login page help

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
whatever20
Forum Newbie
Posts: 3
Joined: Wed Feb 10, 2010 2:01 am

login page help

Post by whatever20 »

:banghead:

I can't for the life of me get a login script to work. i have created the proper database table and fields, and got this code out of a book. when you hit the log in button, it brings up a blank white screen, no errors or anything. the username, password, database placeholders are filled in properly when the script runs.

a link to the login form: http://www.lawnacenj.com/newlogin/login_form.php

the login form:

Code: Select all

 
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Login Form</title>
</head>
 
<body>
 
<h1>Login Form</h1>
<FORM METHOD="POST" ACTION="login_script.php">
<p><strong>Username:</strong><br />
<INPUT TYPE="text" NAME="username" /></p>
<p><strong>Password:</strong><br />
<INPUT TYPE="password" NAME="password" /></p>
<p><INPUT TYPE="SUBMIT" NAME="submit" VALUE="Login" /></p>
</FORM>
</body>
</html>
 
the login script:

Code: Select all

 
<?php
// check for required fields from the form
if ((!$_POST[username]) || (!$_POST[password])) {
    header("Location: login_form.php");
    exit;
}
 
// connect to server and select database
$conn = mysql_connect("host", "user", "pass")
    or die(mysql_error());
mysql_select_db("dbname",$conn) or die(mysql_error));
 
// create and issue the query
$sql = "select f_name, l_name from auth_users where username = 
    '$_POST[username]' AND password = password('$POST[password]')";
$result = mysql_query($sql,$conn) or die(mysql_error());
 
// get the number of rows in the result set; should be 1 if match
if (mysql_num_rows($result) == 1) {
 
    // if authorized, get the values of f_name l_name
    $f_name = mysql_result($result, 0, 'f_name');
    $l_name = mysql_result($result, 0, 'l_name');
    
    //set authorization cookie
    setcookie("auth", "1", 0, "/", "lawnacenj.com", 0);
    
    //prepare message for printing, and user menu
    $msg = "<P>$f_name $l_name is authorized!</p>";
    $msg .= "<p>Authorized Users' Menu:";
    $msg .= "<ul><li><a href=\"listing15.8.php\">secret page</a></ul>";
    
}else {
 
    //redirect back to login form if not authorized
    header("Location: login_form.php");
    exit;
}
?>
<html>
<head>
<title>User Login</title>
</head>
<body>
<?php 
print "$msg";
?>
</body>
</html>
 
thanks in advance!
josh
DevNet Master
Posts: 4872
Joined: Wed Feb 11, 2004 3:23 pm
Location: Palm beach, Florida

Re: login page help

Post by josh »

Put echo/exit statements on every line until you find the problem.
User avatar
social_experiment
DevNet Master
Posts: 2793
Joined: Sun Feb 15, 2009 11:08 am
Location: .za

Re: login page help

Post by social_experiment »

I found 2 errors, first one, syntax (just after pasting your code and running it, without manipulation to the query or any code for that matter, i received an error / warning) :

Code: Select all

<?php  $conn = mysql_connect("host", "user", "pass")
     or die(mysql_error());
 mysql_select_db("dbname",$conn) or die(mysql_error)); ?>
should be :

Code: Select all

<?php  $conn = mysql_connect("host", "user", "pass")
     or die(mysql_error());
 mysql_select_db("dbname",$conn) or die(mysql_error()); ?>
secondly, your query with which you search the database is not quite correctly phrased :

Code: Select all

<?php $sql = "select f_name, l_name from auth_users where username =
     '$_POST[username]' AND password = password('$POST[password]')";
 $result = mysql_query($sql,$conn) or die(mysql_error()); ?>
You are checking the password field with the value ' password('$POST[password']') '. Is the password() you wrapped $POST[password] in a function? $POST[password] should be $_POST[password]. The working query looks like :

Code: Select all

<?php  $sql = "select f_name, l_name from auth_users where username =
     '".$_POST[username]."' AND password = '".$_POST[password]."' ";
 $result = mysql_query($sql,$conn) or die(mysql_error()); ?>
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
whatever20
Forum Newbie
Posts: 3
Joined: Wed Feb 10, 2010 2:01 am

Re: login page help

Post by whatever20 »

thanks so much for taking a look.

now i am getting the following error when the password is correct OR incorrect:

Access denied for user 'myusername'@'mail19.empiredatatech.com' (using password: YES)

i have submitted a support ticket for this problem... any heads up as to what it means? i assume for some reason it is not giving the script access to the database.
whatever20
Forum Newbie
Posts: 3
Joined: Wed Feb 10, 2010 2:01 am

Re: login page help

Post by whatever20 »

actually, it's working now.

my hosting company gave me the wrong database info.

thank you again for all the help!
Post Reply