php connecting to mysql but not authenticating me in php

xxsunshinegodxx · February 3, 2011

I am moving a site from another server to a new one. I have changed all the code snippets to reflect the new server and the new database but for some reason when I come to login it will not take me further. I know that the code has connected to the database as I have a userlog table on there telling me I when I logged in last.

elow is my login.php (there is obviously more than the code included)

<?
require 'include/common.inc.php';
require 'include/session.inc.php';

if(($u_username != "") || ($u_password != "")) {
  $funcResult = authenticateUser($u_username, $u_password, $chkRemember);
  if(!$funcResult->returnValue) {
      header("Location: login.php?msg=" . $funcResult->errorMessage);
      echo "ERROR: " . $funcResult->errorMessage;
  } else {
      if($artid!="") {
    header("Location: news/readarticle.php?artid=$artid");
  } else {
	  if($funcResult->errorMessage == "M") {
		  header("Location: members/index.php");
		  exit;
	  } elseif($funcResult->errorMessage == "B") {
		  header("Location: business/index.php");
		  exit;
	  }
	  $msg = "Invalid UserName/Password";
  }
  }
}

?>
<html>
<head>
<title>Welcome to Newquay Uncovered</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link href="images/style.css" rel="stylesheet" type="text/css">
<script language="Javascript">
<!--

  function validate(frm) {
    for(i=0;i<frm.length;i++) {
      if((frm.elements[i].type == "text" || frm.elements[i].type == "password") && frm.elements[i].value == "") {
        alert("Please fill in the required details");
        frm.elements[i].focus();
        return false;
      }
    }
    return true;
  }

//-->
</script>

Here is Common

<?
  require '/home/xmasphot/public_html/www.newquayuncovered.com/include/db.inc.php';
//  require '/dump/ldev/newquayuncovered/revamped/include/db.inc.php';

// USER UPLOAD FOLDER
  $uploaddir = "/home/xmasphot/public_html/www.newquayuncovered.com/members/uploads/";
//  $uploaddir = "/dump/ldev/newquayuncovered/revamped/members/uploads/";
  $pic_path = "/members/uploads/";
  $nophoto = "/images/nophoto.jpg";
  $pending = "/images/pending.jpg";
  $fromemailaddresss = "help@newquayuncovered.com";
  global $sportspicpath;
  global $sports_rpicpath;

//  $sports_rpicpath = "/dump/ldev/newquayuncovered/revamped/admin/sports/images/";
//  $sports_picpath = "/newquayuncovered/revamped/admin/sports/images/";

  $sports_rpicpath = "/home/xmasphot/public_html/www.newquayuncovered.com/admin/sports/images/";
  $sports_picpath = "/admin/sports/images/";

  if ($uid == "")  {
    $uid = 0;
  }

  function sendErrorPage($mesg) {
    echo "Error Generated: <BR>$mesg";
exit;
  }

  function getDateString() {
    /* The function getDateString() returns the current date in the
     * format YYYY-MM-DD. This function is used when inserting date
     * columns into MySQL table
     */
     return date(Y-m-d);
  }

  function getCountry($chk) {
    $query = "SELECT c_cid, c_cname FROM nq_country ORDER BY c_cname";
    $results = mysql_query($query);
    echo "<option value=''><-- Select --></option>";
    while($row = mysql_fetch_object($results)) {
      if($chk == $row->c_cid) {
          echo "<option value='$row->c_cid' selected>$row->c_cname</option>\n";
      } else {
          echo "<option value='$row->c_cid'>$row->c_cname</option>\n";
      }
    }
  }

  function getGender($chk) {
    echo "<option value=''><-- Select --></option>\n";
    if($chk != "" && $chk == 0) {
        echo "<option value=0 selected>Female</option>\n";
    } else {
        echo "<option value=0>Female</option>\n";
    }
    if($chk == 1) {
        echo "<option value=1 selected>Male</option>\n";
    } else {
        echo "<option value=1>Male</option>\n";
    }
  }

