Page 1 of 4

This script works on my localhost but not on my server

Posted: Wed Mar 03, 2004 7:55 am
by Wee-Man
can anyone help below i have been writing a script, it was an old login script i have used, not all i want it for is to put names into a database, no password or email but if i change the html it still works locally and adds the loginName to my database but when i put it online it doesnt.

the file containing the information about user,database is called dogs.inc and i was wandering if anyone can help me, below is the main script, ifnore the first case which is login becuase it is no longer a login script just used for adding names to a database.

Code: Select all

<?php

 session_start();

 session_register('auth');

 session_register('logname');

 include("dogs.inc");

 switch (@$do)

 &#123;

   case "login";

     $connection = mysql_connect($host ,$user,$password)

             or die ("<font face='verdana' color='#e1e1e1' size='1'>Couldn't connect to server1.");

     $db = mysql_select_db($database, $connection)

             or die ("<font face='verdana' color='#e1e1e1' size='1'>Couldn't connect to server2.");



     $sql = "SELECT loginName FROM member

             WHERE loginName='$logname'";

     $result = mysql_query($sql)

             or die ("<font face='verdana' color='#e1e1e1' size='1'>Couldn't connect to server3.");

     $num = mysql_num_rows($result);

     if ($num == 1)  // login name was found

     &#123;

        $sql = "SELECT loginName FROM member

          WHERE loginName='$fusername'

          AND password=password('$fpassword')";

     $result2 = mysql_query($sql)

            or die("<font face='verdana' color='#e1e1e1' size='1'>Couldn't execute query4.");

     $num2 = mysql_num_rows($result2);

     if ($num2 > 0) // password is correct

     &#123;

       $auth="yes";

       $logname=$fusername;

       $today = date("d-m-y h:m:s");

       $sql = "INSERT INTO Login (loginName,loginTime)

               VALUES ('$logname','$today')";
               $message="<font face='verdana' color='#e1e1e1' size='1'>Thank you for loging in";

       mysql_query($sql) or die("<font face='verdana' color='#e1e1e1' size='1'>Can't execute query.5");
       $message = "<font face='verdana' color='#e1e1e1' size='1'>$fusername you are now being logged in. Thank You";
       header("location: members_page.php");

     &#125;

     else    // password is not correct

     &#123;

       unset($do);

       $message="<font face='verdana' color='#e1e1e1' size='1'>The Login Name, '$fusername' exists,

                 but you have not entered the correct

                 password! Please try again.<br>";

       include("login_form.inc");

     &#125;

    &#125;

    elseif ($num == 0) //login name not found

    &#123;

       unset($do);

       $message = "<font face='verdana' color='#e1e1e1' size='1'>The login name you entered does not

                   exist!Please try again.<br>";

       include("login_form.inc");

    &#125;

    break;



    case "new":
         /*check to see is login name already exists*/

         $connection = mysql_connect($host, $user,$password)

                       or die ("Couldn't connect to server1.");

         $db = mysql_select_db($database, $connection)

                       or die ("Couldn't connect to database1.");

         $sql = "SELECT loginName FROM member

                 WHERE loginName='$newname'";

         $result = mysql_query($sql)

                       or die("Couldn't execute query6.");

         $num = mysql_numrows($result);

         if ($num > 0)

         &#123;

            unset($do);

            $message_new = "<font face='verdana' color='#e1e1e1' size='1'>$newname already used. Select another

                            Member ID.";

            include("login_form.inc");

            exit();

         &#125;

         else

         &#123;

            $today = time("Y-m-d");
            $sql = "INSERT INTO member (loginName,password,

                     email) VALUES

                    ('$newname',password('$newpass'),'$email')";

            mysql_query($sql);

            $auth="yes";

           
            

         &#125;

         break;



         default:

             include("login_form.inc");

 &#125;

?>
if anyone has anything much more simple can they please help :(

Posted: Wed Mar 03, 2004 8:06 am
by malcolmboston
no changes just using syntax highlighting

Code: Select all

<?php 

session_start(); 

session_register('auth'); 

session_register('logname'); 

include("dogs.inc"); 

switch (@$do) 

{ 

   case "login"; 

     $connection = mysql_connect($host ,$user,$password) 

             or die ("<font face='verdana' color='#e1e1e1' size='1'>Couldn't connect to server1."); 

     $db = mysql_select_db($database, $connection) 

             or die ("<font face='verdana' color='#e1e1e1' size='1'>Couldn't connect to server2."); 



     $sql = "SELECT loginName FROM member 

             WHERE loginName='$logname'"; 

     $result = mysql_query($sql) 

             or die ("<font face='verdana' color='#e1e1e1' size='1'>Couldn't connect to server3."); 

     $num = mysql_num_rows($result); 

     if ($num == 1)  // login name was found 

     { 

        $sql = "SELECT loginName FROM member 

          WHERE loginName='$fusername' 

          AND password=password('$fpassword')"; 

     $result2 = mysql_query($sql) 

            or die("<font face='verdana' color='#e1e1e1' size='1'>Couldn't execute query4."); 

     $num2 = mysql_num_rows($result2); 

     if ($num2 > 0) // password is correct 

     { 

       $auth="yes"; 

