Unknown Problem

[Ads]

As the Title says i really don;t know why this doesn't work.

 

session_start();
$email=$_REQUEST['email'];
$password=$_REQUEST['password'];
$id1 = "SELECT id FROM players WHERE email='$email' AND password='$password'";
$id=mysql_query($id1);
echo $id; 
$_SESSION['id'] = $id;
$sql = mysql_query("SELECT * FROM players WHERE id='$id'");
$row = mysql_fetch_array($sql);
if($sql)
{
echo"Hello world<br>";
}

 

I am trying to make the user's Id number a Session so i can use it later. It worked Perfectly with Username, But then i relised I gave an Option to change username which stuffed that up, so i am trying to make the same thing with ID, But it doesn't work. Any help

[timmy0320]

Is the echo returning anything?

 

[Ads]

That Peice of Code is in an Include File, Which is Inculed in every page Apart from the Login page. So aftet I login I get this.

 

Resource id #4Hello world

Account Not Activated!

[Ads]

Sorry, I only get

 

Resource id #4Hello world

 

AND

Resource id #9Hello world

[timmy0320]

Since that is an include, are you adding the "Resource id #" in yourself and it's just echo'ing 4? Your ID should only be a number and should be set to UNIQUE and auto_increment in SQL if you're putting it with usernames. Try to also echo the $_SESSION['id']; Because that looks like it's setting the session.

 

On your other pages are you sure you're matching up the $_SESSION['id'] to the usernames ID to post their data? Because that's what seems like is going wrong here.

[Ads]

Na Still seems to give me out a 'Resource ID #' This is accutly a Very Common Problem with me, i seem to get this Error alot in other Places. But yeah echoing out the Session didn;t do anything :S

[DarkerAngel]

First of all you need to parse the Resource into an array

 

<?php
session_start();
$email=$_REQUEST['email'];
$password=$_REQUEST['password'];
$id1 = "SELECT id FROM players WHERE email='$email' AND password='$password'";
$id = mysql_query($id1);
$array = mysql_fetch_array($id);
echo ($array['id']."\n"); 
$_SESSION['id'] = $array['id'];

$sql = mysql_query("SELECT * FROM players WHERE id='".$array['id']."'");
$row = mysql_fetch_array($sql); //I don't understand why you don't just select * above
if($id)
{
echo"Hello world<br>";
} ?>

[Ads]

First of all you need to parse the Resource into an array

 

<?php
session_start();
$email=$_REQUEST['email'];
$password=$_REQUEST['password'];
$id1 = "SELECT id FROM players WHERE email='$email' AND password='$password'";
$id = mysql_query($id1);
$array = mysql_fetch_array($id);
echo ($array['id']."\n"; 
$_SESSION['id'] = $array['id'];

//$sql = mysql_query("SELECT * FROM players WHERE id='".$array['id']."'");
//$row = mysql_fetch_array($sql); //These rows are not necessary as $array has this data

if($id)
{
echo"Hello world<br>";
} ?>

 

But those Lines Get the players Info from the Databse and Put it into an Array, which I Use pretty Much eveywhere throughout the Website.

[haku]

Darkerangel was right though. You were pulling information out of the database, but it needs to be processed into something PHP can use before you can use it.

[Ads]

I tested what He Said, It works, But i it still doesn't get anything from the Databse. Like any Infomation at all

[haku]

What version of php are you using? I've never seen this $_REQUEST that you are using.

[DarkerAngel]

Well there's a few things I noticed about the script

 

1. It is requesting the password in clear text

 

If I where to enter EMAIL: [email protected] PASS: this_password.

 

It would request the DB just with those strings

 

2. There is no real validation, If the user doesn't exits it will still try to request the information and try to return a result.

 

3. The if($sql) line doesn't check for data, it checks to see if the SQL was executed without fault. If it was successful it will return true.

[DarkerAngel]

What version of php are you using? I've never seen this $_REQUEST that you are using.

$_REQUEST is vaild:

 

http://us2.php.net/manual/en/reserved.variables.php#reserved.variables.request

[Ads]

This is Almost Completely Independt from the Login script, apart from the email and password being sent across. So Before it reaches this inculed, it checks to see if the user is there, Other wise they can;'t log in.

[haku]

Interesting. I've never seen that. It should work then.

 

But I don't think its good programming - its overkill.

 

Anyways OP: Change your sql request to this:

 

$id = mysql_query($id1) or die("mysql error:" . mysql_error());

 

And see if its giving you an error. If you are getting no info from the database, its likely your having a problem with the request.

 

You should also try echoing $id1 to see what it says, and make sure the request is being formed correctly.

[DarkerAngel]

<?php
session_start();
$email=$_REQUEST['email'];
$password=$_REQUEST['password'];
$id1 = "SELECT * FROM players WHERE email='$email'";
$id = mysql_query($id1) or die("<b>MySQL Error</b>\nMySQL Returned: ".mysql_error()."\nQuery: ".$sql);
$rows = mysql_num_rows($id);
$array = mysql_fetch_array($id);
if($rows) {
if($password == $array['password']) {
	$_SESSION['id'] = $array['id'];
	echo("SUCCESS");
	$row = $array; //Gives you your $row for the user info
	$array = false;
} else {
	$array = false;
	echo("FAILED: Password Incorrect");
}
} else {
echo("FAILED: E-Mail not valid, or SQL Returned no Results");
}
?>

$row would still contain the user information.

[Ads]

'FAILED: E-Mail not valid, or SQL Returned no Results'

 

PHP is so Poo >.>

[DarkerAngel]

Well does the email really exist in the table? If not there's your problem.

[Ads]

yeah Becasue it still logs me in, Through my index.php Page Which the Redicts me to main.php Where this Database file is Inculded in.

[haku]

What do you get when you echo $email? Its very potentially empty.

[Ads]

What do you get when you echo $email? Its very potentially empty.

 

It is Empty indeed.

[DarkerAngel]

What do you get when you echo $email? Its very potentially empty.

 

It is Empty indeed.

 

I was about to suggest that...

 

If this is an include script, does the requesting file already have the email in a string? If so you can have it set before calling the include, and the variable will be taken over to the new file.

[Ads]

No the Email and password, are passed over Through a login script in another Page.

[DarkerAngel]

No the Email and password, are passed over Through a login script in another Page.

That Peice of Code is in an Include File, Which is Inculed in every page Apart from the Login page. So aftet I login I get this.

 

Resource id #4Hello world

Account Not Activated!

 

PHP Manual:

 

Request variables: $_REQUEST

 

    Note: Introduced in 4.1.0. There is no equivalent array in earlier versions.

 

    Note: Prior to PHP 4.3.0, $_FILES information was also included in $_REQUEST.

 

An associative array consisting of the contents of $_GET, $_POST, and $_COOKIE.

 

So where is the User and Password stored?

 

 

[Ads]

They are stored in the Database.