boblan66 Posted November 10, 2010 Share Posted November 10, 2010 People on this forum have given me great advise. Now I almost have my login PHP correct. One thing is going wrong. (has to be my code) When I run the login and have it processed, it falls through the testing directly to the error statements. Checked the code but I cant figure it out. Been playing with it for 3 hours. I'll be highly grateful if someone out there can solve this. My code: <?php // Open members db - ceck to ensure user is not previously logged in - if no log yhe user in to the mem_log table. // If yes display appropriate error message. /// Page Name: login.php /// Date: 11-7-10 Time: 5:34 /// Tested: 11-7-10 by: bnl include "include/session.php"; include "include/z_db.php"; $userName=$_POST['userName']; $password=$_POST['password']; ?> <!doctype html> <html> <head> <title>Taft Union High School Alumni Class of 1965</title> <meta name="GENERATOR" content="NotePad++"> <meta name="FORMATTER" content="NotePad++"> </head> <body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#800080" alink="#ff0000"> <?php $userName=mysql_real_escape_string($userName); $passWord=mysql_real_escape_string($passWord); $sql_query = mysql_query("SELECT * FROM `signup` WHERE `userName`='$userName' AND `passWord` = '$passWord' LIMIT 1"); if (mysql_num_rows($sql_query) > 0) { //log session data include "include/newsession.php"; $tm=date("Y-m-d H:i:s"); //$ip=@$REMOTE_ADDR; // The above line is commented and the line below is used for the servers where register_global=Off $ip=$_SERVER['REMOTE_ADDR']; echo $ip; $rt=mysql_query("insert into mem_login(id,userName,ip,tm) values('$_SESSION[id]','$_SESSION[userName]','$ip','$tm')"); // Username and password passed redirect to memPage header("location: memPage.html"); session_unset(); } else { // RUN YOUR ERROR MESSAGE echo " <div style='width:350px; border: medium ridge navy; background-color:gold; padding:10px;' > <table border='0' cellspacing='0' cellpadding='3' align='center bgcolor='gold'> <th style='font-weight:bold; fony-size:1,4em;color:#FFFFFF;background-color:red;'> INCORRECT USERNAME OR PASSWORD <hr> </th> <tr> <td>The username or Password was not located in the database, Check to ensure you have the correct information. If you need assistance, contact the site administrator at: <br> http://www.admin@tuhs-class65.c9m. <br><br> <center> <input type='button' value='Retry' onClick='history.go(-1)'> </center> </td> </tr> </table> </div> "; } ?> </body> </html> I know the program is working as the includes are being pulle in. I also have two records in the table. Quote Link to comment Share on other sites More sharing options...
litebearer Posted November 10, 2010 Share Posted November 10, 2010 Didn't read all the code; however, step 1 is to echo out your variables to ensure they contain what you think they should contain Quote Link to comment Share on other sites More sharing options...
boblan66 Posted November 10, 2010 Author Share Posted November 10, 2010 Let me do that! Thanks for the fast reply. Quote Link to comment Share on other sites More sharing options...
boblan66 Posted November 10, 2010 Author Share Posted November 10, 2010 I placed a couple of echos to check the data, and now nothing is shown. When I attempt to look at the source code, the page is blank, as though nothing is being interrupted. I took out the echo statements and the same thing happens. Any ideas? CODE: <?php // Open members db - ceck to ensure user is not previously logged in - if no log yhe user in to the mem_log table. // If yes display appropriate error message. /// Page Name: login.php /// Date: 11-9-10 Time: 7:28pm /// Tested: 11-7-10 by: bnl include "include/session.php"; include "include/z_db.php"; $userName=$_POST['userName']; $password=$_POST['password']; ?> <!doctype html> <html> <head> <title>Taft Union High School Alumni Class of 1965</title> <meta name="GENERATOR" content="NotePad++"> <meta name="FORMATTER" content="NotePad++"> </head> <body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#800080" alink="#ff0000"> <?php $userName=mysql_real_escape_string($userName); $passWord=mysql_real_escape_string($passWord); //////// echo $userName $sql_query = mysql_query("SELECT * FROM `signup` WHERE `userName`='$userName' AND `passWord` = '$passWord' LIMIT 1"); if (mysql_num_rows($sql_query) > 0) { //log session data include "include/newsession.php"; $tm=date("Y-m-d H:i:s"); //$ip=@$REMOTE_ADDR; // The above line is commented and the line below is used for the servers where register_global=Off $ip=$_SERVER['REMOTE_ADDR']; echo $ip; $rt=mysql_query("insert into mem_login(id,userName,ip,tm) values('$_SESSION[id]','$_SESSION[userName]','$ip','$tm')"); // Username and password passed redirect to memPage header("location: memPage.html"); session_unset(); } else { // RUN YOUR ERROR MESSAGE echo " <div style='width:350px; border: medium ridge navy; background-color:gold; padding:10px;' > <table border='0' cellspacing='0' cellpadding='3' align='center bgcolor='gold'> <th style='font-weight:bold; fony-size:1,4em;color:#FFFFFF;background-color:red;'> INCORRECT USERNAME OR PASSWORD <hr> </th> <tr> <td>The username or Password was not located in the database, Check to ensure you have the correct information. If you need assistance, contact the site administrator at: <br> http://www.admin@tuhs-class65.c9m. <br><br> <center> <input type='button' value='Retry' onClick='history.go(-1)'> </center> </td> </tr> </table> </div> "; } ?> </body> </html> [attachment deleted by admin] Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.