[advanced search]
 

Go Back   NamePros.com > Discussion > Web Design & Development > Programming

Programming PHP, Perl, Ruby on Rails, AJAX, HTML, XHTML, CSS, JavaScript, MySQL and any other coding topics.


Closed Thread
 
LinkBack Thread Tools
Old 09-12-2005, 02:33 PM   #1 (permalink)
SQLdumpster.com
 
miseria's Avatar
 
Join Date: Jun 2005
Location: West Sussex, UK
Posts: 545
205.50 NP$ (Donate)

miseria will become famous soon enoughmiseria will become famous soon enough


Back to the sign in problem

Encountered the MySQL problem again. My whole login form is screwed and I cannot cope with it anymore. Help is apreciated very much.

PHP Code:
<?php
session_start
();


include(
"config.php");

$passwordbeforemd5=$_POST['password'];

$username=$_POST['username'];
$password=md5('$passwordbeforemd5');

$query = "SELECT * FROM users WHERE username='$username' AND password='$password'" or die(mysql_error());
$id = mysql_result($query,0,"id");
$account = mysql_result($query,0,"account");


//$username=!isset($_SESSION['username'];
//$password=!isset($_SESSION['password'];

// Registering the variables uname and pwd
session_register("username","password","id", "account");

//Check user exists in database
$sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'");

//Using mysql_num_rows we count the number of rows matching username and password which should be 1 if true and 0 if false
$login_check = mysql_num_rows($sql);

if (
$login_check == "1") {
$_SESSION['logged_in'] = true;
include (
"membersarea.php");
}
else {
include(
"head.php");
session_unset();
echo
"<h1>Error</h1><p>Your attempt at logging in failed. If you feel as if there is
a problem, email the administrator at admin@darkfx.co.uk or use the contact form</p>"
;
include(
"foot.php");
}



?>

That's my whole sign in verification script. Obviously a form gets posted to this script with two text fields 'username' and 'password'. I cannot login. Or when I can, it lets me log in with any password. It's very screwed up but this is my last resort. If you guys cannot help me, I'm packing the whole thing in....Thanks
miseria is offline  
Old 09-12-2005, 02:52 PM   #2 (permalink)
NamePros Regular
 
moondog's Avatar
 
Join Date: Jun 2004
Posts: 476
3,677.00 NP$ (Donate)

moondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of light


What is the mySQL error that is being displayed?

-Bob
__________________
The mass purge has begun.
moondog is offline  
Old 09-12-2005, 03:03 PM   #3 (permalink)
SQLdumpster.com
 
miseria's Avatar
 
Join Date: Jun 2005
Location: West Sussex, UK
Posts: 545
205.50 NP$ (Donate)

miseria will become famous soon enoughmiseria will become famous soon enough


Well, it displays :

PHP Code:
Warning: mysql_result(): supplied argument is not a valid MySQL result resource in /usr/local/psa/home/vhosts/darkfx.co.uk/httpdocs/studios/xsignin.php on line 13

Warning
: mysql_result(): supplied argument is not a valid MySQL result resource in /usr/local/psa/home/vhosts/darkfx.co.uk/httpdocs/studios/xsignin.php on line 14
But I can also log in with any password as long as the username is within the database. Sorry for being grumpy - very bad day
miseria is offline  
Old 09-12-2005, 03:17 PM   #4 (permalink)
NPQ's PA, Slave, and On Call Coder

Technical Services


 
Eric's Avatar
 
Join Date: Mar 2005
Posts: 4,545
0.71 NP$ (Donate)

Eric has a reputation beyond reputeEric has a reputation beyond reputeEric has a reputation beyond reputeEric has a reputation beyond reputeEric has a reputation beyond reputeEric has a reputation beyond reputeEric has a reputation beyond reputeEric has a reputation beyond reputeEric has a reputation beyond reputeEric has a reputation beyond reputeEric has a reputation beyond repute

Save a Life Child Abuse 9/11/01 :: Never Forget Baby Health Marrow Donor Program AIDS/HIV Breast Cancer Cystic Fibrosis Ethan Allen Fund Animal Cruelty Ethan Allen Fund Ethan Allen Fund Cancer Alzheimer's Protect Our Planet Cancer Survivorship SIDS Child Abuse
Kinda in a rush but I think this will work..

PHP Code:
<?php
session_start
();


include(
"config.php");

$passwordbeforemd5 = $_POST['password'];

$username = $_POST['username'];
$password = md5('$passwordbeforemd5');

$query = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' LIMIT 1") or die(mysql_error());
$id = mysql_query($query, 0, "id");
$account = mysql_query($query, 0, "account");


//$username=!isset($_SESSION['username'];
//$password=!isset($_SESSION['password'];

// Registering the variables uname and pwd
session_register("username", "password", "id", "account");

//Check user exists in database
$sql = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password' LIMIT 1");

//Using mysql_num_rows we count the number of rows matching username and password which should be 1 if true and 0 if false
$login_check = mysql_num_rows($sql);

if (
$login_check == "1") {
$_SESSION['logged_in'] = true;
include (
"membersarea.php");
}
else {
include(
"head.php");
session_unset();
echo
"<h1>Error</h1><p>Your attempt at logging in failed. If you feel as if there is
a problem, email the administrator at admin@darkfx.co.uk or use the contact form</p>"
;
include(
"foot.php");
}

