Im getting sick of these errors....

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

Post Reply
Ne0
Forum Commoner
Posts: 60
Joined: Sat Feb 14, 2004 11:48 am

Im getting sick of these errors....

Post by Ne0 »

ok, im trying to make a simple login script. and well, it aint working.

ok, i made a page to display what is in the database:
Name: Ne0
Password: ****
E-Mail: ****
Signature:
avatar:
website:
so i no it exsist, but when i try to login:
Warning: mysql_numrows(): supplied argument is not a valid MySQL result resource in c:\program files\apache group\apache\htdocs\ne0\functions.php on line 58
Invalid UserName or Password

Code: Select all

<?php
if ($_GET['a'] == "login") {
	$user="ne0";
	$password="****";
	$database="db";
	mysql_connect(localhost,$user,$password);
	@mysql_select_db($database) or die("Unable to select database<br>");
	$query="SELECT * FROM users WHERE name='{$_POST['username']}' and password='{$_POST['password']}'"; 

	$result = mysql_query($query) or die (mysql_error());

	if(mysql_num_rows($query) != "0") {  // <-----line 58
		echo("Logged in succesfully"); 
	} else {
		echo("Invalid UserName or Password"); 
	}

mysql_close();
}
?>
once i can get this to work, i can add setting the sessions and stuff...

thanks in advanced
evilMind
Forum Contributor
Posts: 145
Joined: Fri Sep 19, 2003 10:09 am
Location: Earth

Post by evilMind »

Code: Select all

// Change this line
if(mysql_num_rows($query) != "0") {

// to this ->
if(mysql_num_rows($result) != "0") {
that should do the trick.

Also you may want to consider adding slashes to the user name and password via [php_man]addslashes[/php_man] then checking for exactly one row being returned. eg:

Code: Select all

// <snip>
$userName = addslashes($_POST['username']);
$passWord = addslashes($_POST['password']);
// <snip> //
if(mysql_num_rows($result) == 1) {
   // do something.
}
Ne0
Forum Commoner
Posts: 60
Joined: Sat Feb 14, 2004 11:48 am

Post by Ne0 »

ok, thanks!, that definatly solved the error!

but. even when i copy and paste the password and user name into the form fields, it still sais invalid username or password....
evilMind
Forum Contributor
Posts: 145
Joined: Fri Sep 19, 2003 10:09 am
Location: Earth

Post by evilMind »

Not sure how you have your database passwords stored.
If you set your password using the mysql PASSWORD() function then you need to use that when you perform the query as well.
example:

Code: Select all

$username = addslashes($_POST['username']);
$password = addslashes($_POST['password']);

$query = "SELECT * FROM `users` WHERE `name`='$username' AND `password`=PASSWORD('$password') ";
Ne0
Forum Commoner
Posts: 60
Joined: Sat Feb 14, 2004 11:48 am

Post by Ne0 »

i dunno what u mean by PASSWORD() function...if it help this is how the table was made.

Code: Select all

$query="CREATE TABLE users (id int(6) NOT NULL auto_increment,name varchar(15) NOT NULL,password varchar(15) NOT NULL,email varchar(30) NOT NULL,sig varchar(255),avatar varchar(50),web varchar(30),downloads int(6),uploads int(6),PRIMARY KEY (id),UNIQUE id (id),KEY id_2 (id))";
but ill give it a try.

edit: now its giving me
Unknown column 'Ne0' in 'where clause'

Code: Select all

$username = addslashes($_POST['username']); 
$password2 = addslashes($_POST['password']); 

$query = "SELECT * FROM users WHERE name=$username AND password=$password2";
evilMind
Forum Contributor
Posts: 145
Joined: Fri Sep 19, 2003 10:09 am
Location: Earth

Post by evilMind »

It's not so much as to how the table was made. It's how you inserted the data into the table.

look at http://www.mysql.com/doc/en/Password_hashing.html for more information on the mysql PASSWORD() function.

Code: Select all

$username = addslashes($_POST['username']);
$password2 = addslashes($_POST['password']);

//$query = "SELECT * FROM users WHERE name=$username AND password=$password2"; 
// Should be
$query = "SELECT * FROM users WHERE name='$username' AND password='$password2'"; 
// sorry... forgot the quotes.

Code: Select all

mysql&gt; SELECT PASSWORD('foo'); #hashed value of the password.
+------------------+
| PASSWORD('foo')  |
+------------------+
| 7c786c222596437b |
+------------------+
1 row in set (0.00 sec)

mysql&gt; SELECT 'foo'; #plaintext
+-----+
| foo |
+-----+
| foo |
+-----+
1 row in set (0.00 sec)

mysql&gt;
Ne0
Forum Commoner
Posts: 60
Joined: Sat Feb 14, 2004 11:48 am

Post by Ne0 »

HAHA
it worked, :)

thank u so much for your help and time :)
evilMind
Forum Contributor
Posts: 145
Joined: Fri Sep 19, 2003 10:09 am
Location: Earth

Post by evilMind »

anytime :)
Ne0
Forum Commoner
Posts: 60
Joined: Sat Feb 14, 2004 11:48 am

Post by Ne0 »

errrr...PHP is alot higher maintence and alot more picky than ASP....