  function getSexuality($chk, $type="") {
    $arrVals = array( "R" => "Rather Not Say",   "S" => "Straight",
				  "O" => "Open Minded",	   "G" => "Gay/Lesbian",
				  "B" => "BiSexual"
		   );

if($type == 1) { echo $arrVals[$chk]; return; }

    echo "<option value=''><-- Select --></option>\n";
foreach($arrVals as $abbr=>$val) {
      if($abbr == $chk) {
    echo "<option value='" . $abbr . "' selected>" . $val . "</option>\n";
  } else {
    echo "<option value='" . $abbr . "'>" . $val . "</option>\n";
  }
}
  }

  function getDOB_Date($chk) {
    echo "<option>--</option>\n";
    for($i=1; $i<=31; $i++) {
      if($chk == $i) {
          echo "<option value=$i selected>$i</option>\n";
      } else {
          echo "<option value=$i>$i</option>\n";
      }
    }
  }

  function getDOB_Month($chk) {
    echo "<option>--</option>\n";
    $arr_Month = array('Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec');
    $i = 1;
    foreach ($arr_Month as $temp) {
     if($chk == $i) {
          echo "<option value=$i selected>$temp</option>\n";
     } else {
          echo "<option value=$i>$temp</option>\n";
     }
        $i++;
    }
  }

  function getDOB_Year($chk) {
    echo "<option>--</option>\n";
    for($i=1960; $i<=1999; $i++) {
      if($chk == $i) {
          echo "<option value=$i selected>$i</option>\n";
      } else {
          echo "<option value=$i>$i</option>\n";
      }
    }
  }

  function getDBConnection() {
    global $hostName, $databaseName, $userName, $password, $con;
// Get a persistent database connection
if(!($link = mysql_pconnect($hostName, $userName, $password))) {
  return new Function_Result("Internal Error: Could not open database connection", null);
}
// Select mysql database
if(!mysql_select_db($databaseName, $link)) {
  return new Function_Result("Internal Error: Could not select database",null);
}
return new Function_Result(null, $link);
  }

  function logout() {
    global $uid;
global $username;
global $isAuthenticated;
global $userType;
    session_start();

    global $REMOTE_ADDR;

    // Get DB Connection
    $funcResult = getDBConnection();
    if($funcResult->returnValue == null) {
      return $funcResult;
    }
    $link = $funcResult->returnValue;
$updStmt = "UPDATE nq_userlog SET ul_online_status=0 ,ul_last_logout=now() ,ul_last_logon_ip='$REMOTE_ADDR' WHERE ul_ulid='$uid'";
if(!mysql_query($updStmt, $link)) {
  return new Function_Result("Cannot update log.", null);
}
session_unregister("uid");
session_unregister("username");
    session_unregister("isAuthenticated");
    session_unregister("userType");

return new Function_Result(null, true);
  }

class Function_Result
{
  var $errorMessage;
  var $returnValue;

  function Function_Result($errMessage, $retValue) {
    $this->errorMessage = $errMessage;
    $this->returnValue = $retValue;
  }
}

function validateusername($u_username){
    $u_username = trim($u_username);

    $funcResult = getDBConnection();
    if($funcResult->returnValue == null) {
      return $funcResult;
    }
    $link = $funcResult->returnValue;
$selectUserStmt = "SELECT u_uid,u_password,u_email FROM nq_user WHERE u_username='$u_username'";

if(!($result = mysql_query($selectUserStmt, $link))) {
  return new Function_Result("Internal Error: Could not execute SQL Query", null);
}
if(!($row = mysql_fetch_object($result))) {
      return new Function_Result("Invalid UserName", null);
}
      return new Function_Result(null,$row);
}


function dynamicpictures() {

    $funcResult = getDBConnection();
    if($funcResult->returnValue == null) {
      return $funcResult;
    }
    $link = $funcResult->returnValue;
$selectUserStmt = "SELECT * FROM nq_pictures LEFT JOIN nq_user on pic_uid=u_uid WHERE pic_approval=1 AND pic_folder=0 AND pic_adult=0 AND pic_filename!='' AND pic_default=1 ORDER BY pic_date DESC LIMIT 5";

