Page 1 of 1

Theres no ERROR!!!!

Posted: Wed Feb 18, 2004 8:52 am
by Ne0
THERES NO ERROR! thats realy wierd, I just started out with PHP (and im switching from ASP to PHP) and i made a simple login script (wich threw tons of errors) and now that i fixed em, there are no errors.

In fact, its not returning anything!
Dont worry about the registered thing, i need the login right now.

Code: Select all

<?php
if ($_Get['a'] == "reg") {
	$user="ne0";
	$password="****";
	$database="db";
	mysql_connect(localhost,$user,$password);
	@mysql_select_db($database) or die("Unable to select database<br>");

	$name = $_POST['username'];
	$p = $_POST['password'];
	$email = $_POST['email'];
	$sig = $_POST['signature'];
	$avatar = $_POST['avatar'];
	$web = $_POST['web'];

	$query = "INSERT INTO users (id,name,password,email,sig,avatar,web) VALUES ('','$name','$p','$email','$sig','$avatar','$email')";
	
	$result = mysql_query($query) or die (mysql_error());
	if ($result) {
		echo("Logged in succesfully"); 
	} else {
		echo("Invalid UserName or Password"); 
	}
	echo("echo");
mysql_close();
}   


if ($_Get['a'] == "login") {
	$user="ne0";
	$password="****";
	$database="db";
	mysql_connect(localhost,$user,$password);
	@mysql_select_db($database) or die("Unable to select database<br>");
	$query="SELECT * FROM users WHERE name=" . $_Post['username'] ." and password=" . $_Post['password'] . "";
	$result = mysql_query($query) or die (mysql_error());
	if ($result) {
		echo("Logged in succesfully"); 
	} else {
		echo("Invalid UserName or Password"); 
	}
	echo("please work");
mysql_close();
}
?>
thanks in advanced

EDIT: o yea, i know i dont have anything that takes action to accually logging in, but later on i will make it set a cookie and session.

Posted: Wed Feb 18, 2004 9:30 am
by markbeadle
Only had a quick look at your code but PHP is case sensitive for variables.

Try $_GET not $_Get and $_POST not $_Post.

If this doesn't work try putting some extra debug echo messages in where you think you program should by going to.

Posted: Wed Feb 18, 2004 9:39 am
by Ne0
ok, now its returning:
You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1
whole page:

Code: Select all

<?
if( $_GET['a'] == "admin_addtable") {
	$user=$_POST['user'];
	$password=$_POST['password'];
	$database="db";
	mysql_connect(localhost,$user,$password);
	@mysql_select_db($database) or die("Unable to select database<br><a href=admin.php>Return to Admin Page</a>");
	$query=$_POST['query'];
	$result = mysql_query($query);

	if ($result) {
		echo("Table created successfully.<br><a href=admin.php>Return to Admin Page</a>"); 
	} else {
		echo("error when creating table:" . mysql_error() . ""); 
	} 


	mysql_close();
}


if ($_GET['a'] == "reg") {
	$user="ne0";
	$password="****";
	$database="db";
	mysql_connect(localhost,$user,$password);
	@mysql_select_db($database) or die("Unable to select database<br>");

	$name = $_POST['username'];
	$p = $_POST['password'];
	$email = $_POST['email'];
	$sig = $_POST['signature'];
	$avatar = $_POST['avatar'];
	$web = $_POST['web'];

	$query = "INSERT INTO users (id,name,password,email,sig,avatar,web) VALUES ('','$name','$p','$email','$sig','$avatar','$email')";
	
	$result = mysql_query($query) or die (mysql_error());
	if ($result) {
		echo("Logged in succesfully"); 
	} else {
		echo("Invalid UserName or Password"); 
	}
	echo("echo");
mysql_close();
}   


if ($_GET['a'] == "login") {
	$user="ne0";
	$password="****";
	$database="db";
	mysql_connect(localhost,$user,$password);
	@mysql_select_db($database) or die("Unable to select database<br>");
	$query="SELECT * FROM users WHERE name=" . $_POST['username'] ." and password=" . $_POST['password'] . "";
	$result = mysql_query($query) or die (mysql_error());
	if ($result) {
		echo("Logged in succesfully"); 
	} else {
		echo("Invalid UserName or Password"); 
	}
	echo("please work");
mysql_close();
}
?>

Posted: Wed Feb 18, 2004 9:43 am
by dull1554

Code: Select all

$query="SELECT * FROM users WHERE name=$_POST['username'] and password=$_POST['password']";
try that, and welcome to the wide world of PHP

Posted: Wed Feb 18, 2004 9:49 am
by markl999
Probably need to do :
$query="SELECT * FROM users WHERE name='{$_POST['username']}' and password='{$_POST['password']}'";

or it will treat the $_POST vars as column names.

Posted: Wed Feb 18, 2004 9:54 am
by Ne0
aha, thank you, markl999

thanks everyone else who helped 2 :)

Posted: Wed Feb 18, 2004 9:58 am
by Ne0
wait, now it still sais my login is successful, no matter what i enter....

Posted: Wed Feb 18, 2004 10:22 am
by markl999
Instead of doing if ($result) { do ..
if(mysql_num_rows($result)) {

Posted: Wed Feb 18, 2004 10:32 am
by Ne0
thank u thank u thank u thank u lol :)

Posted: Wed Feb 18, 2004 10:32 am
by Ne0
EDIT: oops, double posted by accident, my bad