) < 1) { return "error=wrong answer"; } $rand_string = ''; // --- // generating a random 8 chars lenght password // --- for($a=0;$a<7;$a++) { do { $newrand = chr(rand(0,256)); } while(!eregi("^[a-z0-9]$",$newrand)); $rand_string .= $newrand; } $pwd_to_insert = md5($rand_string); $new_query = mysql_query("UPDATE $table SET userPassword = '$pwd_to_insert' WHERE userName = '$username' AND userMail = '$email'"); if(!$new_query) { return "error=unable to update value"; } return "userName=$username&new_pass=$rand_string"; } // --- // decisional switch // --- if(isset($HTTP_POST_VARS["action"])) { switch($HTTP_POST_VARS["action"]) { case "register": $result = register($HTTP_POST_VARS['username'],$HTTP_POST_VARS['pass'],$HTTP_POST_VARS['email'],$HTTP_POST_VARS['question'],$HTTP_POST_VARS['answer']); print $result; break; case "login": $result = login($HTTP_POST_VARS['username'],$HTTP_POST_VARS['pass']); print "user=" . $result; break; case "forget": $result = forget($HTTP_POST_VARS['email']); print $result; break; case "new_password": $result = new_password($HTTP_POST_VARS['username'],$HTTP_POST_VARS['email'],$HTTP_POST_VARS['answer']); print $result; break; } } ?> Should you wish to look at the page in action please forward your browser to Login Area Here Thanks in advance again for any help that may be received, Regards **Edited URL** Quote Link to comment Share on other sites More sharing options...
pdkv2 Posted January 31, 2008 Share Posted January 31, 2008 i guess you used the "GLOBAL" where as you should use "global" try replacing "GLOBAL" with "global" every where and check Regards Sharad. Quote Link to comment Share on other sites More sharing options...
dj scousey Posted January 31, 2008 Author Share Posted January 31, 2008 Still no joy im afraid. I have changed all the GLOBAL scenes to global but it still wont let me. On the flash file i have it running through, it allows me to register and then it says i am able to login also. But when i come to login, i get the error: "invalid username or password" . I dont understand why it allows me to go to the Registration Complete page without the data being placed into the DB. www.scouselandfusion.com/viparea.html (The page where it is) Thanks ??? Quote Link to comment Share on other sites More sharing options...
fenway Posted January 31, 2008 Share Posted January 31, 2008 That's not the "relevant" code, that's all the code :-( Anyway, echo the query that you're using to check the credentials. Quote Link to comment Share on other sites More sharing options...
dj scousey Posted February 1, 2008 Author Share Posted February 1, 2008 function login($username,$pass) { global $db,$table; $username = trim($username); $pass = md5(trim($pass)); $query = mysql_query("SELECT * FROM $table WHERE userName = '$username' AND userPassword = '$pass'"); return mysql_num_rows($query); } i presume you mean the above code, fenway? That is the code that it uses to check the users credentials in the database. Then the following code then decides if the password is right to point send the user to the next page, and if incorrect not to send the user, and so on. if(isset($HTTP_POST_VARS["action"])) { switch($HTTP_POST_VARS["action"]) { case "register": $result = register($HTTP_POST_VARS['username'],$HTTP_POST_VARS['pass'],$HTTP_POST_VARS['email'],$HTTP_POST_VARS['question'],$HTTP_POST_VARS['answer']); print $result; break; case "login": $result = login($HTTP_POST_VARS['username'],$HTTP_POST_VARS['pass']); print "user=" . $result; break; case "forget": $result = forget($HTTP_POST_VARS['email']); print $result; break; case "new_password": $result = new_password($HTTP_POST_VARS['username'],$HTTP_POST_VARS['email'],$HTTP_POST_VARS['answer']); print $result; break; } } ?> Thanks Quote Link to comment Share on other sites More sharing options...
pdkv2 Posted February 1, 2008 Share Posted February 1, 2008 use the code below to see content of your sql query. function login($username,$pass) { global $db,$table; $username = trim($username); $pass = md5(trim($pass)); $sql="SELECT * FROM $table WHERE userName = '$username' AND userPassword = '$pass'" echo $sql; $query = mysql_query($sql); return mysql_num_rows($query); } Quote Link to comment Share on other sites More sharing options...