if(!($result = mysql_query($selectUserStmt, $link))) {
  return new Function_Result("Internal Error: Could not execute SQL Query", null);
}
      return new Function_Result(null,$result);
}

  function msgStatus($uid) {
    $funcResult = getDBConnection();
    if(!$funcResult->returnValue) {
      sendErrorPage($funcResult->errorMessage);
    }
    $link = $funcResult->returnValue;
    $selectStmt = "SELECT COUNT(*) FROM nq_message WHERE msg_to_uid=$uid AND msg_status=0";
  	if(!($result = mysql_query($selectStmt, $link))) {
  return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
}
if(!($row = mysql_fetch_row($result))) {
  return new Function_Result("Internal Error: Could not assign record", null);
}
return new Function_Result(null, $row);
  }

  function getContact_country() {
    $query = "SELECT c_cname FROM nq_country ORDER BY c_cname";
    $results = mysql_query($query);
    echo "<option value=''><-- Select --></option>";
    while($row = mysql_fetch_object($results)) {
          echo "<option value='$row->c_cname'>$row->c_cname</option>\n";
    }
  }

  function getState($ud_cid) {

if ($ud_cid==130) { $qry = "limit 0, 54 " ;}
elseif ($ud_cid==127) { $qry= "limit 55, 66"; }
else {
echo "<option value=''><-- Not Applicable --></option>";
return; } 

    $query = "SELECT s_sid, s_sname FROM nq_state $qry" ;
echo "<option value=''><-- Please Choose --></option>";
    $results = mysql_query($query);
    while($row = mysql_fetch_object($results)) {
          echo "<option value='$row->s_sid'>$row->s_sname</option>\n";
    }
  }


  function selectedstates($ud_cid, $chk) {

if ($ud_cid==130) { $qry = "limit 0, 54 " ;}
elseif ($ud_cid==127) { $qry= "limit 55, 66"; }
else {
echo "<option value=''><-- Not Applicable --></option>";
return; } 

    $query = "SELECT s_sid, s_sname FROM nq_state $qry" ;
echo "<option value=''><-- Please Choose --></option>";
    $results = mysql_query($query);
    while($row = mysql_fetch_object($results)) {
      if($chk == $row->s_sid) {
          echo "<option value='$row->s_sid' selected>$row->s_sname</option>\n";
      } else {
          echo "<option value='$row->s_sid'>$row->s_sname</option>\n";
      }
    }
  }

function getindexpagecontent($indexpageid) {
    $funcResult = getDBConnection();
    if($funcResult->returnValue == null) {
      return $funcResult;
    }
    $link = $funcResult->returnValue;
$selectStmt = "Select * from nq_config where con_conid='$indexpageid'";
if(!($result = mysql_query($selectStmt, $link))) {
  return new Function_Result("Internal Error: Could not execute SQL Query $selectStmt", null);
}
      return new Function_Result(null,$result);
}

  function getTop_latest_news($limit=2) {
    $funcResult = getDBConnection();
    if(!$funcResult->returnValue) {
      sendErrorPage($funcResult->errorMessage);
    }
    $link = $funcResult->returnValue;
$selectStmt_Top_latest_news = "SELECT *, CONCAT(LEFT(nwa_content, 90), '...') AS nwa_content FROM nq_newsarticle WHERE (nwa_topstories in (1,2,3)) and nwa_status='1' ORDER BY nwa_topstories ASC limit 0,". $limit;
if(!($result_Top_latest_news = mysql_query($selectStmt_Top_latest_news, $link))) {
  return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt_Top_latest_news", null);
}
return new Function_Result(null, $result_Top_latest_news);
  }

  function Display_Admin_lst_evt() {
    $funcResult = getDBConnection();
    if(!$funcResult->returnValue) {
      sendErrorPage($funcResult->errorMessage);
    }
    $link = $funcResult->returnValue;

