designedfree4u Posted March 21, 2008 Share Posted March 21, 2008 Line 39 1. <?php 2. 3. session_start(); 4. 5. if(isset($_REQUEST['submit'])) 6. { 7. $username = $_POST['username']; 8. $password = md5($_POST['password']); 9. 10. setcookie('username', $username); 11. 12. // Location of the user area 13. $user_area_location = 'account.php'; 14. 15. // Connect to MySQL database: 16. $username=""; 17. $password=""; 18. $database=""; 19. 20. mysql_connect("localhost",$username,$password); 21. @mysql_select_db($database) or die( "Unable to select database"); 22. 23. $error = array(); 24. if(isset($_GET['action'])) 25. { 26. switch($_GET['action']) 27. { 28. case 'logoff': 29. session_destroy(); 30. array_push($error, 'You were logged off.'); 31. break; 32. } 33. } 34. 35. if(count($error) == 0) 36. { 37. if(empty($_POST['username'])) 38. { 39. array_push($error, 'You didn't supply a username'); 40. } 41. if(empty($_POST['password'])) 42. { 43. array_push($error, 'You didn't supply a password'); 44. } 45. 46. $result = @mysql_query('SELECT name FROM `users` WHERE username = ''.mysql_real_escape_string($username).'' AND password = ''. 47. $password.'''); 48. if(mysql_num_rows($result) > 0) 49. { 50. $_SESSION['loggedIn'] = true; 51. header('Location: '.$user_area_location); 52. exit; // stops the script from running after redirect 53. } 54. else 55. { 56. array_push($error, 'The credentials you provided were not correct'); 57. } 58. } 59. } 60. ?> 61. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> 62. <html xmlns="http://www.w3.org/1999/xhtml"> 63. <head> 64. <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> 65. <title>Login</title> 66. </head> 67. <body> 68. <table width="284" height="162" border="0" cellpadding="0" cellspacing="2"> 69. <form method="post" action="login.php"> 70. <?php if((isset($error)) && (count($error) > 0)): ?> 71. <tr> 72. <td colspan="2"> <ul> 73. <?php foreach($error as $message) { echo '<li>'.$message.'</li>'; } ?> 74. </ul></td> 75. </tr> 76. <?php endif; ?> 77. <tr> 78. <td>Username:</td> 79. <td><input type="text" name="username" value="<?= isset($_REQUEST['username']) ? $_REQUEST['username'] : '' ?>" /></td> 80. </tr> 81. <tr> 82. <td>Password:</td> 83. <td><input type="password" name="password" /></td> 84. </tr> 85. <tr> 86. <td> </td> 87. <td><input type="submit" name="submit" value="Login!" /></td> 88. </tr> 89. <tr> 90. <td colspan="2">Not a User? <a href="register.php">Register Here</a></td> 91. </tr> 92. </form> 93. </table> 94. </body> 95. </html> Link to comment https://forums.phpfreaks.com/topic/97268-can-you-till-me-whats-wrong-with-line-39/ Share on other sites More sharing options...
MadTechie Posted March 21, 2008 Share Posted March 21, 2008 the single quote array_push($error, 'You didn't supply a username'); change to array_push($error, 'You didn\'t supply a username'); or array_push($error, "You didn't supply a username"); Link to comment https://forums.phpfreaks.com/topic/97268-can-you-till-me-whats-wrong-with-line-39/#findComment-497720 Share on other sites More sharing options...
designedfree4u Posted March 21, 2008 Author Share Posted March 21, 2008 that worked thanks, how about this one? $result = @mysql_query('SELECT name FROM users WHERE username = ''.mysql_real_escape_string($username).'' AND password = ''$password.'''); Link to comment https://forums.phpfreaks.com/topic/97268-can-you-till-me-whats-wrong-with-line-39/#findComment-497773 Share on other sites More sharing options...
refiking Posted March 21, 2008 Share Posted March 21, 2008 Try this... $result = @mysql_query("SELECT name FROM users WHERE username = '.mysql_real_escape_string($username).' AND password = '$password.'"); Link to comment https://forums.phpfreaks.com/topic/97268-can-you-till-me-whats-wrong-with-line-39/#findComment-497781 Share on other sites More sharing options...
papaface Posted March 21, 2008 Share Posted March 21, 2008 ^^^ should be: $result = mysql_query("SELECT `name` FROM `users` WHERE `username` = '".mysql_real_escape_string($username)."' AND `password` = '".$password."'") or die (mysql_error()); Link to comment https://forums.phpfreaks.com/topic/97268-can-you-till-me-whats-wrong-with-line-39/#findComment-497784 Share on other sites More sharing options...
uniflare Posted March 21, 2008 Share Posted March 21, 2008 google php concatenation or something, this is basic syntax, im sure there are lots of beginner tutorials out there . always check syntax when debugging, quotes and missing/extra characters are usally the culprit. Link to comment https://forums.phpfreaks.com/topic/97268-can-you-till-me-whats-wrong-with-line-39/#findComment-497788 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.