ok, i got a new error, or 5 new warning at once:
Warning: session_start(): open(/tmp\sess_4f3f2a67abf263d3fa15ff4ff50c6e78, O_RDWR) failed: No such file or directory (2) in c:\program files\apache group\apache\htdocs\ne0\functions.php on line 64

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at c:\program files\apache group\apache\htdocs\ne0\functions.php:64) in c:\program files\apache group\apache\htdocs\ne0\functions.php on line 64

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at c:\program files\apache group\apache\htdocs\ne0\functions.php:64) in c:\program files\apache group\apache\htdocs\ne0\functions.php on line 64

Logged in succesfully.
Redirecting you to were you previously.
Warning: Unknown(): open(/tmp\sess_4f3f2a67abf263d3fa15ff4ff50c6e78, O_RDWR) failed: No such file or directory (2) in Unknown on line 0

Warning: Unknown(): Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0
i dun get it...i made sure the session was set b4 the echo statement:

Code: Select all

if (mysql_num_rows($result) != "0") {
		session_start();
		$_SESSION["name"] = '$username';
		echo("<center>Logged in succesfully.<br>Redirecting you to were you previously."); 

	} else {
		echo("Invalid UserName or Password"); 
	}
...
evilMind
Forum Contributor
Posts: 145
Joined: Fri Sep 19, 2003 10:09 am
Location: Earth

Post by evilMind »

Cannot send session cookie - headers already sent by (output started at c:\program files\apache group\apache\htdocs\ne0\functions.php:64)
Looking at line 64 (and above) in your functions.php file, what is sending any kind of output to the client?

Also, check for blank lines at the end of a file (after your last ?>) since this will cause output to be sent also.

As an alternative you may want to try this until you find out what is sending the output:

Code: Select all

<?php
if (mysql_num_rows($result) != "0") {
   if (!headers_sent($sendingOutputFile, $outputOccuredAt))
   {
      session_start();
      $_SESSION["name"] = '$username';
      echo("<center>Logged in succesfully.<br>Redirecting you to were you previously.");
    }
    else
    {
       echo 'Output occured from file: ' . $sendingOutputFile . ' At line number: ' . $outputOccuredAt;
    }

   } else {
      echo("Invalid UserName or Password");
   }
?>
The above *may* tell you the same thing that you are getting in your log files, but it may also say differently.
evilMind
Forum Contributor
Posts: 145
Joined: Fri Sep 19, 2003 10:09 am
Location: Earth

Post by evilMind »

Almost forgot... Make sure to check your session.save_path in your php.ini file also. The error says /tmp/sess_...... make sure that this path exists and is writeable by apache (If not change the value in the php.ini that is writeable by apache and the restart apache to apply the changes)
Ne0
Forum Commoner
Posts: 60
Joined: Sat Feb 14, 2004 11:48 am

Post by Ne0 »

ok, nothins working, im on a free host and i dunno how to get ti php.ini
i decided to redirect to a bran new blank page that set the session...that way there would be no output...
heres what i got, exactly.
Warning: session_start(): open(/tmp\sess_4a22a87eb6c4b3e191c4d6feb9dd9ab6, O_RDWR) failed: No such file or directory (2) in c:\program files\apache group\apache\htdocs\ne0\setsession.php on line 3

Warning: session_start(): Cannot send session cookie - headers already sent by (output started at c:\program files\apache group\apache\htdocs\ne0\setsession.php:3) in c:\program files\apache group\apache\htdocs\ne0\setsession.php on line 3

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at c:\program files\apache group\apache\htdocs\ne0\setsession.php:3) in c:\program files\apache group\apache\htdocs\ne0\setsession.php on line 3

Warning: Cannot modify header information - headers already sent by (output started at c:\program files\apache group\apache\htdocs\ne0\setsession.php:3) in c:\program files\apache group\apache\htdocs\ne0\setsession.php on line 5

Warning: Unknown(): open(/tmp\sess_4a22a87eb6c4b3e191c4d6feb9dd9ab6, O_RDWR) failed: No such file or directory (2) in Unknown on line 0

Warning: Unknown(): Failed to write session data (files). Please verify that the current setting of session.save_path is correct (/tmp) in Unknown on line 0
with this code, exactly:

Code: Select all

<?php
$user = $_GET['u'];
session_start();
$_SESSION['username'] = $user;
header("Location: index.php");
?>
evilMind
Forum Contributor
Posts: 145
Joined: Fri Sep 19, 2003 10:09 am
Location: Earth

Post by evilMind »

As far as changing the session.save_path you should be able to use [php_man]ini_set[/php_man] for that. Something along the lines of ini_set('session.save_path','/temp'); or ini_set('session.save_path','C:\temp'); As far as the headers problem.... the only thing that I can think of right now is that since you are receiving an error setting the file, php is sending output to the client (probably for error display?) which is causing the problem???

Also, you can check to see what settings you have setup currently by using ini_get('variableNameHere'); eg: ini_get('session.save_path');
Ne0
Forum Commoner
Posts: 60
Joined: Sat Feb 14, 2004 11:48 am

Post by Ne0 »

ok, ill try all of that.

thank you for your help.
Post Reply