$selectStmt_lst_evt = "SELECT *, DATE_FORMAT(evt_from_date, '%b %d, %Y %h:%i %p') AS evt_fromdate, DATE_FORMAT(evt_to_date, '%b %d, %Y %h:%i %p') AS evt_todate FROM nq_events WHERE evt_uid=0 order by evt_evtid desc limit 0,2";

if(!($result_lst_evt = mysql_query($selectStmt_lst_evt, $link))) {
  return new Function_Result("Internal Error: Could not execute SQL Query $result_lst_evt", null);
}
return new Function_Result(null, $result_lst_evt);
  }

  function get_News_links($name,$limit) {
    $funcResult = getDBConnection();
    if(!$funcResult->returnValue) {
      sendErrorPage($funcResult->errorMessage);
    }
    $link = $funcResult->returnValue;
$selectStmt_Newslink = "SELECT *, CONCAT(LEFT(nwa_content, 50), '...') AS content, CONCAT(LEFT(nwa_title, 50), '...') AS title FROM nq_newsarticle left join nq_newscategory on nwc_nwcid=nwa_nwcid WHERE nwc_name='$name' order by nwa_createdate desc limit 0 , ". $limit;
if(!($result_Newslink = mysql_query($selectStmt_Newslink, $link))) {
  return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt_Newslink", null);
}
return new Function_Result(null, $result_Newslink);
  }

function getNightlife_title() {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  $selectStmt = "SELECT * FROM nq_nightlife WHERE nl_parent !=0 ORDER BY nl_lastupdated desc";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getNightlife_details($nl_nlid) {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  $selectStmt = "SELECT * FROM nq_nightlife where nl_parent !=0 AND nl_nlid = '$nl_nlid'";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getNightlife_homepage_details($nl_nlid) {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  $selectStmt = "SELECT * FROM nq_nightlife where nl_parent !=1 AND nl_nlid = '$nl_nlid'";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getNightlife_title_topten() {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  $selectStmt = "SELECT * FROM nq_nightlife where nl_parent !=0 ORDER BY nl_lastupdated desc limit 0,10";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getSection($id) {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  $selectStmt = "SELECT * FROM nq_section where sec_secid='$id'";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getTop_sectionStories($id) {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  $selectStmt = "SELECT * FROM nq_sectionstory WHERE ssty_secid='$id' and ssty_position !='0' ORDER BY ssty_sstyid desc limit 0,3";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getTopLink($id) {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  $selectStmt = "SELECT * FROM nq_sectionlinks WHERE slnk_secid='$id' ORDER BY slnk_lastupdated desc";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getAllStories($id) {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  $selectStmt = "SELECT * FROM nq_sectionstory WHERE ssty_secid='$id' ORDER BY ssty_lastupdated desc";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getStorydetails($id) {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  $selectStmt = "SELECT * FROM nq_sectionstory where ssty_sstyid='$id'";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getAllLink($id) {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  $selectStmt = "SELECT * FROM nq_sectionlinks left join nq_section on sec_secid=slnk_secid WHERE slnk_secid='$id' ORDER BY slnk_slnkid desc";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getLinkdetails($id) {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  $selectStmt = "SELECT * FROM nq_sectionlinks WHERE slnk_slnkid='$id'";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getTopBeaches($limit) {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  if ($limit == "") {
    $selectStmt = "SELECT * FROM nq_beaches where bch_position !='0' order by bch_position asc";
  } else {
    $selectStmt = "SELECT * FROM nq_beaches where bch_position !='0' order by bch_position asc limit 0, $limit";
  }

  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getBeachDetails($id) {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  $selectStmt = "SELECT * FROM nq_beaches where bch_bchid ='$id'";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getTopBeachsafety($limit) {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  if ($limit == "") {
    $selectStmt = "SELECT * FROM nq_beachsafety where bs_position !='0' order by bs_position asc";
  } else {
    $selectStmt = "SELECT * FROM nq_beachsafety where bs_position !='0' order by bs_position asc limit 0, $limit";
  }

