An EXTREME smurf

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Jim
Forum Contributor
Posts: 238
Joined: Fri Apr 19, 2002 5:26 am
Location: Near Austin, Texas

An EXTREME smurf

Post by Jim »

I'm working on a login script and I've got a table, cm_admin. In the table there are the following fields/values:

id- 1
name - Jim
pass - pass
email - jim@jim.com

This is the login page's code:

Code: Select all

<HTML>
	<HEAD><TITLE>Prodigy Login Script v1.1</TITLE></HEAD>

<BODY>

<form method=post action="login2.php">

Name: <input type=text name=name><BR>
Pass: <input type=text name=pass><BR><BR>

<input type=submit value=submit>  <input type=reset>

</form>

</BODY>
Here is the login2.php code:

Code: Select all

<?
ob_start();
include("../../clanmanager/config.php");


$sql = "SELECT * FROM cm_admin WHERE name=$name and pass=$pass";
$result = mysql_query($sql) or die ("Unable to get results."); 
$num = mysql_numrows($result) or die ("Your Username and/or Password are incorrect.  If you feel you have recieved this message in error, please contact the <a href="mailto:website@hot.rr.com">webmaster</a>"); 
if ($num == 1) { 
print("Welcome to ClanManager!  You are logged in as $name !");


setcookie("p_user",$username,time()+1209600,"/","maxxxtorque.com","0");
ob_end_flush();

}
print("<BR><BR>Return to <a href="/prodigy">Prodigy</a>");

?>
What the hell is the problem?

Thanks!
User avatar
fatal
Forum Contributor
Posts: 118
Joined: Sat Apr 20, 2002 10:47 am
Location: East Coast

Post by fatal »

Whats the error MySQL is sending you? Also, using the mysql_error() function is pretty descriptive about what is exactly wrong. And one other thing, try not using the die function, use:

if( !$result)
{
echo"error";
}

And stuff like that.
User avatar
phice
Moderator
Posts: 1416
Joined: Sat Apr 20, 2002 3:14 pm
Location: Dallas, TX
Contact:

Post by phice »

Code: Select all

setcookie("p_user",$username,time()+1209600,"/","maxxxtorque.com","0");
I'm not sure hot to exactly set cookies, but I'm sure there isn't a p_user, nor a $username in that whole program. you may need to rename one of those till you get it right.
Image Image
samscripts
Forum Commoner
Posts: 57
Joined: Tue Apr 23, 2002 4:34 pm
Location: London, UK

Post by samscripts »

Hi, not sure if this is where the problem is but in:

Code: Select all

$sql = "SELECT * FROM cm_admin WHERE name=$name and pass=$pass";
the name=$name and pass=$pass should be enclosed in quotes (as all strings should be in sql query

ie:

Code: Select all

$sql = "SELECT * FROM cm_admin WHERE name='$name' AND pass='$pass'";]
like fatal says, use mysql_error(), but add the $sql to it as well

Code: Select all

$result = mysql_query($sql) or die("sql error:". mysql_error()."<br>$sql");
or is the problem with the cookie?

sam
DSM
Forum Contributor
Posts: 101
Joined: Thu May 02, 2002 11:51 am
Location: New Mexico, USA

Post by DSM »

$num = mysql_numrows($result) or die ("Your Username and/or Password are incorrect. If you feel you have recieved this message in error, please contact the <a href="mailto:website@hot.rr.com">webmaster</a>");
if ($num == 1) {
print("Welcome to ClanManager! You are logged in as $name !");
I don't see where you are going with the die statement from $num = mysql_numrows($result) or die... Whats the trigger for the die statement?
I do logins like this.

Code: Select all

if($num == 0):
echo"Your Username and/or Password are incorrect.  If you feel you have recieved this message in error, please contact the <a href="mailto:website@hot.rr.com">webmaster</a>";
else:
echo"Welcome to ClanManager!  You are logged in as $name !"; 
endif;
Hope this helped.
User avatar
fatal
Forum Contributor
Posts: 118
Joined: Sat Apr 20, 2002 10:47 am
Location: East Coast

Post by fatal »

Phice:
int setcookie ( string name [, string value [, int expire [, string path [, string domain [, int secure]]]]])

Example 1. setcookie() send examples

setcookie ("TestCookie", $value);
setcookie ("TestCookie", $value,time()+3600); /* expire in 1 hour */

But the '$value' should be replaced by '$name' instead of '$username'
User avatar
phice
Moderator
Posts: 1416
Joined: Sat Apr 20, 2002 3:14 pm
Location: Dallas, TX
Contact:

Post by phice »

Exactly what I was thinking. :)
Image Image
Post Reply