Page 2 of 3
Posted: Sat Oct 08, 2005 8:10 pm
by Charles256
because you didn't make hte changes i told you...unless your database is called localhost (Which i highly doubt) you aer calling the wrong database.
edit: indent your code also. i.e.this is good..
Code: Select all
<?php
if
{
something
if
{
lets indent deeper
}
this code obviously belongs to the first if
}
?>
Code: Select all
<?php
if{this is bad } else { andmay not even compile } help me!
?>
Posted: Sat Oct 08, 2005 8:16 pm
by mickd
Code: Select all
if (! isset($_SESSION['name'])) {
if (isset ($_POST['username'])) {
if (mysql_num_rows($result) == 1) {
}
} else {
echo ("Sorry but you are not authorize to view this page.");
}
}
looking at that itll show you which if goes with what. the only way for Sorry but you are not authorize to view this page. to appear is if $_POST['username'] is not set...
make sure on the page with the actual form you spelt all the names right.
also
in the query
Code: Select all
$query = "SELECT name FROM user_handle.user WHERE username='$person' AND password='$pwd'";
are you sure you want user_handle.user? normally i only see people use field.table when they have 2 or more tables in 1 query
normal format:
Code: Select all
$query = "SELECT fields FROM table WHERE username='$person' AND password='$pwd'";
Posted: Sat Oct 08, 2005 8:17 pm
by camhabib
It is a localhost database, I have another app using a database on the same computer which calls to "mysql" and it works perfectly. I did the indenting so it looks somewhat more organized, however I'm still getting that error.
Posted: Sat Oct 08, 2005 8:18 pm
by Charles256
bah.. database= name of database. in mysql connect you probably need to put localhost in the first field, not that crap you put.
Posted: Sat Oct 08, 2005 8:26 pm
by mickd
im going to rewrite this
Code: Select all
<?php
session_start();
if (!isset($_SESSION['name'])) {
if (isset ($_POST['username'])) { // check if you spelt username right in the form
$person = $_POST['username'];
$pwd = $_POST['password'];
$username="abc";
$password="abc";
$host="localhost"; // in most cases its localhost
$database="database"; // add name of database here
mysql_connect($host, $username, $password);
mysql_select_db($database) or die("Unable to connect to database. Please contact the webmaster for further assistance."); //you spelt $database wrong before
$query = "SELECT name FROM user_handle.user WHERE username='$person' AND password='$pwd'"; // make sure its supposed to be user_handle.user
$result = mysql_query($query);
if (mysql_num_rows($result) == 1) {
include ("admin.html");
}
} else {
echo ("Sorry but you are not authorize to view this page.");
}
}
?>
Posted: Sat Oct 08, 2005 8:27 pm
by camhabib
Charles, like I said before, I have a form and a counter both using mysql databases that are linked in that manor to their tables and word correctly. I also feel safer using a very specific target table just incase I ever decide to expand the site and add extra tables.
Posted: Sat Oct 08, 2005 8:34 pm
by Charles256
move
Code: Select all
else {
echo ("Sorry but you are not authorize to view this page.");
}
before the } in front of the else.
Posted: Sat Oct 08, 2005 8:34 pm
by mickd
i think at the bottom you want it like this
Code: Select all
if (mysql_num_rows($result) == 1) {
include ("admin.html");
} else {
echo ("Sorry but you are not authorize to view this page.");
}
}
}
that way itll show Sorry but you are not authorize to view this page. only if mysql_num_rows didnt find 1 match.
if after you change that and it doesnt show the login at all itll be because S_SESSION['name'] is set or what i think itll be $_POST['username'] isnt set because you misspelt name="username" in the form where it has <input type="text" name="username" />
Posted: Sat Oct 08, 2005 8:35 pm
by camhabib
Mickd, thanks for rewriting it and catching that error. I did check on those things, username is spelt correctly in the form and the correct table is targeted. I still however get that same message. Is there another part to this whole thing that I am missing?
mickd wrote:im going to rewrite this
Code: Select all
<?php
session_start();
if (!isset($_SESSION['name'])) {
if (isset ($_POST['username'])) { // check if you spelt username right in the form
$person = $_POST['username'];
$pwd = $_POST['password'];
$username="abc";
$password="abc";
$host="localhost"; // in most cases its localhost
$database="database"; // add name of database here
mysql_connect($host, $username, $password);
mysql_select_db($database) or die("Unable to connect to database. Please contact the webmaster for further assistance."); //you spelt $database wrong before
$query = "SELECT name FROM user_handle.user WHERE username='$person' AND password='$pwd'"; // make sure its supposed to be user_handle.user
$result = mysql_query($query);
if (mysql_num_rows($result) == 1) {
include ("admin.html");
}
} else {
echo ("Sorry but you are not authorize to view this page.");
}
}
?>
Posted: Sat Oct 08, 2005 8:45 pm
by camhabib
Can someone show me how the database is supposed to be set up here? I have one that’s set up with a primary auto increment, name, username, and password. There is one entry, primary of 1, name of test, username of test, and password of test. Should that be different?
Posted: Sat Oct 08, 2005 8:48 pm
by mickd
Code: Select all
SELECT name FROM user_handle.user WHERE username='$person' AND password='$pwd'
try changing the query to
Code: Select all
SELECT username, password FROM user_handle.user WHERE username='$person' AND password='$pwd'
that FROM user_handle.user i still think should just be user, dont know where you got the user_handle from

Posted: Sat Oct 08, 2005 8:54 pm
by camhabib
I have a mysql installment on a localhost that is refrensed to by "mysql". I then have a database called "user_handle" and a table within it called "user". I was tought to use the database.table format from someplace. I just checked it in one of my books and they use it too (Begining PHP5 and MySQL bu Apress). Still no luck with that change in code. I think it has something to do with starting a new session. I don't see anything in the app to name a new session if one isn't already started.
Posted: Sat Oct 08, 2005 9:00 pm
by mickd
oh now i see, according to what you say it should be like this
Code: Select all
$query = "SELECT username, password FROM user WHERE username='$person' AND password='$pwd'";
and this should be
when you use the mysql_select_db you insert the name of the database, when you use the query the FROM clause asks for the table name.
EDIT: can you post an update on your code?
Posted: Sat Oct 08, 2005 9:11 pm
by camhabib
Updated code is as follows:
Code: Select all
<?php
session_start();
if (!isset($_SESSION['name'])) {
if (isset ($_POST['username'])) {
$person = $_POST['username'];
$pwd = $_POST['password'];
$dbusername="abc";
$dbpassword="abc";
$database="mysql";
mysql_connect($database, $dbusername, $dbpassword);
mysql_select_db($database) or die("Unable to connect to database. Please contact the webmaster for further assistance.");
$query = "SELECT name FROM user_handle.user WHERE username='$person' AND password='$pwd'";
$result = mysql_query($query);
if (mysql_num_rows($result) != 1) {
echo ("Sorry but you are not authorize to view this page.");
} else {
}
}
}
?>
What I did is I took that entire part about connection and querying the server and database and put it on its own page to set if it would return the correct data, and it works. I got it to echo the information successfully. So the database connection is out of the picture, now its just focusing on the session itself.
Posted: Sat Oct 08, 2005 9:16 pm
by mickd
you might want to change the $username and $password fields
in your mysql_connect you have $host there but didnt define the $host variable, im surprised it works
the query you should have SELECT username, password instead of name, need to have the username, password selected to check it right?
also right now its set to if the result of mysql_num_rows is not equal to 1 itll do nothing. if you want to set the name session, just gotta do
make sure session_start() is called, which is it.