Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.
Moderator: General Moderators
Munky
Forum Newbie
Posts: 10 Joined: Mon Nov 21, 2005 7:27 am
Location: Norwich, uk
Post
by Munky » Mon Nov 21, 2005 7:32 am
Hi Guys,
I'm a complete Newbie but I have used PHP quite a bit recently..
I have made a database and I am try to use a Log In page..
I pass the username and password via a form to this page, but all i do is get a blank page...?
the connection is working so it is seeing my database...
Also how do i make it display a different page if the password or username is incorrect?
Code: Select all
<body>
<?
include 'vars.php';
$membername=$_GET['membername'];
$password=$_GET['password'];
$link = mysql_connect('localhost', $user, $pass);
if (!$link) {
die('Could not connect: ' . mysql_error());
}
@mysql_select_db($database) or die( "Unable to select database");
$query="SELECT * FROM profileinfo WHERE membername=$membername AND password=$password";
$result=mysql_query($query);
echo "<b><center>Your Account</center></b><br><br>";
$membername=mysql_result($result,"membername");
$email
echo "<b>$membernumber</b><br><b>$email</b><br><a href='edit_account.php?membernumber=$membernumber'>edit</a><hr><br>";
mysql_close($link);
?>
</body>
</html>
malcolmboston
DevNet Resident
Posts: 1826 Joined: Tue Nov 18, 2003 1:09 pm
Location: Middlesbrough, UK
Post
by malcolmboston » Mon Nov 21, 2005 7:50 am
replace
Code: Select all
@mysql_select_db($database) or die( "Unable to select database");
$query="SELECT * FROM profileinfo WHERE membername=$membername AND password=$password";
$result=mysql_query($query);
with
Code: Select all
mysql_select_db($database) or die(mysql_error());
$query="SELECT * FROM profileinfo WHERE membername=$membername AND password=$password";
$result=mysql_query($query) or die (mysql_error());
also your coding is a bit untidy, would help if you sorted that out as well, also short tags (<?) is not recommended
Last edited by
malcolmboston on Mon Nov 21, 2005 7:56 am, edited 1 time in total.
twigletmac
Her Royal Site Adminness
Posts: 5371 Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK
Post
by twigletmac » Mon Nov 21, 2005 7:50 am
The first thing you need to do is add the following lines at the top of the code:
Code: Select all
ini_set('display_errors', 1);
error_reporting(E_ALL);
this should allow you to see the syntax error that PHP is trying to report
Mac
Munky
Forum Newbie
Posts: 10 Joined: Mon Nov 21, 2005 7:27 am
Location: Norwich, uk
Post
by Munky » Mon Nov 21, 2005 7:57 am
hmm, ok, done all those changes and still get nothing,
so how can i check that the info from the form is actually being passed.
I tried all these
--------------
--------------
but this just displays a blank page
Oh im so confused..
twigletmac
Her Royal Site Adminness
Posts: 5371 Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK
Post
by twigletmac » Mon Nov 21, 2005 8:11 am
OK - if you change:
Code: Select all
$membername=mysql_result($result,"membername");
$email
to
Code: Select all
$membername=mysql_result($result,"membername");
//$email commented out because it was causing a parse error
then you should hopefully see some output.
Next thing - what method are you using in the form? POST or GET?
Mac
Munky
Forum Newbie
Posts: 10 Joined: Mon Nov 21, 2005 7:27 am
Location: Norwich, uk
Post
by Munky » Mon Nov 21, 2005 8:16 am
Its a POST on the actual form,
Basically I've started again, and I have this
Code: Select all
<?PHP
ini_set('display_errors', 1);
error_reporting(E_ALL);
$_POST["membername"]
echo "$membername" ):
?>
Completely new blank page, and the form POST is membername and password.
all i want to do i find out why the result page cannot see my membername being passed?
twigletmac
Her Royal Site Adminness
Posts: 5371 Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK
Post
by twigletmac » Mon Nov 21, 2005 8:21 am
In this line:
you've got an extraneous ) and use a colon instead of a semi-colon - try:
Also, instead of:
you need to do:
Code: Select all
$membername = $_POST['membername'];
Mac
Munky
Forum Newbie
Posts: 10 Joined: Mon Nov 21, 2005 7:27 am
Location: Norwich, uk
Post
by Munky » Mon Nov 21, 2005 8:28 am
Ok, so im feeling fairly stupid now...
i have
Code: Select all
<?PHP
ini_set('display_errors', 1);
error_reporting(E_ALL);
$membernumber = $_POST['membername'];
echo $membername;
?>
and its working!! thank you!!
I will now try to add this to my initial request...
malcolmboston
DevNet Resident
Posts: 1826 Joined: Tue Nov 18, 2003 1:09 pm
Location: Middlesbrough, UK
Post
by malcolmboston » Mon Nov 21, 2005 8:32 am
[cough]
Look...
Code: Select all
$membernumber = $_POST['membername'];
echo $membername;
[/cough]
lol, ur gonna have fun with regex
Munky
Forum Newbie
Posts: 10 Joined: Mon Nov 21, 2005 7:27 am
Location: Norwich, uk
Post
by Munky » Mon Nov 21, 2005 8:33 am
malcolmboston wrote: [cough]
Look...
Code: Select all
$membernumber = $_POST['membername'];
echo $membername;
[/cough]
lol, ur gonna have fun with regex
Doh!! Thought i editted before anyone spotted that lol!!!
Munky
Forum Newbie
Posts: 10 Joined: Mon Nov 21, 2005 7:27 am
Location: Norwich, uk
Post
by Munky » Mon Nov 21, 2005 8:39 am
Code: Select all
<?PHP
//error check
ini_set('display_errors', 1);
error_reporting(E_ALL);
//list the fields coming from the form
$membername = $_POST['membername'];
$password = $_POST['password'];
include 'vars.php';
$link = mysql_connect('localhost', $user, $pass);
if (!$link) {
die('Could not connect: ' . mysql_error());
}
mysql_select_db($database) or die(mysql-error());
$query="SELECT * FROM profileinfo WHERE membername=$membername AND password=$password";
$result=mysql_query($query) or die (mysql_error());
echo "<b><center>Your Account</center></b><br><br>";
$membername=mysql_result($result,"membername");
$membernumber=mysql_result($result,"membernumber");
$email=mysql_result($result,"email");
echo "<b>$membernumber</b><br><b>$email</b><br><a href='edit_account.php?membernumber=$membernumber'>edit</a><hr><br>";
mysql_close($link);
?>
gives
Code: Select all
You have an error in your SQL syntax near '' at line 1
twigletmac
Her Royal Site Adminness
Posts: 5371 Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK
Post
by twigletmac » Mon Nov 21, 2005 8:55 am
Try adding some quotes around the strings in the SQL statement, so:
Code: Select all
$query="SELECT * FROM profileinfo WHERE membername = '$membername' AND password = '$password'";
instead of:
Code: Select all
$query="SELECT * FROM profileinfo WHERE membername=$membername AND password=$password";
Mac
Munky
Forum Newbie
Posts: 10 Joined: Mon Nov 21, 2005 7:27 am
Location: Norwich, uk
Post
by Munky » Mon Nov 21, 2005 8:59 am
ok tried it again with a working username and password.. and i got
Code: Select all
Unknown column 'munky' in 'where clause'
urm?
my username is "munky"
any ideas and where can i put the "username incorrect?" page
Munky
Forum Newbie
Posts: 10 Joined: Mon Nov 21, 2005 7:27 am
Location: Norwich, uk
Post
by Munky » Mon Nov 21, 2005 9:01 am
ok, yeah the ' ' did the job, thank you
but, this doesnt appear to work?
$membername=mysql_result($result,"membername");
$membernumber=mysql_result($result,"membernumber");
$email=mysql_result($result,"email");
i also changed the membername to LIKE
Code: Select all
$query="SELECT * FROM profileinfo WHERE membername LIKE '$membername' AND password = '$password'";
as i am allowing uppercase and lowercase usernames...
twigletmac
Her Royal Site Adminness
Posts: 5371 Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK
Post
by twigletmac » Mon Nov 21, 2005 9:19 am
instead of:
Code: Select all
echo "<b><center>Your Account</center></b><br><br>";
$membername=mysql_result($result,"membername");
$membernumber=mysql_result($result,"membernumber");
$email=mysql_result($result,"email");
echo "<b>$membernumber</b><br><b>$email</b><br><a href='edit_account.php?membernumber=$membernumber'>edit</a><hr><br>";
try
Code: Select all
// first test to make sure there was a result
if (mysql_num_rows($result) == 1) {
echo "<b><center>Your Account</center></b><br><br>";
// get the whole result of the query into an array
$row = mysql_fetch_assoc($result);
// set each individual variable
$membername = $row['membername'];
$membernumber = $row['membernumber'];
$email = $row['email'];
echo "<b>$membernumber</b><br><b>$email</b><br><a href='edit_account.php?membernumber=$membernumber'>edit</a><hr><br>";
} else {
// what gets displayed if there is no result found
echo '<b>Member details not found.</b>';
}
Mac