Jump to content

Recommended Posts

Hi all,

 

I seem to have run into a little bit of a problem.

 

I have recently set up a login script, that is using php & MySQl but also Flash. I have the login script created in Flash, and it points the $_POST data to the php file which then connects to the MySQL server & database. The only problem is, i am more than sure it is connecting (as i receive no errors), but there is no data being stored inside the table... i have checked everything that i can think of, and still no luck.

 

Here is a link to the zipped file i have (of all the files that are getting used in the script).

 

Click Here.

 

Any help that anyone could offer, would be muchly appreciated.

 

Thanks in advance,

Mike

Link to comment
https://forums.phpfreaks.com/topic/88531-mysql-wont-store-database-information/
Share on other sites

 

This is the Config File

<?php
   header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");    
   header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
                                                     
   header("Cache-Control: no-store, no-cache, must-revalidate");  
   header("Cache-Control: post-check=0, pre-check=0", false);
   header("Pragma: no-cache");                       
   error_reporting(E_ALL);
   $host = 'localhost';
   $dbuser = '';
   $dbpass = '';
   $dbname = '';
   $table = 'user_auth';
   $db = @mysql_connect($host,$dbuser,$dbpass) or die("error=could not connect to $host");
   $db = mysql_select_db($dbname);
   if(!$db)
   {
      print "error=could not connect to $dbname table";
      exit;
   }
?>

 

Here is the functions.php file

<?
error_reporting(E_ALL);
function valid_email($email)
{
   // check if email is valid
   if( !eregi("^[a-z0-9]+([_\\.-][a-z0-9]+)*"
   ."@([a-z0-9]+([\.-][a-z0-9]+))*$",$email, $regs))
   {
      return false;
   } else if( gethostbyname($regs[2]) == $regs[2] )
   {
      // if host is invalid
      return false;
   } else {
      return true;
   }
}

function valid_userName($name)
{
   // check valid input name
   if(!eregi("^[a-z0-9]{8,15}$",$name))
   {
      return false;
   } else {
      return true;
   }
}

function valid_password($pwd)
{
   // check valid password
   if(!eregi("^[a-z0-9]{6,8}$",$pwd))
   {
      return false;
   } else {
      return true;
   }
}
?>

 

This is the SQL query i used to open the table insie of the database:

 

CREATE TABLE tutorial_user_auth (
  userID int(20) unsigned NOT NULL auto_increment,
  userName varchar(15) NOT NULL default '0',
  userPassword varchar(32) NOT NULL default '0',
  userMail varchar(255) NOT NULL default '',
  userQuestion varchar(255) NOT NULL default '',
  userAnswer varchar(255) NOT NULL default '',
  PRIMARY KEY (userID),
  UNIQUE KEY userMail(userMail),
  UNIQUE KEY userName(userName)
) TYPE=MyISAM;

 

 

and finally this is the MAIN file (user.php) that runs all the checks and queres for logins, registration, forgotten passwords etc.

 

<?
require_once('conf.inc.php');
require_once('functions.php');
// ---
// register new user
// ---
function register($username,$pass,$email,$question,$answer)
{
   GLOBAL $db, $table;
   $username = trim($username);
   $pass = trim($pass);
   $email = trim($email);
   $question = addslashes(trim($question));
   $answer = addslashes(trim($answer));
   $validEmail = valid_email($email);
   $validName = valid_userName($username);
   $validPass = valid_password($pass);
   if(!$validName) return "error=invalid name";
   if(!$validPass) return "error=invalid password";
   if(!$validEmail) return "error=invalid email";
   $pass = md5(trim($pass));
   // all checks ok
   $query = @mysql_query("INSERT INTO $table (userName,userPassword,userMail,userQuestion,userAnswer) VALUES "
   ."('$username','$pass','$email','$question','$answer')");
   if(!$query)
   {
      return "error=" . mysql_error();
   } else {
      return "user=ok";
   }
}

// ---
// login, check user
// ---
function login($username,$pass)
{
   GLOBAL $db,$table;
   $username = trim($username);
   $pass = md5(trim($pass));
   $query = mysql_query("SELECT * FROM $table WHERE userName = '$username' AND userPassword = '$pass'");
   return mysql_num_rows($query);
}

// ---
// forget password
// ---
function forget($email)
{
   GLOBAL $db,$table;
   $email = trim($email);
   $query = mysql_query("SELECT userName, userQuestion from $table WHERE userMail = '$email'");
   if(mysql_num_rows($query)<1)
   {
      return "error=email not present into database";
   }
   $row = mysql_fetch_array($query);
   return "userName=$row[userName]&userQuestion=" . stripslashes($row['userQuestion']);
}

// ---
// generate new password
// ---
function new_password($username,$email,$answer)
{
   GLOBAL $db,$table;
   $username = trim($username);
   $email = trim($email);
   $answer = addslashes(trim($answer));
   $query = mysql_query("SELECT * FROM $table WHERE userName = '$username' AND userMail = '$email' AND userAnswer = '$answer'");
   if(mysql_num_rows($query) < 1)
   {
      return "error=wrong answer";
   }
   $rand_string = '';
   // ---
   // generating a random 8 chars lenght password
   // ---
   for($a=0;$a<7;$a++)
   {
      do
      {
         $newrand = chr(rand(0,256));
      } while(!eregi("^[a-z0-9]$",$newrand));
      $rand_string .= $newrand;
   }
   $pwd_to_insert = md5($rand_string);
   $new_query = mysql_query("UPDATE $table SET userPassword = '$pwd_to_insert' WHERE userName = '$username' AND userMail = '$email'");
   if(!$new_query)
   {
      return "error=unable to update value";
   }
   return "userName=$username&new_pass=$rand_string";
}

