Results 1 to 23 of 23

Thread: PHP & MySQL

  1. #1
    Join Date
    Feb 2005
    Location
    Norway
    Posts
    391

    PHP & MySQL

    Hi,

    I have just started MySQL and now know how to insert and retrieve data. This is just a register script for the users to register, and their user+pass gets put in my database. So now I plan to do this member script. I have added users to the database using using a HTML form posting to a file named reg.php which code is as following:
    PHP Code:

        $user 
    $_POST['user'];
        
    $pass $_POST['pass'];

        include(
    "config.php");
        
    mysql_connect($hostname,$username,$password);
        @
    mysql_select_db($database) or die("Unable to select that database");
        
    $query "INSERT INTO users VALUES ('','$user','$pass')";
        
    $result=mysql_query($query);
        
    mysql_close(); 
    This works ok for entering the data: username, password and a uniqe ID into the 'users' table. But now I have to do the login form, I want it to look in the 'users' table to see if it finds their username+password. Can anyone help me with how I can do this? Thanks Alot.. have a good summer everyone!

  2. #2
    UrlGuy,

    A quick and simple example may be as follows:

    PHP Code:
    $user $_POST['user'];  
    $pass $_POST['pass'];    
     
    include(
    "config.php");   
    mysql_connect($hostname,$username,$password); 
    @
    mysql_select_db($database) or die("Unable to select that database");   
    $query "SELECT * FROM users WHERE user = $user AND pass = $pass";   
    $result $db->query($sql);    

    if(
    $result->numRows() < 1)  
    {      
    /* Access is denied */  
    }  
    else  
    {      
    /* Logged in */  
    }    
    mysql_close(); 
    Naturally this is not fully secure but itís a starting point.
    Last edited by p.davies; 07-01-2005 at 10:24 AM.

  3. #3
    Join Date
    Feb 2005
    Location
    Norway
    Posts
    391
    Thanks for reply.

    When I use the above code with my script I get this file:

    PHP Code:

    <?PHP
        
    include("config.php");
        @
    session_start();
        if (empty(
    $user) || empty($pass)) {
            
    $logged_in false;
            
    $_SESSION['logged_in'] = false;
            echo 
    "<B>You forgot to enter your username or password</B><BR>";
            include(
    "login.php");
            exit;
        }



    $user $_POST['user'];   
    $pass $_POST['pass'];     
        
    mysql_connect($hostname,$username,$password); 
    @
    mysql_select_db($database) or die("Unable to select that database");    
    $query "SELECT * FROM users WHERE user = $user AND pass = $pass";    
    $result $db->query($sql);     

    if(
    $result->numRows() < 1)   
    {       
    echo 
    "Wrong username or password<BR>";
    include(
    "login.php");
    exit;  
    }   
    else   
    {       
    $_SESSION['logged_in'] = true;
    header('Location: members.php');  
    }     
    mysql_close();


    ?>

    But then I get this error:
    Fatal error: Call to a member function on a non-object in /home/user/public_html/log_in.php on line 20

    Here is line 20:
    $result = $db->query($sql);


    By the way.. when I setup the 'users' table I used this code:
    $query="CREATE TABLE users (id int(6) NOT NULL auto_increment,first varchar(15) NOT NULL,last varchar(15) NOT NULL,phone varchar(20) NOT NULL,mobile varchar(20) NOT NULL,fax varchar(20) NOT NULL,email varchar(30) NOT NULL,web varchar(30) NOT NULL,PRIMARY KEY (id),UNIQUE id (id),KEY id_2 (id))";
    I know this creates a little too many fields as I only need 3 but I copied&pasted this as I'm not sure how to edit it right.. do I have to name one field 'usernames' and another 'passwords' to use the "SELECT * FROM users WHERE user = $user AND pass = $pass" ? How do I do this? Or is all I needed to do is setup the 'users' table and it autoassigns the data?


    Hope anyone can help me with these 2 problems... thanks!!
    Last edited by UrlGuy; 07-01-2005 at 12:04 PM.

  4. #4
    Join Date
    Jul 2004
    Location
    Scotland, UK
    Posts
    81
    For line 20 change
    PHP Code:
    $result $db->query($sql); 
    to
    PHP Code:
    $result mysql_query($query); 
    I'm not sure what you mean regarding your second problem, can you explain a bit more?
    Scott - My Spiel

  5. #5
    Join Date
    Feb 2005
    Location
    Norway
    Posts
    391
    thanks.. think it worked, get a blank white page now and no error atleast..

    I meant.. since its something like "SELECT * FROM users WHERE user = $user AND pass = $pass

    with the WHERE user = $user
    is 'user' a seperate column or row or something? How can I set up that? I have only setup the table 'users', no rows or any more.. Hope I wrote better now.. if not tell me and I'll try explain more. Thanks!!

