07-01-2005, 09:27 AM
|
|
Aspiring Evangelist
|
|
Join Date: Feb 2005
Location: Norway
Posts: 391
|
|
Hi,
I have just started MySQL and now know how to insert and retrieve data. This is just a register script for the users to register, and their user+pass gets put in my database. So now I plan to do this member script. I have added users to the database using using a HTML form posting to a file named reg.php which code is as following:
PHP Code:
$user = $_POST['user'];
$pass = $_POST['pass'];
include("config.php");
mysql_connect($hostname,$username,$password);
@mysql_select_db($database) or die("Unable to select that database");
$query = "INSERT INTO users VALUES ('','$user','$pass')";
$result=mysql_query($query);
mysql_close();
This works ok for entering the data: username, password and a uniqe ID into the 'users' table. But now I have to do the login form, I want it to look in the 'users' table to see if it finds their username+password. Can anyone help me with how I can do this? Thanks Alot  .. have a good summer everyone! 
|
07-01-2005, 10:20 AM
|
|
Newbie
|
|
Join Date: Dec 2004
Location: London
Posts: 5
|
|
UrlGuy,
A quick and simple example may be as follows:
PHP Code:
$user = $_POST['user'];
$pass = $_POST['pass'];
include("config.php");
mysql_connect($hostname,$username,$password);
@mysql_select_db($database) or die("Unable to select that database");
$query = "SELECT * FROM users WHERE user = $user AND pass = $pass";
$result = $db->query($sql);
if($result->numRows() < 1)
{
/* Access is denied */
}
else
{
/* Logged in */
}
mysql_close();
Naturally this is not fully secure but it’s a starting point.
Last edited by p.davies; 07-01-2005 at 10:24 AM.
|
07-01-2005, 11:59 AM
|
|
Aspiring Evangelist
|
|
Join Date: Feb 2005
Location: Norway
Posts: 391
|
|
Thanks for reply.
When I use the above code with my script I get this file:
PHP Code:
<?PHP
include("config.php");
@session_start();
if (empty($user) || empty($pass)) {
$logged_in = false;
$_SESSION['logged_in'] = false;
echo "<B>You forgot to enter your username or password</B><BR>";
include("login.php");
exit;
}
$user = $_POST['user'];
$pass = $_POST['pass'];
mysql_connect($hostname,$username,$password);
@mysql_select_db($database) or die("Unable to select that database");
$query = "SELECT * FROM users WHERE user = $user AND pass = $pass";
$result = $db->query($sql);
if($result->numRows() < 1)
{
echo "Wrong username or password<BR>";
include("login.php");
exit;
}
else
{
$_SESSION['logged_in'] = true;
header('Location: members.php');
}
mysql_close();
?>
But then I get this error:
Quote:
|
Fatal error: Call to a member function on a non-object in /home/user/public_html/log_in.php on line 20
|
Here is line 20:
Quote:
|
$result = $db->query($sql);
|
By the way.. when I setup the 'users' table I used this code:
Quote:
|
$query="CREATE TABLE users (id int(6) NOT NULL auto_increment,first varchar(15) NOT NULL,last varchar(15) NOT NULL,phone varchar(20) NOT NULL,mobile varchar(20) NOT NULL,fax varchar(20) NOT NULL,email varchar(30) NOT NULL,web varchar(30) NOT NULL,PRIMARY KEY (id),UNIQUE id (id),KEY id_2 (id))";
|
I know this creates a little too many fields as I only need 3 but I copied&pasted this as I'm not sure how to edit it right.. do I have to name one field 'usernames' and another 'passwords' to use the "SELECT * FROM users WHERE user = $user AND pass = $pass" ? How do I do this? Or is all I needed to do is setup the 'users' table and it autoassigns the data?
Hope anyone can help me with these 2 problems... thanks!!
Last edited by UrlGuy; 07-01-2005 at 12:04 PM.
|
07-01-2005, 12:19 PM
|
|
Junior Guru Wannabe
|
|
Join Date: Jul 2004
Location: Scotland, UK
Posts: 81
|
|
For line 20 change
PHP Code:
$result = $db->query($sql);
to
PHP Code:
$result = mysql_query($query);
I'm not sure what you mean regarding your second problem, can you explain a bit more?
|
07-01-2005, 12:24 PM
|
|
Aspiring Evangelist
|
|
Join Date: Feb 2005
Location: Norway
Posts: 391
|
|
thanks.. think it worked, get a blank white page now and no error atleast..
I meant.. since its something like "SELECT * FROM users WHERE user = $user AND pass = $pass
with the WHERE user = $user
is 'user' a seperate column or row or something? How can I set up that? I have only setup the table 'users', no rows or any more.. Hope I wrote better now.. if not tell me and I'll try explain more. Thanks!!
|
07-01-2005, 12:36 PM
|
|
Junior Guru Wannabe
|
|
Join Date: Jul 2004
Location: Scotland, UK
Posts: 81
|
|
The SELECT query will go to the table named "users" (which your above CREATE query will have created). It will then look in the field "user" (which you have not yet created) for the value which was input, if there is a matching "pass" in the pass field it will return the entire row.
Since you don't have a table fully setup, try this sql code. It will drop your existing table, create a new one named "users", it has 3 fields - id (which is auto-inc), user (the username) and pass (the password):
Code:
DROP TABLE IF EXISTS `users`;
CREATE TABLE `users` (
`id` INT( 5 ) NOT NULL AUTO_INCREMENT ,
`user` VARCHAR( 30 ) NOT NULL ,
`pass` VARCHAR( 40 ) NOT NULL ,
PRIMARY KEY ( `id` )
);
The pass field is probably a bit longer than you'll need...I've done this to allow you to encrypt the passes later...which is something you'll want to do.