  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getBeachSafetyDetails($id) {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  $selectStmt = "SELECT * FROM nq_beachsafety where bs_bsid ='$id'";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getTopSectionCategory($id) {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  $selectStmt = "SELECT * FROM nq_sectioncategory WHERE scat_secid='$id' and scat_position !='0' ORDER BY scat_position asc";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getAllSectionCategory($id) {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  $selectStmt = "SELECT * FROM nq_sectioncategory left join nq_section on scat_secid=sec_secid WHERE scat_secid='$id' and scat_position !=0 ORDER BY scat_position asc";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getAllSectionArticle($id,$cat) {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  $selectStmt = "SELECT * FROM nq_sectionlinks left join nq_section on sec_secid=slnk_secid WHERE slnk_secid='$id' and slnk_scatid='$cat' ORDER BY slnk_slnkid desc";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }
  return new Function_Result(null, $result);
}

function getUserTypeCheck($name) {
  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;
  $selectStmt = "SELECT * FROM nq_user where u_username='$name'";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }

  if(!($row = mysql_fetch_object($result))) {
    return new Function_Result("Could not assign records.", null);
  }
  return new Function_Result(null, $row);
}

function getBigAdd($secid) {

  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;

  $selectStmt = "SELECT count(*) as rcount FROM nq_assingbanner LEFT JOIN nq_banner ON ban_banid=ab_banid WHERE ban_bannertype=1 AND ab_secid='".$secid."'";
  if(!($result = mysql_query($selectStmt, $link))) {
    return new Function_Result("Internal Error: Could not execute SQL Query. <BR>$selectStmt", null);
  }

  $rowad = mysql_fetch_object($result);
  if ($rowad->rcount > 0) {
    $rd = rand(0,$rowad->rcount)-1;
if($rd < 0){
  $rd = 0;
}

$sqlad = "SELECT * FROM nq_assingbanner LEFT JOIN nq_banner ON ban_banid=ab_banid WHERE ban_bannertype=1 AND ab_secid='".$secid."' limit $rd,1";
$resultad = mysql_query($sqlad);

if(mysql_num_rows($resultad) > 0) {
  
  $rowad = mysql_fetch_object($resultad); 
  if($rowad->ban_target == "n"){
    $target = "_blank";
  } else {
    $target = "_self";
  }
$ret_value="<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\"><tr height=\"18\"><td height=\"62\" align=\"center\" valign=\"middle\"><a href =\"".$rowad->ban_page."\" target=\"".$target."\"><img src=\"";
		if($rowad->ban_image !='') { $ret_value.="/admin/images/ads/".$rowad->ban_image; } else { $ret_value.=$rowad->ban_url; }
$ret_value.="\" border=\"0\" alt=\"".$rowad->ban_alttext."\"></a></td>
	  </tr>
	</table>";
}
    return new Function_Result(null,$ret_value);
  } else {
return new Function_Result(null,"<br>");
  }
}

function getTwoSmallAdd($secid) {

  $funcResult = getDBConnection();
  if(!$funcResult->returnValue) {
    sendErrorPage($funcResult->errorMessage);
  }
  $link = $funcResult->returnValue;

  $sqlad = "SELECT * FROM nq_assingbanner LEFT JOIN nq_banner ON ban_banid=ab_banid WHERE ban_bannertype=2 AND ab_secid='".$secid."'  order by rand() limit 0,2";
  $resultad = mysql_query($sqlad);

