Problem with die.

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
ianhull
Forum Contributor
Posts: 310
Joined: Tue Jun 14, 2005 10:04 am
Location: Hull England UK

Problem with die.

Post by ianhull »

Hi Guys,

I am using this code but if the username and or password is wrong it still shows the usercontent page any ideas on how I can show an un authorised message?

Thanks

Code: Select all

<?php 
include ("connect.php"); 
$sql = "SELECT companyname, firstname, lastname, email, password, ulevel FROM users WHERE firstname='$_REQUEST[fname]' AND password='$_REQUEST[pwd]'"; 

$result = mysql_query($sql) 
or die ("Couldn't select $_REQUEST[fname]"); 

echo "\n"; 

while ($line = mysql_fetch_array($result))     
      { 
      extract($line);
      } 
echo "\n"; 
$usrlevel = $ulevel; 
$adminlevel = "1"; 
if ($usrlevel == $adminlevel){ 
    echo include_once("admincontent.php"); 
} else { 
    echo include_once("usercontent.php"); 
} 
?>
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

your query will execute perfectly without any error if the syntax is valid and does not return any rows
think you shd be using (mysql_num_rows($result) > 0 )to find a match. if not, echo an error.
User avatar
raghavan20
DevNet Resident
Posts: 1451
Joined: Sat Jun 11, 2005 6:57 am
Location: London, UK
Contact:

Post by raghavan20 »

how many of you guys use a die or trigger_error in similar situations???jus curious :)
ianhull
Forum Contributor
Posts: 310
Joined: Tue Jun 14, 2005 10:04 am
Location: Hull England UK

Post by ianhull »

Thanks for the advise.

I am new to all this and have not got a clue where I would put such code. can u help?

Thanks
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

examples here: die()
actual work, more likely to use trigger_error(), because of the massive logging system we use..
ianhull
Forum Contributor
Posts: 310
Joined: Tue Jun 14, 2005 10:04 am
Location: Hull England UK

Post by ianhull »

I have changed my code to this but now I have an error.

can anyone please help?

thanks

Code: Select all

<?php 
include ("connect.php"); 
$sql = "SELECT companyname, firstname, lastname, email, password, ulevel FROM users WHERE firstname='$_REQUEST[fname]' AND password='$_REQUEST[pwd]'"; 

$result = mysql_num_rows($sql) 
or die ("Couldn't select $_REQUEST[fname]"); 

echo "\n"; 

while ($line = mysql_fetch_array($result))      
      { 
      extract($line); 
      } 
echo "\n"; 
$usrlevel = $ulevel; 
$adminlevel = "1"; 
if ($usrlevel == $adminlevel){ 
    echo include_once("admincontent.php"); 
} else { 
    echo include_once("usercontent.php"); 
} 
?>
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

what was the error?
ianhull
Forum Contributor
Posts: 310
Joined: Tue Jun 14, 2005 10:04 am
Location: Hull England UK

Post by ianhull »

Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource on line 5
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

you mistakenly swapped mysql_num_rows() for mysql_query() .. raghavan20 was talking about placing mysql_num_rows() down with your authentication checks.
ianhull
Forum Contributor
Posts: 310
Joined: Tue Jun 14, 2005 10:04 am
Location: Hull England UK

Post by ianhull »

Thanks,

I switched it back and tried placing (mysql_num_rows($result) > 0 ) above my if else statement but no luck, it still return the usercontent page.

Any ideas how I could avoid this?

Thanks.

Code: Select all

<?php 
include ("connect.php"); 
$sql = "SELECT companyname, firstname, lastname, email, password, ulevel FROM users WHERE firstname='$_REQUEST[fname]' AND password='$_REQUEST[pwd]'"; 

$result = mysql_query($sql) 
or die ("Couldn't select $_REQUEST[fname]"); 

echo "\n"; 

while ($line = mysql_fetch_array($result))      
      { 
      extract($line); 
      } 
	  
echo "\n";
 
$usrlevel = $ulevel; 
$adminlevel = "1"; 
(mysql_num_rows($result) > 0 );
if ($usrlevel == $adminlevel){ 
    echo include_once("admincontent.php"); 
} else { 
    echo include_once("usercontent.php"); 
} 
?>
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Code: Select all

if(mysql_num_rows($result) > 0 )
{
  if ($usrlevel == $adminlevel){
      echo include_once("admincontent.php");
  } else {
      echo include_once("usercontent.php");
  }
}
ianhull
Forum Contributor
Posts: 310
Joined: Tue Jun 14, 2005 10:04 am
Location: Hull England UK

Post by ianhull »

Thanks for your help but it still does not seem to work.

