Http session/login script Problems

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
polosport6699
Forum Commoner
Posts: 35
Joined: Wed Jun 11, 2003 3:19 pm

Http session/login script Problems

Post by polosport6699 »

I have been developing this code, and I keep getting different errors. I want the end result of logging in and using cookies to track sesssions.

I keep getting this error Warning: mysql_real_escape_string() expects parameter 2 to be resource, null given in c:\inetpub\wwwroot\Login.php on line 9

Warning: mysql_real_escape_string() expects parameter 2 to be resource, null given in c:\inetpub\wwwroot\Login.php on line 9

Code: Select all

<?
	if (isset($_POST['submit'])) {
		require_once("./config.php");
		function escape_data ($data) {
			global $dbc;
			if (ini_get('magic_quotes_gpc')) {
				$data = stripslashes($data);
				}
			return mysql_real_escape_string($data, $dbc);
		}
		$message = NULL;
		if (empty($_POST['username'])) {
		$u = FALSE;
		$message .= '<p>Forgot Username</p>';
	} else { 
		$u = escape_data($_POST['username']);
	}
	if (empty($_POST['password'])) {
		$p = FALSE;
		$message .= '<p>Forgot Password</p>';
		} else { 
		$p = escape_data($_POST['password']);
		}
		
		if ($u && $p) { //everything checks
			$query = "SELECT user_id, first_name FROM users WHERE username='$u' AND password=
			PASSWORD('$p')";
			$result = @mysql_query ($query);
			$row = mysql_fetch_array ($result, MYSQL_NUM);
			if ($row) {
			
		//Start Session
		session_start ();
		$_SESSION['first_name'] = $row[1];
		$_SESSION['user_id'] = $row[0];
		header ("Location: http://" . $_SERVER['HTTP_HOST'] . 
		dirname($_SERVER['PHP_SELF']) . "/loggedin.php");
		exit ();
		
	} else { 
		$message = '<p>Not Match</p>';
	}
  	mysql_close();
	} else {
		$message = '<p>Try Again</p>';
	}	
}
$page_title='Login';
include("./config.php");
if (isset($message)) {
	echo '<font color="red">',$message,'</font>';
	}
	?>
<form action="<? echo $_SERVER['PHP_SELF']; ?>" Method="post">
<p><b>User Name</b> <input type="text" name="username" size="10" maxlength="20" value="<? if 
(isset($_POST['username'])) echo $_POST['username']; ?>" /></p>
<p><b>Password:</b><input type="password" name="password" size="20" maxlength="20" /></p>
<p><input type="submit" name="submit" value="login" /></p>
</form>
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

What is $dbc?

Mac
User avatar
daven
Forum Contributor
Posts: 332
Joined: Tue Dec 17, 2002 1:29 pm
Location: Gaithersburg, MD
Contact:

Post by daven »

if $dbc is supposed to be your mysql_connection, you forgot one major thing:
you need to set it.

Code: Select all

<?
   if (isset($_POST['submit'])) {
      require_once("./config.php");
      function escape_data ($data) {
         global $dbc; // $dbc is never assigned a value here.
         $dbc=mysql_connect($server,$username,$password);  // add this line, with the proper data, of course
         if (ini_get('magic_quotes_gpc')) {
            $data = stripslashes($data);
            }
         return mysql_real_escape_string($data, $dbc);
      } 
?>
Post Reply