  $ret_value="<table width=\"100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">";
  while($rowad = mysql_fetch_object($resultad)) { 
    if($rowad->ban_target == "n"){
  $target = "_blank";
} else {
  $target = "_self";
}
$ret_value.="<tr><td height=\"20\" valign=\"top\"><img src=\"/images/spcr.gif\" width=\"1\" height=\"1\"></td></tr><tr><td valign=\"top\"><a href=\"".$rowad->ban_page."\" target=\"".$target."\"><img src=\"";
if($rowad->ban_image !='') { $ret_value.="/admin/images/ads/".$rowad->ban_image; } else {   $ret_value.=$rowad->ban_url; }
  $ret_value.="\" border=\"0\" alt=\"".$rowad->ban_alttext."\"></a></td></tr>";
  }
  $ret_value.="</table>";
  return new Function_Result(null,$ret_value);
}

?>

And finally session

<?
  function setUserSession($u_uid, $u_username, $type) {
    global $uid;
global $username;
global $isAuthenticated;
global $userType;
    session_start();
session_register("uid");
session_register("username");
    session_register("isAuthenticated");
    session_register("userType");
    $uid = $u_uid;
$username = $u_username;
$isAuthenticated = true;
$userType = $type;
return true;
  }
/*****  SESSION HANDLING - ENDS HERE   *****/


  function authenticateUser($u_username, $u_password, $chkRemember) {
    $u_username = trim($u_username);
    $u_password = trim($u_password);
$chkRemember=($chkRemember);

    if(($u_username == "") || ($u_password == "")) {
      sendErrorPage("The username/password you have entered is invalid. Please try again.");
      exit;
    }
//$cryptPassword = crypt($u_password, CRYPT_STD_DES);

    // Get DB Connection
    $funcResult = getDBConnection();
    if($funcResult->returnValue == null) {
      return $funcResult;
    }
    $link = $funcResult->returnValue;
$selectUserStmt = "SELECT u_uid, u_username, u_type FROM nq_user WHERE u_username='$u_username' AND u_password='$u_password' and u_status!='U'";

if(!($result = mysql_query($selectUserStmt, $link))) {
  return new Function_Result("Internal Error: Could not execute SQL Query", null);
}
if(!($row = mysql_fetch_row($result))) {
      return new Function_Result("Invalid UserName/Password", null);
} else {

if ($chkRemember==1){
  setcookie("newquay",$row[1],time()+60*60*24*30); 
} else {
  setcookie("newquay","",time()+60*60*24*30);
}

      setUserSession($row[0], $row[1], $row[2]);	 	
  global $REMOTE_ADDR;
  $updStmt = "UPDATE nq_userlog SET ul_last_updated=now(), ul_last_logon_ip='$REMOTE_ADDR', ul_online_status=1 WHERE ul_ulid=$row[0]";
  if(!mysql_query($updStmt, $link)) {
    return new Function_Result("Cannot update log.<BR>$updStmt", null);
  }
  return new Function_Result($row[2], true);
}
  }

?>

The site isn't doing anything when I enter username and password, just bringing me back to the same page. Also I am unable to access the areas of the site that are only for registered members. Any help here would be greatly apprecaited, I have spent days on this now. Thanks in advance!

There are a few other bugs that need ironing out too. You can view the site at www.newquayuncovered.com

BlueSkyIS · February 3, 2011

based on the apparent age of that code, i suspect that it expects register_globals to be turned on (BAD) and your new server does not have register_globals turned on (GOOD).

so $u_username and $u_password are empty.

if so, you'll need to set any post'ed variables as they will not be set automatically.

example:

require 'include/common.inc.php';
require 'include/session.inc.php';

$u_username = (isset($_POST['$u_username']))?$_POST['$u_username']:'';
$u_password = (isset($_POST['$u_password']))?$_POST['$u_password']:'';

if(($u_username != "") || ($u_password != "")) {

BlueSkyIS · February 3, 2011

the session handling is also deprecated again relies on register_globals...

updated:

function setUserSession($u_uid, $u_username, $type) {
    session_start();
    
    $_SESSION["uid"] = $u_uid;
    $_SESSION["username"] = $u_username;
    $_SESSION["isAuthenticated"] = true;
    $_SESSION["userType"] = $type;

    return true;
}

Pikachu2000 · February 3, 2011

And while you're editing code anyhow, you may as well change the open tags to the full <?php tag syntax . . .

