Jump to content

Register / Login Help

cdoggg94

By cdoggg94
in PHP Coding Help

 Share

Recommended Posts

cdoggg94 Member

cdoggg94

Posted
Posted

My issue is that I cannot get my user information to (1) upload to the database, and (2) if I manually put information in the data base I cannot retrive it when trying to log in..

 

I assume its a connection issue, but I cannot seem to find it.

 

Thanks in advance for the help!

 

 

 

This is my "init.inc.php" script...

 

<?php

session_start();

$exceptions = array('register','login');

$page =  substr(end(explode('/',$_SERVER['SCRIPT_NAME'])),0,-4);

if(in_array($page, $exceptions) === false){
if(isset($SESSION['username']) === false){
	header('Location: login.php');
	die();
}
}

mysql_connect('localhost','root','');
mysql_select_db('newlogin');

$path = dirname(__FILE__);

include("{$path}/inc/user.inc.php");


?>

 

This is my "user.inc.php" script...

 

<?php

// check is the given username exisits in the table
function user_exists($user){
$user = mysql_real_escape_string($user);
$total = mysql_query("SELECT COUNT('user_id') FROM 'user_tbl' WHERE 'user_name' = '{$user}'");
return (mysql_result($total, 0) == '1') ? true : false;
}

// checks is the username and password are valid
function valid_credentials($user, $pass){
$user = mysql_real_escape_string($user);
$pass = sha1($pass);

$total = mysql_query("SELECT COUNT('user_id') FROM 'user_tbl' WHERE 'user_name' = '{$user}' AND 'user_password' = '{$pass}'");
return (mysql_result($total, 0) == '1') ? true : false;
}

//adds user to the database
function add_user($user, $pass){
$user = mysql_real_escape_string(htmlentities($user));
$pass = sha1($pass);

mysql_query("INSERT INTO 'user_tbl' ('user_name', 'user_password') VALUES ('{$user}', '{$pass}')");
}

?>

 

 

Finally this is my "register.php" Page...

 

<?php 
error_reporting(0);
include('core/init.inc.php');

$errors = array();

if(isset($_POST['username'], $_POST['password'], $_POST['repeat_password'])){
if(empty($_POST['username'])){
	$errors[] = "The username field cannot be empty!";
}

if(empty($_POST['password']) || empty($_POST['repeat_password'])){
	$errors[] = "The password fields cannot be empty!";
}

if($_POST['password'] !== $_POST['repeat_password']){
	$errors[] = "Password verification failed !";
}

if(user_exists($_POST['username'])){
$errors[] = "That username has already been taken!";
}

if(empty($errors)){
	add_user($_POST['username'], $_POST['password']);

	$_SESSION['username'] = htmlentities($_POST['username']);

	header('Location: protected.php');
	die();

}

}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<div>
    	<?php

	if( empty($errors) === false){
	?>
        <ul>
        	<?php

		foreach($errors as $error){
			echo "<li>{$error}</li>";
		}

		?>        
        </ul>
        <?php
	}

	?>
    </div>
<form action="" method="post">
    	<p>
        	<label for="username"> Username:</label>
            <input type="text" name="username" id="username" value="<?php if(isset($_POST['username'])) echo htmlentities($_POST['username']); ?>" />
        </p>
        <p>
        	<label for="password"> Password:</label>
            <input type="password" name="password" id="password" />
        </p>
        <p>
        	<label for="repeat_password"> Repeat Password:</label>
            <input type="password" name="repeat_password" id="repeat_password" />
        </p>
        <p>
        	<input type="submit" value="Register" />
        </p>
        
    
    </form>
</body>
</html>

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

You need to have php's error_reporting set to E_ALL, not 0, to get php to help you when developing and debugging php code. You also need to have display_errors set to ON (to output the errors to the browser) or log_errors set to ON (to send the errors to the error log file.)

 

Also, which if any of your user error messages are you getting and what have you done to determine where your code and data are doing what you expect and where they are not?

Link to comment
Share on other sites
cdoggg94 Member

cdoggg94

Posted
  • Author
Posted

I am now getting these errors when I try to register.

 

Warning: mysql_result(): supplied argument is not a valid MySQL result resource in /services10/webpages/b/u/businesslore.com/public/LoginTest/core/inc/user.inc.php on line 7

 

Warning: Cannot modify header information - headers already sent by (output started at /services10/webpages/b/u/businesslore.com/public/LoginTest/core/inc/user.inc.php:7) in /services10/webpages/b/u/businesslore.com/public/LoginTest/register.php on line 31

 

 

 

 

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

The first error is because your query failed due to an error of some kind. The second error is because of the first error message being output to the browser.

 

You do need to always have error checking logic for each query statement, not just for development, but for final live code (so that you know if/when a legitimate visitor manages to trigger an error or a hacker attempted/succeeded in breaking into your script.) The following post shows suggested logic to test SELECT/SHOW queries - http://www.phpfreaks.com/forums/index.php?topic=348757.msg1645481#msg1645481 For INSERT/UPDATE queries you would do much the same, but use mysql_affected_rows instead of mysql_num_rows.

 

In the error handling portion of that suggested logic, you can use mysql_error (either echo mysql_error() or use trigger_error) to get php/mysql to tell you why the query failed.

 

However, in looking at your query statements, at a minimum, they are failing because your table and column names are enclosed by single-quotes, which makes them string data instead of table or column names.

Link to comment
Share on other sites
blacknight Member

blacknight

Posted
Posted

i dono if you have solved this issue or not so try this

 

function valid_credentials($user, $pass)
{	
$user = mysql_real_escape_string($user);	
$pass = sha1($pass);		
$total = mysql_query("SELECT `user_name`, `user_password` FROM `user_tbl` WHERE `user_name` = '".$user."' AND `user_password` = '"$pass"'");	
return (mysql_result($total, 0) == '1') ? true : false;
}

//adds user to the database
function add_user($user, $pass)
{	
$user = mysql_real_escape_string(htmlentities($user));	
$pass = sha1($pass);		
$q = mysql_query("INSERT INTO `user_tbl` SET ('user_name', 'user_password') VALUES ('".$user."', '".$pass."')");
$result = mysql_result($q);
return $result;
}

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.