// ---
// decisional switch
// ---
if(isset($HTTP_POST_VARS["action"]))
{
   switch($HTTP_POST_VARS["action"])
   {
      case "register":
         $result = register($HTTP_POST_VARS['username'],$HTTP_POST_VARS['pass'],$HTTP_POST_VARS['email'],$HTTP_POST_VARS['question'],$HTTP_POST_VARS['answer']);
         print $result;
         break;
      case "login":
         $result = login($HTTP_POST_VARS['username'],$HTTP_POST_VARS['pass']);
         print "user=" . $result;
         break;
      case "forget":
         $result = forget($HTTP_POST_VARS['email']);
         print $result;
         break;
      case "new_password":
         $result = new_password($HTTP_POST_VARS['username'],$HTTP_POST_VARS['email'],$HTTP_POST_VARS['answer']);
         print $result;
         break;
   }
}
?> 

 

Should you wish to look at the page in action please forward your browser to

 

Login Area Here

 

Thanks in advance again for any help that may be received,

 

Regards

 

 

**Edited URL**

Still no joy im afraid.

 

I have changed all the GLOBAL scenes to global but it still wont let me.

 

On the flash file i have it running through, it allows me to register and then it says i am able to login also.

 

But when i come to login, i get the error:

 

"invalid username or password" .

 

I dont understand why it allows me to go to the Registration Complete page without the data being  placed into the DB.

 

www.scouselandfusion.com/viparea.html  (The page where it is)

 

Thanks

 

???

function login($username,$pass)
{
   global $db,$table;
   $username = trim($username);
   $pass = md5(trim($pass));
   $query = mysql_query("SELECT * FROM $table WHERE userName = '$username' AND userPassword = '$pass'");
   return mysql_num_rows($query);
}

 

i presume you mean the above code, fenway?

 

That is the code that it uses to check the users credentials in the database.

Then the following code then decides if the password is right to point send the user to the next page, and if incorrect not to send the user, and so on.

 

if(isset($HTTP_POST_VARS["action"]))
{
   switch($HTTP_POST_VARS["action"])
   {
      case "register":
         $result = register($HTTP_POST_VARS['username'],$HTTP_POST_VARS['pass'],$HTTP_POST_VARS['email'],$HTTP_POST_VARS['question'],$HTTP_POST_VARS['answer']);
         print $result;
         break;
      case "login":
         $result = login($HTTP_POST_VARS['username'],$HTTP_POST_VARS['pass']);
         print "user=" . $result;
         break;
      case "forget":
         $result = forget($HTTP_POST_VARS['email']);
         print $result;
         break;
      case "new_password":
         $result = new_password($HTTP_POST_VARS['username'],$HTTP_POST_VARS['email'],$HTTP_POST_VARS['answer']);
         print $result;
         break;
   }
}
?>

 

Thanks

use the code below to see content of  your sql query.

 

function login($username,$pass)
{
   global $db,$table;
   $username = trim($username);
   $pass = md5(trim($pass));
   $sql="SELECT * FROM $table WHERE userName = '$username' AND userPassword = '$pass'"
echo $sql;
   $query = mysql_query($sql);
   return mysql_num_rows($query);
}

 

echo $sql;

this line from above code will print the query

use exit(); below echo line 

******

As in this:

echo $sql;

exit();

  $query = mysql_query($sql);

  return mysql_num_rows($query);

 

OR:

 

echo $sql;

  $query = mysql_query($sql);

  return mysql_num_rows($query);

exit();

 

*****

query will be printed on browser.

 

see the query to debug

 

 

**** sorry for all this messing about.

Ok, i have entered that code into my user.php file. Then i tried to log into my password protected area,

but i am still getting the "Invalid username or password" and that is all... would having the login script in flash cause effect as to why i am not being able to see the query result??¿¿??

 

 

On the "Login" button i have the following Actions:

 

on (release) 
{
if(userName.length > 0 && userPassword.length > 0)
{
	myVars = new LoadVars();
	myVars.username = userName.text
	myVars.pass = userPassword.text
	myVars.action = 'login';
	myVars.sendAndLoad(php_file, myVars, 'POST');
	myVars.onLoad = function()
	{
		if(!this.error && this.user > 0)
		{
			_root.gotoAndStop('registered');
		} else {
			_root.gotoAndStop('no_registered');
		}
		userName.selectable = true;
		userPassword.selectable = true;
		loginButton.enabled = true;
	}
	userName.selectable = false;
	userPassword.selectable = false;
	loginButton.enabled = false;
}
}

 

 

The following code is what i have on my Actions on the "Login" button:

 

on (release) 
{
if(userName.length > 0 && userPassword.length > 0)
{
	myVars = new LoadVars();
	myVars.username = userName.text
	myVars.pass = userPassword.text
	myVars.action = 'login';
	myVars.sendAndLoad(php_file, myVars, 'POST');
	myVars.onLoad = function()
	{
		if(!this.error && this.user > 0)
		{
			_root.gotoAndStop('registered');
		} else {
			_root.gotoAndStop('no_registered');
		}
		userName.selectable = true;
		userPassword.selectable = true;
		loginButton.enabled = true;
	}
	userName.selectable = false;
	userPassword.selectable = false;
	loginButton.enabled = false;
}
}

 

 

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.