PFMaBiSmAd · February 3, 2011

I recommend that you set up a local development system with the same php.ini settings as your new host (short open tags OFF, register_globals OFF, ...) AND set error_reporting to E_ALL (or to a -1) and display_errors to ON in your master php.ini and get your code to work on the development system first.

You will save a ton of time because you won't need to keep uploading files to your server to see the result of each change and having the error_reporting/display_errors settings set as suggested will get php to help you by pointing out all the things in your code that are no longer defined because they were dependent on register_globals.

Edit: you should also use $_SERVER['DOCUMENT_ROOT'] to get the runtime path to your document root folder so that you don't need to keep editing a bunch of path statements in your code should you ever move to a different server again.

xxsunshinegodxx · February 4, 2011

Hi,

Thanks very much for your help.

I was aware that register globals was turned off. I had already turned it back on in my php.ini file to get the site to work in the first place but I keep encountering errors.

Is there any reason from looking at the scripts that if register globals was turned on that it wouldn't work??

I have attached my full login.php below just to be on the safe side.

<?

require 'include/common.inc.php';

require 'include/session.inc.php';

if(($u_username != "") || ($u_password != "")) {

$funcResult = authenticateUser($u_username, $u_password, $chkRemember);

if(!$funcResult->returnValue) {

header("Location: login.php?msg=" . $funcResult->errorMessage);

echo "ERROR: " . $funcResult->errorMessage;

} else {

if($artid!="") {

header("Location: news/readarticle.php?artid=$artid");

} else {

if($funcResult->errorMessage == "M") {

header("Location: members/index.php");

exit;

} elseif($funcResult->errorMessage == "B") {

header("Location: business/index.php");

exit;

}

$msg = "Invalid UserName/Password";

}

?>

<html>

<head>

<title>Welcome to Newquay Uncovered</title>

<!--

function validate(frm) {

for(i=0;i<frm.length;i++) {

if((frm.elements[i].type == "text" || frm.elements[i].type == "password") && frm.elements[i].value == "") {

alert("Please fill in the required details");

frm.elements[i].focus();

return false;

}

return true;

}

//-->

</script>

</head>

<tr>

<tr>

</tr>

<tr>

<td>

<tr>

<tr>

<tr>

<td width="125" valign="middle" class="redbold">Surfing</td>

</tr>

</table>

</td>

</tr>

<tr>

</tr>

<tr>

</tr>

</table>

</tr>

</table>

</td>

</tr>

<tr>

<td width="125" valign="middle" class="redbold">Extreme Sports</td>

</tr>

</table>

</td>

</tr>

<tr>

</tr>

<tr>

</tr>

</table>

</tr>

</table>

</td>

</tr>

<tr>

</tr>

</table>

</td>

</tr>

</tr>

<td width="136"><a href="http://newquayuncovered.com/news/index.php" class="blackboldlink">Click to more News...</a></td>

</tr>

</table>

</td>

</tr>

<tr>

<?

$funcResult_dispalyadd = getTwoSmallAdd("24");

if(!$funcResult_dispalyadd->returnValue) {

sendErrorPage($funcResult_dispalyadd->errorMessage);

}

$result_add=$funcResult_dispalyadd->returnValue;

echo $result_add;

?>

</td>

</tr>

<tr>

</tr>

</table>

</td>

<tr>

<?

$funcResult_dispalyadd = getBigAdd("24");

if(!$funcResult_dispalyadd->returnValue) {

sendErrorPage($funcResult_dispalyadd->errorMessage);

}

$result_add=$funcResult_dispalyadd->returnValue;

echo $result_add;

?>

</td>

</tr>

<tr>

</tr>

<tr>

</tr>

<tr>

<td class="whitebold">Login</td>

</tr>

</table>

</td>

</tr>

<tr>

<td><form name="form1" method="post" action="login.php?artid=<? echo $artid; ?>" onSubmit="return validate(this)">