  6. #6
    Join Date
    Jul 2004
    Location
    Scotland, UK
    Posts
    81
    The SELECT query will go to the table named "users" (which your above CREATE query will have created). It will then look in the field "user" (which you have not yet created) for the value which was input, if there is a matching "pass" in the pass field it will return the entire row.

    Since you don't have a table fully setup, try this sql code. It will drop your existing table, create a new one named "users", it has 3 fields - id (which is auto-inc), user (the username) and pass (the password):
    Code:
    DROP TABLE IF EXISTS `users`;
    CREATE TABLE `users` (
    `id` INT( 5 ) NOT NULL AUTO_INCREMENT ,
    `user` VARCHAR( 30 ) NOT NULL ,
    `pass` VARCHAR( 40 ) NOT NULL ,
    PRIMARY KEY ( `id` )
    );
    The pass field is probably a bit longer than you'll need...I've done this to allow you to encrypt the passes later...which is something you'll want to do.

    Hope that helps, give me a shout if you need more explination
    Scott - My Spiel

  7. #7
    Join Date
    Feb 2005
    Location
    Norway
    Posts
    391
    Thanks, seems to be what I'm looking for!


    But now my setup.php file fails with that code :\
    It looks like this:

    PHP Code:
    <?
    require("config.php");
    mysql_connect($hostname,$username,$password);
    @
    mysql_select_db($database) or die( "Unable to select database");

    $query="DROP TABLE IF EXISTS `users`
    CREATE TABLE `users` (
    `id` INT( 5 ) NOT NULL AUTO_INCREMENT ,
    `user` VARCHAR( 30 ) NOT NULL ,
    `pass` VARCHAR( 40 ) NOT NULL ,
    PRIMARY KEY ( `id` )
    );

    mysql_query(
    $query);
    mysql_close(); 
    echo "
    Database created";
    ?>

    But gives this error:
    Parse error: parse error, unexpected T_STRING in /home/user/public_html/setup.php on line 17
    which is this line:
    echo "Database created";

    Any help apprecciated!

  8. #8
    Join Date
    Jul 2004
    Location
    Scotland, UK
    Posts
    81
    Just a few errors. Try this:
    PHP Code:
    <?php
    require("config.php");
    mysql_connect($hostname,$username,$password);
    @
    mysql_select_db($database) or die("Unable to select database");

    $query="DROP TABLE IF EXISTS `users`;
    CREATE TABLE `users` (
    `id` INT( 5 ) NOT NULL AUTO_INCREMENT ,
    `user` VARCHAR( 30 ) NOT NULL ,
    `pass` VARCHAR( 40 ) NOT NULL ,
    PRIMARY KEY ( `id` )
    );"
    ;

    mysql_query($query);
    mysql_close();
    echo 
    "Database created";
    ?>
    Scott - My Spiel

  9. #9
    Join Date
    Feb 2005
    Location
    Norway
    Posts
    391
    Thanks it worked!!



    Although still some error..

    This is my log_in.php:

    PHP Code:
    <?PHP
        
    include("config.php");
        @
    session_start();
        if (empty(
    $bruker) || empty($pass)) {
            
    $logged_in false;
            
    $_SESSION['logged_in'] = false;
            echo 
    "<B>$no_login</B><BR>";
            include(
    "login.php");
            exit;
        }



    $bruker $_POST['bruker'];   
    $pass $_POST['pass'];     
        
    mysql_connect($hostname,$username,$password); 
    @
    mysql_select_db($database) or die("Unable to select that database");    
    $query "SELECT * FROM users WHERE user = $bruker AND pass = $pass";
    $result mysql_query($query);   


    if(
    $result->numRows() < 1)   
    {       
    echo 
    "$wrong_login<BR>";
    include(
    "login.php");
    exit;  
    }   
    else   
    {       
    $_SESSION['logged_in'] = true;
    header('Location: $hidden');  
    }     
    mysql_close();


    ?>

    It says this:

    Fatal error: Call to a member function on a non-object in /home/user/public_html/log_in.php on line 23

    like 23 is this:
    if($result->numRows() < 1)

    It really seems ok.. can't really get whats wrong but.. hm..
    full code is the one above..

    thanks again!

  10. #10
    Join Date
    Jul 2004
    Location
    Scotland, UK
    Posts
    81
    Change line 23 to:
    PHP Code:
    if (mysql_num_rows($result) < 1
    Should solve the problem
    Scott - My Spiel

  11. #11
    Join Date
    Feb 2005
    Location
    Norway
    Posts
    391
    Tried that but gives me this error:

    Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/user/public_html/log_in.php on line 22

    always gives this when I do mysql_num_rows :\

  12. #12
    Join Date
    Jul 2004
    Location
    Scotland, UK
    Posts
    81
    Try inserting something into the table and try again
    Scott - My Spiel

  13. #13
    Join Date
    May 2004
    Location
    Singapore
    Posts
    262
    That means that there is a problem with your query (assuming you correctly connected to the database server and selected a database).