Here is what I am trying to achieve.

A user logs in, if the users details are in the database then redirect them to the relevant page depending on there user level.

If the details are not in the database then they are sent to a page which says unauthorised access.

Is there another way of achieving this?

Thanks.

Code: Select all

<?php 
include ("connect.php"); 
$sql = "SELECT companyname, firstname, lastname, email, password, ulevel FROM users WHERE firstname='$_REQUEST[fname]' AND password='$_REQUEST[pwd]'"; 

$result = mysql_query($sql)
 or die ("Un Authorised Access");

echo "\n"; 

while ($line = mysql_fetch_array($result))      
      { 
      extract($line); 
      } 
	  
echo "\n";
$usrlevel = $ulevel;
$adminlevel = "1"; 
{
  if ($usrlevel == $adminlevel){ 
      echo include_once("admincontent.php"); 
  } else { 
      echo include_once("usercontent.php"); 
  } 
}  

?>
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

you didn't really use the code I posted. :?
ianhull
Forum Contributor
Posts: 310
Joined: Tue Jun 14, 2005 10:04 am
Location: Hull England UK

Post by ianhull »

I did i switched it back to try again.

I now have this problem.

my table column ulevel when printed returns 11 instead of 1 like it should any ideas why?

Code: Select all

<?php 
include ("connect.php"); 
$sql = "SELECT companyname, firstname, lastname, email, password, ulevel FROM users WHERE firstname='$_REQUEST[fname]' AND password='$_REQUEST[pwd]' ORDER BY companyname"; 

$r = mysql_query($sql);
if(!$r) {
$err=mysql_error();
print $err;
exit();
}
if(mysql_affected_rows()==0){
print "no such login in the system. please try again.";
exit();
}
else{
print "successfully logged into system.";
//proceed to perform website’s functionality – e.g. present information to the user
}
echo "

\n";

//-------------get each event type ------

while ($line = mysql_fetch_array($r))    
      {
      extract($line);      // extracts all line into variables with same name as fields 
      }
echo "\n";
$usrlevel = $line["ulevel"];
$adminlevel = "11"; 
{ 
  if ($usrlevel == $adminlevel){ 
      echo include_once("admincontent.php"); 
  } else { 
      echo include_once("usercontent.php"); 
  } 
}  
?>
<?php echo $ulevel ?>
ianhull
Forum Contributor
Posts: 310
Joined: Tue Jun 14, 2005 10:04 am
Location: Hull England UK

Post by ianhull »

SOLVED

Thanks for all your help.

very much appreciated.

Code: Select all

<?php 
include ("connect.php"); 
$sql = "SELECT companyname, firstname, lastname, email, password, ulevel FROM users WHERE firstname='$_REQUEST[fname]' AND password='$_REQUEST[pwd]' ORDER BY companyname"; 

$r = mysql_query($sql);
if(!$r) {
$err=mysql_error();
print $err;
exit();
}
if(mysql_affected_rows()==0){
print "no such login in the system. please try again.";
exit();
}
else{
print "successfully logged into system.";
//proceed to perform website’s functionality – e.g. present information to the user
}
echo "

\n";

//-------------get each event type ------

while ($line = mysql_fetch_array($r))    
      {
      extract($line);      // extracts all line into variables with same name as fields 
      }
echo "\n";
$usrlevel = "$ulevel";
$adminlevel = "1"; 
{ 
  if ($usrlevel == $adminlevel){ 
      echo include_once("admincontent.php"); 
  } else { 
      echo include_once("usercontent.php"); 
  } 
}  
?>
<?php echo $ulevel ?>
Post Reply