?>
__________________

Last edited by SecondVersion; 09-12-2005 at 03:22 PM.
Eric is offline  
Old 09-12-2005, 03:22 PM   #5 (permalink)
SQLdumpster.com
 
miseria's Avatar
 
Join Date: Jun 2005
Location: West Sussex, UK
Posts: 545
205.50 NP$ (Donate)

miseria will become famous soon enoughmiseria will become famous soon enough


Thanks for the help but no change
miseria is offline  
Old 09-12-2005, 05:04 PM   #6 (permalink)
NamePros Regular
 
moondog's Avatar
 
Join Date: Jun 2004
Posts: 476
3,677.00 NP$ (Donate)

moondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of light


Again, I think you forgot the mysql_query when you defined $query. Try changing this:

PHP Code:
$query = "SELECT * FROM users WHERE username='$username' AND password='$password'" or die(mysql_error());
$id = mysql_result($query,0,"id");
$account = mysql_result($query,0,"account");
To this:

PHP Code:
$query = mysql_query("SELECT * FROM users WHERE username='$username' AND password='$password'") or die(mysql_error());
$id = mysql_result($query,0,"id");
$account = mysql_result($query,0,"account");
-Bob
__________________
The mass purge has begun.
moondog is offline  
Old 09-13-2005, 08:02 AM   #7 (permalink)
SQLdumpster.com
 
miseria's Avatar
 
Join Date: Jun 2005
Location: West Sussex, UK
Posts: 545
205.50 NP$ (Donate)

miseria will become famous soon enoughmiseria will become famous soon enough


I did try that but I must've changed it back. This prevents the PHP error but I am still able to log in with any password
miseria is offline  
Old 09-13-2005, 12:23 PM   #8 (permalink)
NamePros Regular
 
moondog's Avatar
 
Join Date: Jun 2004
Posts: 476
3,677.00 NP$ (Donate)

moondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of light


Hmmm, tough but interesting one. Would you like me to have a look at it for you? I am good with troubleshooting. All I'd need is ftp access.

-Bob
__________________
The mass purge has begun.
moondog is offline  
Old 09-13-2005, 01:24 PM   #9 (permalink)
SQLdumpster.com
 
miseria's Avatar
 
Join Date: Jun 2005
Location: West Sussex, UK
Posts: 545
205.50 NP$ (Donate)

miseria will become famous soon enoughmiseria will become famous soon enough


That would be brilliant. I'm just trying to fixup an FTP account which is proving difficult
__________________
!!!!!!! see something you like? Accepting offers for great affiliate websites !!!!!!!
Free Databases for your Website | All Things Playstation 3
Website Design Books | Music While You Work? | Computer Gadgets
miseria is offline  
Old 09-15-2005, 09:10 AM   #10 (permalink)
NamePros Regular
 
moondog's Avatar
 
Join Date: Jun 2004
Posts: 476
3,677.00 NP$ (Donate)

moondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of light


After playing around with it, the problem lies here (I should have seen this in the beginning):

PHP Code:
$password=md5('$passwordbeforemd5');

the md5 function takes a string as a parameter. You have passed it a parameter, but you have enclosed it in single quotes. When you enclose a variable in single quotes, the variable is NOT interpolated. All you have to do is change the single quotes to double quotes and it works (which I did in your script).

So in essence what was happening is that the md5() function was performing its duty on the string '$passwordbeforemd5' ALL THE TIME, and NOT what the user had entered in the password form field. This led to the SAME $password variable EVERY time.

You will need to reset the password for the specified user to whatever you want it to be, then all should work.

PM / reply if you have additional questions.

-Bob
__________________
The mass purge has begun.

Last edited by moondog; 09-15-2005 at 09:16 AM.
moondog is offline  
Old 09-16-2005, 06:11 AM   #11 (permalink)
SQLdumpster.com
 
miseria's Avatar
 
Join Date: Jun 2005
Location: West Sussex, UK
Posts: 545
205.50 NP$ (Donate)

miseria will become famous soon enoughmiseria will become famous soon enough


woAh. I cannot thank you enough!

Reputation boosted! NP $'s Donated (bit tight though, sorry)!

__________________
!!!!!!! see something you like? Accepting offers for great affiliate websites !!!!!!!
Free Databases for your Website | All Things Playstation 3
Website Design Books | Music While You Work? | Computer Gadgets
miseria is offline  
Old 09-16-2005, 11:16 AM   #12 (permalink)
NamePros Regular
 
moondog's Avatar
 
Join Date: Jun 2004
Posts: 476
3,677.00 NP$ (Donate)

moondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of lightmoondog is a glorious beacon of light


Quote:
Originally Posted by miseria
woAh. I cannot thank you enough!

Reputation boosted! NP $'s Donated (bit tight though, sorry)!

Welcome and no worries on the NP$. Glad I could help.

Happy coding.

-Bob
__________________
The mass purge has begun.
moondog is offline  
Closed Thread


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Back Button problem after log out HELP! 3rulzs Programming 2 05-17-2004 06:55 AM
Howto: Protect your site from BACK BUTTON TRAPS Mp)Tarh Webmaster Tutorials 0 08-10-2003 12:13 PM

Site Sponsors
Advertise your business at NamePros

All times are GMT -7. The time now is 08:47 AM.


Powered by: vBulletin® Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.3.0
Template-Modifications by TMS
vBCredits v1.4 Copyright ©2007 - 2008, PixelFX Studios

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85