Hope that helps, give me a shout if you need more explination
|
07-01-2005, 12:46 PM
|
|
Aspiring Evangelist
|
|
Join Date: Feb 2005
Location: Norway
Posts: 391
|
|
Thanks, seems to be what I'm looking for!
But now my setup.php file fails with that code :\
It looks like this:
PHP Code:
<?
require("config.php");
mysql_connect($hostname,$username,$password);
@mysql_select_db($database) or die( "Unable to select database");
$query="DROP TABLE IF EXISTS `users`
CREATE TABLE `users` (
`id` INT( 5 ) NOT NULL AUTO_INCREMENT ,
`user` VARCHAR( 30 ) NOT NULL ,
`pass` VARCHAR( 40 ) NOT NULL ,
PRIMARY KEY ( `id` )
);
mysql_query($query);
mysql_close();
echo "Database created";
?>
But gives this error:
Parse error: parse error, unexpected T_STRING in /home/user/public_html/setup.php on line 17
which is this line:
echo "Database created";
Any help apprecciated!
|
07-01-2005, 12:58 PM
|
|
Junior Guru Wannabe
|
|
Join Date: Jul 2004
Location: Scotland, UK
Posts: 81
|
|
Just a few errors. Try this:
PHP Code:
<?php
require("config.php");
mysql_connect($hostname,$username,$password);
@mysql_select_db($database) or die("Unable to select database");
$query="DROP TABLE IF EXISTS `users`;
CREATE TABLE `users` (
`id` INT( 5 ) NOT NULL AUTO_INCREMENT ,
`user` VARCHAR( 30 ) NOT NULL ,
`pass` VARCHAR( 40 ) NOT NULL ,
PRIMARY KEY ( `id` )
);";
mysql_query($query);
mysql_close();
echo "Database created";
?>
|
07-01-2005, 01:15 PM
|
|
Aspiring Evangelist
|
|
Join Date: Feb 2005
Location: Norway
Posts: 391
|
|
Thanks it worked!!
Although still some error..
This is my log_in.php:
PHP Code:
<?PHP
include("config.php");
@session_start();
if (empty($bruker) || empty($pass)) {
$logged_in = false;
$_SESSION['logged_in'] = false;
echo "<B>$no_login</B><BR>";
include("login.php");
exit;
}
$bruker = $_POST['bruker'];
$pass = $_POST['pass'];
mysql_connect($hostname,$username,$password);
@mysql_select_db($database) or die("Unable to select that database");
$query = "SELECT * FROM users WHERE user = $bruker AND pass = $pass";
$result = mysql_query($query);
if($result->numRows() < 1)
{
echo "$wrong_login<BR>";
include("login.php");
exit;
}
else
{
$_SESSION['logged_in'] = true;
header('Location: $hidden');
}
mysql_close();
?>
It says this:
Fatal error: Call to a member function on a non-object in /home/user/public_html/log_in.php on line 23
like 23 is this:
if($result->numRows() < 1)
It really seems ok.. can't really get whats wrong but.. hm..
full code is the one above..
thanks again!
|
07-01-2005, 01:20 PM
|
|
Junior Guru Wannabe
|
|
Join Date: Jul 2004
Location: Scotland, UK
Posts: 81
|
|
Change line 23 to:
PHP Code:
if (mysql_num_rows($result) < 1)
Should solve the problem
|
07-01-2005, 01:24 PM
|
|
Aspiring Evangelist
|
|
Join Date: Feb 2005
Location: Norway
Posts: 391
|
|
Tried that but gives me this error:
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/user/public_html/log_in.php on line 22
always gives this when I do mysql_num_rows :\
|
07-01-2005, 01:26 PM
|
|
Junior Guru Wannabe
|
|
Join Date: Jul 2004
Location: Scotland, UK
Posts: 81
|
|
Try inserting something into the table and try again
|
07-01-2005, 01:27 PM
|
|
Web Hosting Guru
|
|
Join Date: May 2004
Location: Singapore
Posts: 262
|
|
That means that there is a problem with your query (assuming you correctly connected to the database server and selected a database).
Most likely it has to do with failure to quote your input:
SELECT * FROM users WHERE user = '$bruker' AND pass = '$pass'
__________________
#include<cstdio>
char*s="#include<cstdio>%cchar*s=%c%s%c;%cint main(){std::printf(s,10,34,s,34,10);}";
int main(){std::printf(s,10,34,s,34,10);}
|
07-01-2005, 01:35 PM
|
|
Aspiring Evangelist
|
|
Join Date: Feb 2005
Location: Norway
Posts: 391
|
|
Quote:
Originally posted by Vulture
Try inserting something into the table and try again
|
still the same :\
|
07-01-2005, 01:44 PM
|
|
Junior Guru Wannabe
|
|
Join Date: Jul 2004
Location: Scotland, UK
Posts: 81
|
|
I would take up on laserlight's idea. However I would be tempted to change the query to something like this:
PHP Code:
$query = "SELECT * FROM `users` WHERE user = '".$bruker."' AND pass = '".$pass."'";
Hopefully that'll fix it.
|
| Thread Tools |
Search this Thread |
|
|
|
| Display Modes |
 Linear Mode
|
| Postbit Selector |
|
|
Posting Rules
|
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is Off
|
|
|
|
|
|
| Login: |
|
|
| Advertisement: |
|
|
| Web Hosting News: |
|
|
|
