Page 1 of 1

Game!

Posted: Mon Mar 15, 2004 10:02 am
by SilverMist
Let's play a little game of find the error, shall we? This is my login processing script, which *kicks the script* refuses to work.

Code: Select all

<?php
      $host = "localhost";
      $dbusername = "DBUSERNAME";
      $password = "DBPASS";
      $database = "DB";
      $server = mysql_connect($host, $dbusername, $password) or die(mysql_error());                        
      $rs = mysql_select_db($database  , $server);

$username = $HTTP_POST_VARS['txtName'];
$password = $HTTP_POST_VARS['txtPassword'];

$rs = mysql_query("SELECT * FROM Members WHERE Name = '$username' AND Password = '$password' ");

//if the user exists
if (mysql_num_rows($rs)>0)
{
  //make a cookie for the user
  setcookie("loginname",$username);
}
if (mysql_num_rows($rs)>1)
{
  echo("You have not registered. <a href="join.php">Click here to register</a>");
?>
So there it is. Have fun trying to figure it out! The error I'm getting is Parse on Line 22.

Re: Game!

Posted: Mon Mar 15, 2004 10:15 am
by TheBentinel.com
SilverMist wrote:Let's play a little game of find the error, shall we?

Code: Select all

if (mysql_num_rows($rs)>1)
{
  echo("You have not registered. <a href="join.php">Click here to register</a>");
?>
So there it is. Have fun trying to figure it out! The error I'm getting is Parse on Line 22.
You need to close the brackets for your last "if":

Code: Select all

if (mysql_num_rows($rs)>1)
{
  echo("You have not registered. <a href="join.php">Click here to register</a>");
}
?>
Did that fix it?

Posted: Mon Mar 15, 2004 10:20 am
by SilverMist
Nope. I am still recieving the error.

Posted: Mon Mar 15, 2004 10:40 am
by JayBird
do as TheBentinel.com said, and also
change this line...

Code: Select all

echo("You have not registered. <a href="join.php">Click here to register</a>");
to

Code: Select all

echo("You have not registered. <a href="join.php">Click here to register</a>");
You need to escape the double-quotes

Mark

Posted: Mon Mar 15, 2004 10:45 am
by m3mn0n
This line:

Code: Select all

if (mysql_num_rows($rs)>1)
Should be:

Code: Select all

if (mysql_num_rows($rs)<1)
Also, you should encrypt the passwords within the database. For security concerns it's highly recommended.

More info, see: [php_man]md5[/php_man]()