<tr>

</tr>

<tr>

<td height="30" class="orengebold" colspan="3">Enter your login info...</td>

</tr>

<tr>

<td class="blackbold">Username : <input type="text" name="u_username" size="15" maxlength="20" class="textfield"></td>

<td class="blackbold">Password : <input type="password" name="u_password" size="15" maxlength="20" class="textfield"> <input name="action" type="submit" class="btn" value="login"></td>

</tr>

<tr>

<td class="tbsmall" colspan="3"><br> Not a member, <a href="register/index.php">Register Now</a> | * <a href="forgotpassword.php">Lost Password</a></td>

</tr>

</table></form>

</td>

</tr>

</table>

</td>

</tr>

</tr>

</table>

</td>

</tr>

<tr>

</tr>

<tr>

</tr>

<tr>

</tr>

<tr>

</tr>

<tr>

</tr>

<tr>

<?

$funcResult_dispalyadd = getBigAdd("24");

if(!$funcResult_dispalyadd->returnValue) {

sendErrorPage($funcResult_dispalyadd->errorMessage);

}

$result_add=$funcResult_dispalyadd->returnValue;

echo $result_add;

?>

</td>

</tr>

<tr>

</tr>

</table>

</td>

<tr>

<td width="125" valign="middle" class="redbold">Music Uncovered</td>

</tr>

</table>

</td>

</tr>

<tr>

<td height="46" valign="middle" class="blackbold">Music Uncovered Compilation CD - 2004</td>

</tr>

<tr>

</tr>

<tr>

</tr>

</table>

</td>

</tr>

</table>

</td>

</tr>

<tr>

<td width="125" valign="middle" class="redbold">Events</td>

</tr>

</table>

</td>

</tr>

</tr>

</table>

</td>

</tr>

<tr>

<td width="125" valign="middle" class="redbold">Skating</td>

</tr>

</table>

</td>

</tr>

<tr>

</tr>

<tr>

</tr>

</table>

</td>

</tr>

</table>

</td>

</tr>

<tr>

<td width="125" valign="middle" class="redbold">Browse

Members</td>

</tr>

</table>

</td>

</tr>

<td width="121" height="14"><a href="http://newquayuncovered.com/members/browse/mresults.php" class="blacklink">All Members</a></td>

</tr>

<td height="14"><a href="http://newquayuncovered.com/members/browse/mresults.php?online=1" class="blacklink">Members Online Now</a></td>

</tr>

<td height="14"><a href="http://newquayuncovered.com/members/browse/mresults.php?age=today" class="blacklink">Birthday Members</a></td>

</tr>

<td height="14"><a href="http://newquayuncovered.com/members/browse/mresults.php?gender=1" class="blacklink">Male Members</a></td>

</tr>

<td height="14"><a href="http://newquayuncovered.com/members/browse/mresults.php?gender=0" class="blacklink">Female Members</a></td>

</tr>

</tr>

</table>

</td>

</tr>

</table>

</td>

</tr>

<tr>

</tr>

</table>

</td>

</tr>

</table>

</td>

&n

BlueSkyIS · February 4, 2011

based on your first post, it sounds like you have problems with the expectation that register_globals is turned on, and session handling. by just looking at your code, there is no way I can tell if it should work or not with just register_globals turned on. it could be anything from failure to use proper opening php tags at the top of the file downward.

failure to upgrade the code to the standards set by your new server is inviting security breaches and eventual failure of the code completely as the deprecated functions are removed in future versions of PHP. the right thing to do is to upgrade the code completely following the advice in the posts above.

Sign In

php connecting to mysql but not authenticating me in php

Recommended Posts

xxsunshinegodxx

Link to comment

Share on other sites

BlueSkyIS

Link to comment

Share on other sites

BlueSkyIS

Link to comment

Share on other sites

Pikachu2000

Link to comment

Share on other sites

PFMaBiSmAd

Link to comment

Share on other sites

xxsunshinegodxx

Link to comment

Share on other sites

BlueSkyIS

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information