    Most likely it has to do with failure to quote your input:
    SELECT * FROM users WHERE user = '$bruker' AND pass = '$pass'
    #include<cstdio>
    char*s="#include<cstdio>%cchar*s=%c%s%c;%cint main(){std::printf(s,10,34,s,34,10);}";
    int main(){std::printf(s,10,34,s,34,10);}

  14. #14
    Join Date
    Feb 2005
    Location
    Norway
    Posts
    391
    Originally posted by Vulture
    Try inserting something into the table and try again
    still the same :\

  15. #15
    Join Date
    Jul 2004
    Location
    Scotland, UK
    Posts
    81
    I would take up on laserlight's idea. However I would be tempted to change the query to something like this:
    PHP Code:
    $query "SELECT * FROM `users` WHERE user = '".$bruker."' AND pass = '".$pass."'"
    Hopefully that'll fix it.
    Scott - My Spiel

  16. #16
    Join Date
    Feb 2005
    Location
    Norway
    Posts
    391
    Ok, Ill post all the files I use.. here it is:


    This is just the login HTML form(login.php):
    PHP Code:
    <?PHP
    @session_start();
    ?>
    <FORM action="log_in.php" method="post">
    Username:<BR>
    <INPUT type="text" name="user" autocomplete="off"><BR>
    Password:<BR>
    <INPUT type="text" name="pass" autocomplete="off"><BR>
    <INPUT type="submit" value="Login">
    </FORM><BR>
    <?PHP
    if($logged_in != false) {
    ?>
    <a href=logout.php>LogOut</a>
    <?php
    } else {
    ?>
    <a href=register.php>Register</a>
    <?PHP
    }
    ?>


    This is the page that login.php POST to(log_in.php):
    PHP Code:
    <?PHP
        
    include("config.php");
        @
    session_start();
        if (empty(
    $user) || empty($pass)) {
            
    $logged_in false;
            
    $_SESSION['logged_in'] = false;
            echo 
    "<B>$no_login</B><BR>";
            include(
    "login.php");
            exit;
        }



    $user $_POST['user'];   
    $pass $_POST['pass'];     
        
    mysql_connect($hostname,$username,$password); 
    @
    mysql_select_db($database) or die("Unable to select that database");    
    $query "SELECT * FROM users WHERE user = $user AND pass = $pass";
    $result mysql_query($query);   

    if (
    mysql_num_rows($result) < 1
    {       
    echo 
    "wrong username or password<BR>";
    include(
    "login.php");
    exit;  
    }   
    else   
    {       
    $_SESSION['logged_in'] = true;
    header('Location: members.php');  
    }     
    mysql_close();


    ?>


    Heres the register file which is pure HTML(register.php):
    PHP Code:
    <FORM action="reg.php" method="post">
    Username:<BR>
    <
    INPUT type="text" name="user"><BR>
    Password:<BR>
    <
    INPUT type="text" name="pass"><BR>
    <
    INPUT type="submit" value="Create Account">
    </
    FORM><BR

    Heres the register file the above file POST to(reg.php):

    PHP Code:
    <?PHP
        $user 
    $_POST['user'];
        
    $pass $_POST['pass'];

        include(
    "config.php");
        
    mysql_connect($hostname,$username,$password);
        @
    mysql_select_db($database) or die("Unable to select that database");
        
    $query "INSERT INTO users VALUES ('','$user','$pass')";
        
    $result=mysql_query($query);
        
    mysql_close();
    ?>


    My members.php look like this:

    PHP Code:
    <?PHP
    include("config.php");
    @
    session_start();
    if(
    $logged_in != true) {
    echo 
    "<B>You are not logged in..</B>";
    include(
    "login.php");
    exit;
    } else {
    @
    session_start();
    $_SESSION['logged_in'] = true;
    $logged_in true;
    }
    echo 
    "You are now logged in to the members area!";
    ?>



    My setup.php which are supposed to create the entries look like this:

    PHP Code:
    <?
    require("config.php");
    mysql_connect($hostname,$username,$password);
    @
    mysql_select_db($database) or die( "Unable to select database");

    $query="DROP TABLE IF EXISTS `users`; 
    CREATE TABLE `users` ( 
    `id` INT( 5 ) NOT NULL AUTO_INCREMENT , 
    `user` VARCHAR( 30 ) NOT NULL , 
    `pass` VARCHAR( 40 ) NOT NULL , 
    PRIMARY KEY ( `id` ) 
    );"


    mysql_query($query); 
    mysql_close(); 
    echo 
    "Database created"
    ?>