       $logname=$fusername; 

       $today = date("d-m-y h:m:s"); 

       $sql = "INSERT INTO Login (loginName,loginTime) 

               VALUES ('$logname','$today')"; 
               $message="<font face='verdana' color='#e1e1e1' size='1'>Thank you for loging in"; 

       mysql_query($sql) or die("<font face='verdana' color='#e1e1e1' size='1'>Can't execute query.5"); 
       $message = "<font face='verdana' color='#e1e1e1' size='1'>$fusername you are now being logged in. Thank You"; 
       header("location: members_page.php"); 

     } 

     else    // password is not correct 

     { 

       unset($do); 

       $message="<font face='verdana' color='#e1e1e1' size='1'>The Login Name, '$fusername' exists, 

                 but you have not entered the correct 

                 password! Please try again.<br>"; 

       include("login_form.inc"); 

     } 

    } 

    elseif ($num == 0) //login name not found 

    { 

       unset($do); 

       $message = "<font face='verdana' color='#e1e1e1' size='1'>The login name you entered does not 

                   exist!Please try again.<br>"; 

       include("login_form.inc"); 

    } 

    break; 



    case "new": 
         /*check to see is login name already exists*/ 

         $connection = mysql_connect($host, $user,$password) 

                       or die ("Couldn't connect to server1."); 

         $db = mysql_select_db($database, $connection) 

                       or die ("Couldn't connect to database1."); 

         $sql = "SELECT loginName FROM member 

                 WHERE loginName='$newname'"; 

         $result = mysql_query($sql) 

                       or die("Couldn't execute query6."); 

         $num = mysql_numrows($result); 

         if ($num > 0) 

         { 

            unset($do); 

            $message_new = "<font face='verdana' color='#e1e1e1' size='1'>$newname already used. Select another 

                            Member ID."; 

            include("login_form.inc"); 

            exit(); 

         } 

         else 

         { 

            $today = time("Y-m-d"); 
            $sql = "INSERT INTO member (loginName,password, 

                     email) VALUES 

                    ('$newname',password('$newpass'),'$email')"; 

            mysql_query($sql); 

            $auth="yes"; 

            
            

         } 

         break; 



         default: 

             include("login_form.inc"); 

} 

?>

Posted: Wed Mar 03, 2004 8:09 am
by malcolmboston
1st error ive spotted

Code: Select all

if ($num == 1)  // login name was found 

     { 

        $sql = "SELECT loginName FROM member 

          WHERE loginName='$fusername' 

          AND password=password('$fpassword')"; 

     $result2 = mysql_query($sql) 

            or die("<font face='verdana' color='#e1e1e1' size='1'>Couldn't execute query4."); 

     $num2 = mysql_num_rows($result2); 

     if ($num2 > 0) // password is correct
you havent closed the if statement tag { }unless ive gone blind

Posted: Wed Mar 03, 2004 8:11 am
by Wee-Man
That doesnt matter, because the only bit that is being used is the case "new" and not login, all im using it for is in html 1 box the user enters a name and it goes to a database. the login is not necacerry in other words it does not get used.

Posted: Wed Mar 03, 2004 8:14 am
by twigletmac
Which version of PHP are you using locally and which version is on your host?

Mac

Posted: Wed Mar 03, 2004 8:14 am
by JayBird
is the version o PHP on the server the same as on your machine?

Do you recieve any errors?

Mark

Posted: Wed Mar 03, 2004 8:14 am
by markl999
I'm guessing that script requires register_globals to be On (apart from a major rewrite ;)), so i'd first check that your online host has register_globals On before going any further. You can check by creating a <?php phpinfo() ?> page

Posted: Wed Mar 03, 2004 8:16 am
by Wee-Man
i will just check what version i am running and what version my host is running.

Posted: Wed Mar 03, 2004 8:21 am
by Wee-Man
the host im using is running PHP version 4.3.3
i am running PHP Version 4.0.6 locally,

i dont get no errors from my host it just ads nothing to the databases.

Posted: Wed Mar 03, 2004 8:22 am
by Wee-Man
and my hosts register_globals are on

Posted: Wed Mar 03, 2004 8:22 am
by markl999
Between 4.3.3 and 4.0.6 register_globals is Off by default, did you check that?
I'd add an error_reporting(E_ALL); as the very first line of the script. It should highlight some problems.

editOk, i posted too late, globals are On ;) I'd still add the error_reporting(E_ALL) though :o

Posted: Wed Mar 03, 2004 8:23 am
by twigletmac
Definitely upgrade your local PC to 4.3 - then we can help you rewrite your code to behave better with a default setup of the lastest versions of PHP.

Mac

Posted: Wed Mar 03, 2004 8:23 am
by Wee-Man
ok, may i ask what difference it makes?

Posted: Wed Mar 03, 2004 8:24 am
by markl999
You'll be able to use the new superglobals like $_SESSION instead of session_register() for one.

Posted: Wed Mar 03, 2004 8:24 am
by JayBird
Firstly - Upgrade the version of PHP on you machine, that one is hella old

You will need to access variables posted variables like this, because register globals will be off in the later version of PHP.

Code: Select all

$_GET['fusername']
Mark