Why oh Why??

Questions about the MySQL, PostgreSQL, and most other databases, as well as using it with PHP can be asked here.

Moderator: General Moderators

User avatar
Munky
Forum Newbie
Posts: 10
Joined: Mon Nov 21, 2005 7:27 am
Location: Norwich, uk

Why oh Why??

Post by Munky »

Hi Guys,

I'm a complete Newbie but I have used PHP quite a bit recently..

I have made a database and I am try to use a Log In page..

I pass the username and password via a form to this page, but all i do is get a blank page...?

the connection is working so it is seeing my database... :(

Also how do i make it display a different page if the password or username is incorrect?

Code: Select all

<body>
<?
include 'vars.php';

$membername=$_GET['membername'];
$password=$_GET['password'];

$link = mysql_connect('localhost', $user, $pass);
if (!$link) {
   die('Could not connect: ' . mysql_error());
}

@mysql_select_db($database) or die( "Unable to select database");
$query="SELECT * FROM profileinfo WHERE membername=$membername AND password=$password";
$result=mysql_query($query);

echo "<b><center>Your Account</center></b><br><br>";

$membername=mysql_result($result,"membername");
$email

echo "<b>$membernumber</b><br><b>$email</b><br><a href='edit_account.php?membernumber=$membernumber'>edit</a><hr><br>";

mysql_close($link);
?>
 
</body>
</html>
malcolmboston
DevNet Resident
Posts: 1826
Joined: Tue Nov 18, 2003 1:09 pm
Location: Middlesbrough, UK

Post by malcolmboston »

replace

Code: Select all

@mysql_select_db($database) or die( "Unable to select database"); 
$query="SELECT * FROM profileinfo WHERE membername=$membername AND password=$password"; 
$result=mysql_query($query);
with

Code: Select all

mysql_select_db($database) or die(mysql_error()); 
$query="SELECT * FROM profileinfo WHERE membername=$membername AND password=$password"; 
$result=mysql_query($query) or die (mysql_error());
also your coding is a bit untidy, would help if you sorted that out as well, also short tags (<?) is not recommended
Last edited by malcolmboston on Mon Nov 21, 2005 7:56 am, edited 1 time in total.
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

The first thing you need to do is add the following lines at the top of the code:

Code: Select all

ini_set('display_errors', 1);
error_reporting(E_ALL);
this should allow you to see the syntax error that PHP is trying to report :)

Mac
User avatar
Munky
Forum Newbie
Posts: 10
Joined: Mon Nov 21, 2005 7:27 am
Location: Norwich, uk

Post by Munky »

hmm, ok, done all those changes and still get nothing,

so how can i check that the info from the form is actually being passed.

I tried all these

Code: Select all

<?PHP

echo $membername ):

?>
--------------

Code: Select all

<?PHP

echo '$membername' ):

?>
--------------

Code: Select all

<?PHP

echo "$membername" ):

?>
but this just displays a blank page :(

Oh im so confused..
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

OK - if you change:

Code: Select all

$membername=mysql_result($result,"membername");
$email
to

Code: Select all

$membername=mysql_result($result,"membername");
//$email commented out because it was causing a parse error
then you should hopefully see some output.

Next thing - what method are you using in the form? POST or GET?

Mac
User avatar
Munky
Forum Newbie
Posts: 10
Joined: Mon Nov 21, 2005 7:27 am
Location: Norwich, uk

Post by Munky »

Its a POST on the actual form,

Basically I've started again, and I have this

Code: Select all

<?PHP

ini_set('display_errors', 1); 
error_reporting(E_ALL);

$_POST["membername"] 

echo "$membername" ):

?>
Completely new blank page, and the form POST is membername and password.
all i want to do i find out why the result page cannot see my membername being passed?
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

In this line:

Code: Select all

echo "$membername" ):
you've got an extraneous ) and use a colon instead of a semi-colon - try:

Code: Select all

echo $membername;
Also, instead of:

Code: Select all

$_POST["membername"]
you need to do:

Code: Select all

$membername = $_POST['membername'];
Mac
User avatar
Munky
Forum Newbie
Posts: 10
Joined: Mon Nov 21, 2005 7:27 am
Location: Norwich, uk

Post by Munky »

Ok, so im feeling fairly stupid now...

i have

Code: Select all

<?PHP

ini_set('display_errors', 1); 
error_reporting(E_ALL);

$membernumber = $_POST['membername'];

echo $membername;

?>
and its working!! thank you!!

I will now try to add this to my initial request...
malcolmboston
DevNet Resident
Posts: 1826
Joined: Tue Nov 18, 2003 1:09 pm
Location: Middlesbrough, UK

Post by malcolmboston »

[cough]
Look...

Code: Select all

$membernumber = $_POST['membername']; 

echo $membername;
[/cough]

lol, ur gonna have fun with regex :P
User avatar
Munky
Forum Newbie
Posts: 10
Joined: Mon Nov 21, 2005 7:27 am
Location: Norwich, uk

Post by Munky »

malcolmboston wrote:[cough]
Look...

Code: Select all

$membernumber = $_POST['membername']; 

echo $membername;
[/cough]

lol, ur gonna have fun with regex :P
Doh!! Thought i editted before anyone spotted that lol!!!
User avatar
Munky
Forum Newbie
Posts: 10
Joined: Mon Nov 21, 2005 7:27 am
Location: Norwich, uk

Post by Munky »

Code: Select all

<?PHP

//error check

ini_set('display_errors', 1); 
error_reporting(E_ALL);

//list the fields coming from the form

$membername = $_POST['membername'];
$password = $_POST['password'];

include 'vars.php';

$link = mysql_connect('localhost', $user, $pass);
if (!$link) {
   die('Could not connect: ' . mysql_error());
}

mysql_select_db($database) or die(mysql-error()); 
$query="SELECT * FROM profileinfo WHERE membername=$membername AND password=$password"; 
$result=mysql_query($query) or die (mysql_error());

echo "<b><center>Your Account</center></b><br><br>";

$membername=mysql_result($result,"membername");
$membernumber=mysql_result($result,"membernumber");
$email=mysql_result($result,"email");

echo "<b>$membernumber</b><br><b>$email</b><br><a href='edit_account.php?membernumber=$membernumber'>edit</a><hr><br>";

mysql_close($link);
?>
gives

Code: Select all

You have an error in your SQL syntax near '' at line 1
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

Try adding some quotes around the strings in the SQL statement, so:

Code: Select all

$query="SELECT * FROM profileinfo WHERE membername = '$membername' AND password = '$password'";
instead of:

Code: Select all

$query="SELECT * FROM profileinfo WHERE membername=$membername AND password=$password";
Mac
User avatar
Munky
Forum Newbie
Posts: 10
Joined: Mon Nov 21, 2005 7:27 am
Location: Norwich, uk

Post by Munky »

ok tried it again with a working username and password.. and i got

Code: Select all

Unknown column 'munky' in 'where clause'
urm?

my username is "munky"

any ideas and where can i put the "username incorrect?" page
User avatar
Munky
Forum Newbie
Posts: 10
Joined: Mon Nov 21, 2005 7:27 am
Location: Norwich, uk

Post by Munky »

ok, yeah the ' ' did the job, thank you :)

but, this doesnt appear to work?

$membername=mysql_result($result,"membername");
$membernumber=mysql_result($result,"membernumber");
$email=mysql_result($result,"email");

i also changed the membername to LIKE

Code: Select all

$query="SELECT * FROM profileinfo WHERE membername LIKE '$membername' AND password = '$password'";
as i am allowing uppercase and lowercase usernames...
User avatar
twigletmac
Her Royal Site Adminness
Posts: 5371
Joined: Tue Apr 23, 2002 2:21 am
Location: Essex, UK

Post by twigletmac »

instead of:

Code: Select all

echo "<b><center>Your Account</center></b><br><br>";

$membername=mysql_result($result,"membername");
$membernumber=mysql_result($result,"membernumber");
$email=mysql_result($result,"email");

echo "<b>$membernumber</b><br><b>$email</b><br><a href='edit_account.php?membernumber=$membernumber'>edit</a><hr><br>";
try

Code: Select all

// first test to make sure there was a result
if (mysql_num_rows($result) == 1) {
	echo "<b><center>Your Account</center></b><br><br>";

	// get the whole result of the query into an array
	$row = mysql_fetch_assoc($result);

	// set each individual variable
	$membername   = $row['membername'];
	$membernumber = $row['membernumber'];
	$email        = $row['email'];

	echo "<b>$membernumber</b><br><b>$email</b><br><a href='edit_account.php?membernumber=$membernumber'>edit</a><hr><br>";
} else {
	// what gets displayed if there is no result found
	echo '<b>Member details not found.</b>';
}
Mac
Post Reply