  17. #17
    Join Date
    Feb 2005
    Location
    Norway
    Posts
    391
    Originally posted by Vulture
    I would take up on laserlight's idea. However I would be tempted to change the query to something like this:
    PHP Code:
    $query "SELECT * FROM `users` WHERE user = '".$bruker."' AND pass = '".$pass."'"
    Hopefully that'll fix it.
    Still gave me same error
    :
    Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/user/public_html/log_in.php on line 22




    Thanks for taking time to write all these replies though

  18. #18
    Join Date
    Jul 2004
    Location
    Scotland, UK
    Posts
    81
    I've copied all the files to my computer, and this seems to get rid of the error (log_in.php)
    PHP Code:
    <?php
    include("config.php");
    $user $_POST['user'];   
    $pass $_POST['pass'];    
    @
    session_start();
    if (empty(
    $user) || empty($pass)) {
           
    $logged_in false;
            
    $_SESSION['logged_in'] = false;
            echo 
    "<B>$no_login</B><BR>";
            include(
    "login.php");
            exit;
    }

        
    mysql_connect($hostname,$username,$password);
    @
    mysql_select_db($database) or die("Unable to select that database");    
    $query "SELECT * FROM users WHERE user = '".$user."' AND pass = '".$pass."'";
    $result mysql_query($query);   

    if (
    mysql_num_rows($result) < 1)
    {       
    echo 
    "wrong username or password<BR>";
    include(
    "login.php");
    exit;  
    }   
    else   
    {       
    $_SESSION['logged_in'] = true;
    header('Location: members.php');  
    }     
    mysql_close();


    ?>
    *Hopefully* that'll sort it. If not, you could always use the @ operator - we know that i'll report "wrong username.." if need be.
    Scott - My Spiel

  19. #19
    Join Date
    Feb 2005
    Location
    Norway
    Posts
    391
    Thanks man, but still the damn same error :\

    Gives me this:

    Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/user/public_html/log_in.php on line 20
    Wrong username or password


    and always says wrong username and pass even though I just registered.
    Line 20 is this:
    if (mysql_num_rows($result) < 1) and I used the above code as my log_in.php

  20. #20
    Join Date
    Jul 2004
    Location
    Scotland, UK
    Posts
    81
    I'm more confused than ever. If you have phpmyadmin or similar, check that the database table has been setup properly and the user/pass you registered has been inserted. I've tried in on my server and everything is working fine (with a legit and illegit member).

    Because the num rows error is so annoying, you should be able to stop it by changing the line to this:
    PHP Code:
    if (@mysql_num_rows($result) < 1
    I'm pretty much stumped on why that error is still being displayed, unless your having problems with the files not saving or something.

    Sorry I can't be more of a help.
    Scott - My Spiel

  21. #21
    Join Date
    Feb 2005
    Location
    Norway
    Posts
    391
    hmm... I created a new database now just incase.

    I use this in setup.php:

    PHP Code:
    <?
    require("config.php");
    mysql_connect($hostname,$username,$password);
    @
    mysql_select_db($database) or die( "Unable to select database");

    $query="DROP TABLE IF EXISTS `users`; 
    CREATE TABLE `users` ( 
    `id` INT( 5 ) NOT NULL AUTO_INCREMENT , 
    `bruker` VARCHAR( 30 ) NOT NULL , 
    `pass` VARCHAR( 40 ) NOT NULL , 
    PRIMARY KEY ( `id` ) 
    );"


    mysql_query($query); 
    mysql_close(); 
    echo 
    "Database created"
    ?>
    It says "Database created", but when I now checked phpmyadmin it sayd "no tables"

    When I manually ran this query:

    CREATE TABLE `users` (
    `id` INT( 5 ) NOT NULL AUTO_INCREMENT ,
    `bruker` VARCHAR( 30 ) NOT NULL ,
    `pass` VARCHAR( 40 ) NOT NULL ,
    PRIMARY KEY ( `id` )
    );

    then it worked and the login system was like I want it....
    maybe something with setup.php that I havent seen? appearently it doesnt make the tables
    Thanks again for being helpful!

  22. #22
    Join Date
    Jul 2004
    Location
    Scotland, UK
    Posts
    81
    Weird, cause setup.php worked fine for me.

    At least its sorted
    Scott - My Spiel

  23. #23
    Join Date
    Feb 2005
    Location
    Norway
    Posts
    391
    nvm it works perfectly now!!
    Thanks alot for all help, greatly apprecciated!!
    Have a great summer!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •