non-responsive user login script

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
suthie
Forum Commoner
Posts: 68
Joined: Sat Jun 09, 2007 10:46 am

non-responsive user login script

Post by suthie »

I have been working on a user login system for the past couple days, and my login script was working, but suddenly it is not and i can't find the problem. does anyone see any obvious errors?

Code: Select all

<?php
ob_start();
include 'error.php';
include 'dbconnect_silent.php';

$username = $_POST["username"];
$password = $_POST["password"];

$result = MYSQL_QUERY("SELECT * from userdata WHERE username='$username'and password='$password'")
   or die ("Name and password not found or not matched");

$worked = mysql_fetch_array($result);

$username = $worked[username];
$password = $worked[password];
$email = $worked[email];

if($worked){
    echo "login successful. now redirecting $user ... please wait";
    session_start();
    $_SESSION['user'] = $username;
    $_SESSION['areyouin'] = true;
    header( 'Location: http://penguinflash.justfree.com/home.php');
}
else{
   error('No match found. Password is incorrect or user does not exist.\\n'.
             'Please try again.')
}

ob_flush();
?>
it is literally a blank screen when i run this
TreyAU21
Forum Newbie
Posts: 9
Joined: Thu Apr 13, 2006 6:37 pm
Location: Woodstock, GA

Post by TreyAU21 »

Throw an array print function call after the mysql_fetch_array() call and see if you get anything.

Code: Select all

print_r($worked);
suthie
Forum Commoner
Posts: 68
Joined: Sat Jun 09, 2007 10:46 am

Post by suthie »

it is still a blank screen...
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

For starters, turn on error reporting so you can at least see the errors in your code.

error is probably an undefined function which would cause a fatal error and in the following code, the syntax is invalid..

Code: Select all


$username = $worked[username];
$password = $worked[password];
$email = $worked[email];
bdlang
Forum Contributor
Posts: 395
Joined: Tue May 16, 2006 8:46 pm
Location: Ventura, CA US

Post by bdlang »

suthie wrote:I have been working on a user login system for the past couple days, and my login script was working, but suddenly it is not and i can't find the problem.
A description of the problem would be nice (I do see in your followup post that you mention a 'blank screen'). What does "not working" mean. What changed from the last time it worked until now?


General observations:
  • session_start() should be the first line in the script.
  • You should call ob_end_flush() immediately after the call to header().
  • You don't bother to escape your POST data.
  • Unless it's a typo or just looks odd, your SQL statement has 'username'and shoved together.
  • Your logic as to whether or not the SQL statement worked is a bit flawed. You should use ( mysql_num_rows() == 1 ) to verify that the user validation is correct and exactly 1 user record was returned.
You may have display_errors turned off, try changing your script to display all errors, e.g.

Code: Select all

<?php
error_reporting(E_ALL);
ini_set('display_errors',1);

session_start();
ob_start();
include('error.php');
...
suthie
Forum Commoner
Posts: 68
Joined: Sat Jun 09, 2007 10:46 am

Post by suthie »

error is defined in the included file errors.php

what is wrong with the syntax?

i turned error reporting on and i am still getting a blank screen
Last edited by suthie on Mon Jun 11, 2007 6:44 pm, edited 1 time in total.
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

errors.php or error.php?

Your associative array index keys need to be encapsulated in single or double quotes.
suthie
Forum Commoner
Posts: 68
Joined: Sat Jun 09, 2007 10:46 am

Post by suthie »

my bad typo

it is in error.php

found the problem: I was missing one semicolon late in the script. this script works:

Code: Select all

<?php

error_reporting(E_ALL);
ini_set('display_errors',1);

ob_start();
include 'error.php';
include 'dbconnect_silent.php';

$username = $_POST["username"];
$password = $_POST["password"];

$result = MYSQL_QUERY("SELECT * from userdata WHERE username='$username'and password='$password'")
   or die ("Name and password not found or not matched");

$worked = mysql_fetch_array($result);

$username = $worked['username'];
$password = $worked['password'];
$email = $worked['email'];

if($worked){
    echo "login successful. now redirecting $user ... please wait";
    session_start();
    $_SESSION['user'] = $username;
    $_SESSION['areyouin'] = true;
    header( 'Location: http://penguinflash.justfree.com/home.php');
}
else{
   error('No match found. Password is incorrect or user does not exist.\\n'.
             'Please try again.');
}

ob_flush();
?>
User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

MYSQL_QUERY should be mysql_query() even though it might work the other way.

As bdlang said, session_start() should be the first line in the script. (Actually second, <?php should be on line 1 )

I don't see any fatal or parse errors in the code you posted, so you may have a problem in one of the files you are including.

Why not install PHP/Apache and MySQL on your own PC so you can debug it? Evidently display_errors is turned off in the php.ini file.

How do you plan on debugging code that way?
Post Reply