supermoose37 Posted April 24, 2011 Share Posted April 24, 2011 Right, so I've made a very simple web app that allows.... 1.) People to register (adding them to the MySQL database) 2.) Login (providing they're in the database) I've gotten it all working, but I'm stuck at the last hurdle. If someone logs in using the correct username and password, it takes them to login_success.php. Here I query the database and use "SELECT * FROM Users WHERE Username = '$name'" I would have thought, that it would have returned that user's entry in the database. But instead I just get a blank page. Am I right in thinking that's because the contents of the $name variable aren't passed from log.php to login_success.php If so, how do I fix it? ---------------------------------------------------------------------------------------------------- LOGIN.PHP <?php include_once "Common/header.php"; session_name("MyLogin"); $page = (isset($_GET['login']) ? strtolower($_GET['login']) : NULL); if($page == "failed"){ print $_GET['cause']; } ?> <div id="main"> <br />   <br />  <br /> <h2>Sign In</h2>   <form name="form1" method="post" action="log.php?action=login"> <b>Username:</b>  <input type="text" name="uname"/><br />  <br /> <b>Password:</b>                 <input type="password" name="pword" /><br />  <br /> <input type="submit" value="submit" /> </form> <?php include_once "Common/footer.php"; ?> LOG.PHP <?php session_name("MyLogin"); session_start(); if($_GET['action'] == "login") { $conn = mysql_connect("localhost", "root", ""); $db = mysql_select_db("test"); $name = ($_POST['uname']); $word = ($_POST['pword']); $sql = "SELECT * FROM Users WHERE Username='$name' and Password='$word'"; $q_user = mysql_query($sql) or die(mysql_error() . ' <br /> in ' . $sql); if(mysql_num_rows($q_user) == 1){ $_SESSION['uname'] = $_POST['uname']; header("Location: login_success.php"); exit; } else{ header("Location: login.php?login=failed&cause=".urlencode('Invalid Username or Password')); exit; } } else{ header("Location: login.php?login=failed&cause=".urlencode('Invalid User')); exit; } if(session_is_registered("name") == false) { header("Location: login.php"); } ?> LOGIN_SUCCESS.PHP <?php include_once "Common/header.php"; $connect=mysql_connect("localhost", "root", "")or die ("Could not connect to database"); $data = mysql_query("SELECT * FROM Users WHERE Username ='$name'") or die(mysql_error()); Print "<table border cellpadding=3>"; while($info = mysql_fetch_array( $data )) { Print "<tr>"; Print "<th>First Name:</th> <td>".$info['First_Name'] . "</td> "; Print "<th>Last:</th> <td>".$info['Last_Name'] . " </td></tr>"; } Print "</table>"; ?> Login Successful <?php include_once "Common/footer.php"; ?> Quote Link to comment Share on other sites More sharing options...
bamfon Posted April 24, 2011 Share Posted April 24, 2011 If they login Successful you could make there user name a session, and do it like that Quote Link to comment Share on other sites More sharing options...
supermoose37 Posted April 24, 2011 Author Share Posted April 24, 2011 Well I already have $_SESSION['uname'] = $_POST['uname']; in LOG.PHP So am I right in thinking I can put $data = mysql_query("SELECT * FROM Users WHERE Username ='."$_SESSION['uname']."'") or die(mysql_error()); into LOGIN_SUCCESS.PHP Quote Link to comment Share on other sites More sharing options...
bamfon Posted April 24, 2011 Share Posted April 24, 2011 yep $data = mysql_query("SELECT * FROM Users WHERE Username ='".$_SESSION['uname']."'") or die(mysql_error()); Or I would do it like looks better, $user1=$_SESSION['uname']; $data = mysql_query("SELECT * FROM Users WHERE Username ='$user1' ") or die(mysql_error()); Quote Link to comment Share on other sites More sharing options...
supermoose37 Posted April 24, 2011 Author Share Posted April 24, 2011 Well I went with the second option and added echo data; on the next line. But it's just returning Resource id #4, and the table remains empty. UPDATED LOGIN_SUCCESS.PHP <?php include_once "Common/header.php"; $connect=mysql_connect("localhost", "root", "")or die ("Could not connect to database"); mysql_select_db("test",$connect) or die (mysql_errno().":<b> ".mysql_error()."</b>"); $user1=$_SESSION['uname']; $data = mysql_query("SELECT * FROM Users WHERE Username ='$user1' ") or die(mysql_error()); echo $data; Print "<table border cellpadding=3>"; Print "<tr>"; Print "<th>First Name:</th> <td>".$data['First_Name'] . "</td> "; Print "<th>Last:</th> <td>".$info['Last_Name'] . " </td></tr>"; Print "</table>"; ?> Login Successful <?php include_once "Common/footer.php"; ?> Thanks for your help so far BTW. Quote Link to comment Share on other sites More sharing options...
bamfon Posted April 24, 2011 Share Posted April 24, 2011 untested but should work <?php include_once "Common/header.php"; $connect=mysql_connect("localhost", "root", "")or die ("Could not connect to database"); mysql_select_db("test",$connect) or die (mysql_errno().":<b> ".mysql_error()."</b>"); $user1=$_SESSION['uname']; $data = mysql_query("SELECT * FROM Users WHERE Username ='$user1' "); while ($row = mysql_fetch_assoc($data)) { $firstname=$row['First_Name']; $lastname=$row['Last_Name']; } mysql_query($data) or exit(mysql_error()); echo $data; Print "<table border cellpadding=3>"; Print "<tr>"; Print "<th>First Name:</th> <td>".$firstname . "</td> "; Print "<th>Last:</th> <td>".$lastname. " </td></tr>"; Print "</table>"; ?> Login Successful <?php include_once "Common/footer.php"; ?> Quote Link to comment Share on other sites More sharing options...
supermoose37 Posted April 24, 2011 Author Share Posted April 24, 2011 throws up an error Warning: mysql_query() expects parameter 1 to be string, resource given in /Applications/XAMPP/xamppfiles/htdocs/web_app_v4/login_success.php on line 13 Is the variable 'uname' definitely being passed from LOG.PHP to LOGIN_SUCCESS.PHP Quote Link to comment Share on other sites More sharing options...
bamfon Posted April 24, 2011 Share Posted April 24, 2011 My bad this one *facepalm* <?php include_once "Common/header.php"; $connect=mysql_connect("localhost", "root", "")or die ("Could not connect to database"); mysql_select_db("test",$connect) or die (mysql_errno().":<b> ".mysql_error()."</b>"); $user1=$_SESSION['uname']; $sql1 = "SELECT * FROM Users WHERE Username ='$user1' "; $data = mysql_query($sql1); while ($row = mysql_fetch_assoc($data)) { $firstname=$row['First_Name']; $lastname=$row['Last_Name']; mysql_query($data) or exit(mysql_error()); } echo $data; Print "<table border cellpadding=3>"; Print "<tr>"; Print "<th>First Name:</th> <td>".$firstname . "</td> "; Print "<th>Last:</th> <td>".$lastname. " </td></tr>"; Print "</table>"; ?> Quote Link to comment Share on other sites More sharing options...
Pikachu2000 Posted April 24, 2011 Share Posted April 24, 2011 Your second query attempts to use the result resource returned by the first query as its query string. $data = mysql_query($sql1); [sNIP] mysql_query($data) Quote Link to comment Share on other sites More sharing options...
supermoose37 Posted April 24, 2011 Author Share Posted April 24, 2011 hmmmm, back to square one again Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.