dj scousey Posted February 1, 2008 Author Share Posted February 1, 2008 Ok, so i have replaced the previous code with the one above, but i dont understand where exactly i am going to be "seeing" my query result. I'm totally confuzzled now... its racking my brain..... ??? :-\ Quote Link to comment Share on other sites More sharing options...
pdkv2 Posted February 1, 2008 Share Posted February 1, 2008 echo $sql; this line from above code will print the query use exit(); below echo line query will be printed on browser. see the query to debug Quote Link to comment Share on other sites More sharing options...
dj scousey Posted February 1, 2008 Author Share Posted February 1, 2008 echo $sql; this line from above code will print the query use exit(); below echo line ****** As in this: echo $sql; exit(); $query = mysql_query($sql); return mysql_num_rows($query); OR: echo $sql; $query = mysql_query($sql); return mysql_num_rows($query); exit(); ***** query will be printed on browser. see the query to debug **** sorry for all this messing about. Quote Link to comment Share on other sites More sharing options...
dj scousey Posted February 1, 2008 Author Share Posted February 1, 2008 Ok, i have entered that code into my user.php file. Then i tried to log into my password protected area, but i am still getting the "Invalid username or password" and that is all... would having the login script in flash cause effect as to why i am not being able to see the query result??¿¿?? Quote Link to comment Share on other sites More sharing options...
pdkv2 Posted February 1, 2008 Share Posted February 1, 2008 so are you able to print the sql query ? Quote Link to comment Share on other sites More sharing options...
dj scousey Posted February 1, 2008 Author Share Posted February 1, 2008 nope, nothing shows. try yourself, i dont mind giving out username and passwords at this present time, as it is all still W.I.P http://www.scouselandfusion.com/viparea.html DJScousey amateur1 Quote Link to comment Share on other sites More sharing options...
pdkv2 Posted February 1, 2008 Share Posted February 1, 2008 are you sure your flash script gives the form variables in $HTTP_POST_VARS ? Quote Link to comment Share on other sites More sharing options...
dj scousey Posted February 1, 2008 Author Share Posted February 1, 2008 On the "Login" button i have the following Actions: on (release) { if(userName.length > 0 && userPassword.length > 0) { myVars = new LoadVars(); myVars.username = userName.text myVars.pass = userPassword.text myVars.action = 'login'; myVars.sendAndLoad(php_file, myVars, 'POST'); myVars.onLoad = function() { if(!this.error && this.user > 0) { _root.gotoAndStop('registered'); } else { _root.gotoAndStop('no_registered'); } userName.selectable = true; userPassword.selectable = true; loginButton.enabled = true; } userName.selectable = false; userPassword.selectable = false; loginButton.enabled = false; } } Quote Link to comment Share on other sites More sharing options...
pdkv2 Posted February 1, 2008 Share Posted February 1, 2008 it is very difficult to debug your script unless and until you could print the posted data by your flash script Quote Link to comment Share on other sites More sharing options...
dj scousey Posted February 1, 2008 Author Share Posted February 1, 2008 The following code is what i have on my Actions on the "Login" button: on (release) { if(userName.length > 0 && userPassword.length > 0) { myVars = new LoadVars(); myVars.username = userName.text myVars.pass = userPassword.text myVars.action = 'login'; myVars.sendAndLoad(php_file, myVars, 'POST'); myVars.onLoad = function() { if(!this.error && this.user > 0) { _root.gotoAndStop('registered'); } else { _root.gotoAndStop('no_registered'); } userName.selectable = true; userPassword.selectable = true; loginButton.enabled = true; } userName.selectable = false; userPassword.selectable = false; loginButton.enabled = false; } } Quote Link to comment Share on other sites More sharing options...
pdkv2 Posted February 1, 2008 Share Posted February 1, 2008 are you able to print the data posted by your login action ? Quote Link to comment Share on other sites More sharing options...
dj scousey Posted February 1, 2008 Author Share Posted February 1, 2008 nope, it wont print anything Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.