User Authorization CODING PROBLEM?
Moderator: General Moderators
User Authorization CODING PROBLEM?
function auth_user($userid, $password)
{
global $default_dbname, $user_tablename2;
$link_id = db_connect($default_dbname);
$query = "SELECT swgname FROM $user_tablename2 WHERE userid = \"$userid\" AND memberpassword = password('$password')";
$result = mysql_query($query);
if(!$result) die(error_message(sql_error()));
$query_data = mysql_fetch_row($result);
while($query_data = mysql_fetch_array($result))
{
$my_swg_name = $query_data["swgname"];
echo "$my_swg_name<BR><BR>";
return $my_swg_name;
}
return 0;
}
This is a complete function. This function always returns 0, and thus the user is never "logged in", can anyone tell me why it always returns 0? Thoughts appreciated.
Thanks in advance.
{
global $default_dbname, $user_tablename2;
$link_id = db_connect($default_dbname);
$query = "SELECT swgname FROM $user_tablename2 WHERE userid = \"$userid\" AND memberpassword = password('$password')";
$result = mysql_query($query);
if(!$result) die(error_message(sql_error()));
$query_data = mysql_fetch_row($result);
while($query_data = mysql_fetch_array($result))
{
$my_swg_name = $query_data["swgname"];
echo "$my_swg_name<BR><BR>";
return $my_swg_name;
}
return 0;
}
This is a complete function. This function always returns 0, and thus the user is never "logged in", can anyone tell me why it always returns 0? Thoughts appreciated.
Thanks in advance.
Don't know exactly what you mean by "is register globals on/off"...
If you mean, can I type 'global <variable name>' and have it be seen even if the variable is not declared in the page, then yes it is on.
Otherwise I will require more explanation or the question.
I changed the 'userid' clasue like you said but log in still does not return anything but 0.
More help please
, everything is much appreciated.
If you mean, can I type 'global <variable name>' and have it be seen even if the variable is not declared in the page, then yes it is on.
Otherwise I will require more explanation or the question.
I changed the 'userid' clasue like you said but log in still does not return anything but 0.
More help please
- Heavy
- Forum Contributor
- Posts: 478
- Joined: Sun Sep 22, 2002 7:36 am
- Location: Viksjöfors, Hälsingland, Sweden
- Contact:
I browsed your posts and it came to my mind that you may want to tell the world what version of PHP you have.
Also, please read this if you haven't yet:
Before Post Read: Concerning Passing Variables in PHP 4.2+
Read about register globals...
Also, please read this if you haven't yet:
Before Post Read: Concerning Passing Variables in PHP 4.2+
Read about register globals...
Excuse the DUh!
umm, smack me if im wrong but dosent the script have
right in it?
anyways... your script has no clause that will define a given User Authorized
Code: Select all
return 0anyways... your script has no clause that will define a given User Authorized
The code returns a name instead of a 0 if the user is authorized. Atleast that is what I intend it to do, then the value is stored and if it is not equal to 0 then the user is considered "logged in".umm, smack me if im wrong but dosent the script have
Code:
return 0
right in it?
anyways... your script has no clause that will define a given User Authorized
-
like_duh44
- Forum Commoner
- Posts: 63
- Joined: Sat Jul 26, 2003 6:57 pm
Re: User Authorization CODING PROBLEM?
Maybe you should have a query to get the password from the database, compare it to what the user entered, and store a value for the answer, then have it return $answer; and have page that called function to check if $answer is yes or no. Sry if its confusing, but its hard to explain
- Leviathan
- Forum Commoner
- Posts: 36
- Joined: Tue Sep 23, 2003 7:00 pm
- Location: Waterloo, ON (Currently in Vancouver, BC)
Here's your problem.
Before your while loop, you read a row out of the array, and then, at the top of the loop, you read a *second* row. Firstly, you don't need a loop; assuming you have any good controls on your code, you should have unique usernames. You don't actually need to loop through anything to verify that a user is logged in.
The reason that your code breaks is that your query only returns one row in the result set, but you try to get a second row. The row you get is empty, the comparison you have fails, and your code returns 0.
Here's what I'd do (apologies for any incorrect syntax, as I have wrappers for my database access)
Before your while loop, you read a row out of the array, and then, at the top of the loop, you read a *second* row. Firstly, you don't need a loop; assuming you have any good controls on your code, you should have unique usernames. You don't actually need to loop through anything to verify that a user is logged in.
The reason that your code breaks is that your query only returns one row in the result set, but you try to get a second row. The row you get is empty, the comparison you have fails, and your code returns 0.
Here's what I'd do (apologies for any incorrect syntax, as I have wrappers for my database access)
Code: Select all
$query = ....
$result = mysql_query($query);
if (!$result) die (...);
if (mysql_num_rows($result) != 1) return 0;
$query_data = mysql_fetch_row($result);
return $query_dataї"swgname"];-
Cruzado_Mainfrm
- Forum Contributor
- Posts: 346
- Joined: Sun Jun 15, 2003 11:22 pm
- Location: Miami, FL
doesn't mysql_fetch_row returns enumerated arrays rather than associativy arrays? it's easier, if u have only 1 AND ONLY 1 result to use mysql_result?Code: Select all
$query_data = mysql_fetch_row($result); return $query_data["swgname"];
why not:
Code: Select all
return @mysql_result($result,0,"swgname");