A challenge [Archive] - WebDeveloper.com

Click to See Complete Forum and Search --> : A challenge

ultramarine11

05-13-2006, 09:22 AM

Hi,

I am new to PHP and mysql and could do with some help. I am trying to set up a bookshare site. Its gunna be basic while i learn. I can get my users to register and store the data in the database. However I am having trouble getting them to log in!

My database consists of three tables, Students, Books, and Studentsbooks.

Students has basic info like StudentID (Primary Key) and Email, Username etc.
Books contain BookID and data such as Title, Author etc Studentsbooks consists of BookID and StudentID with PRIMARY KEY (StudentID, BookID).

Here is my code, but it just wont work can somebody PLEASE :) point out where i am going wrong?

// Enables the use of session
session_start();
// Verifies if user has signed
$signed = ($_SESSION['signin']=="YES");
if($signed) {
header( "Location: index.php" );
exit();
}
$error =""; // error variable will be used later on.
// For safety, we empty it now.
// If we are processing the form...
if($_POST["submit"]=="Login") {

$dbcnx = @mysql_connect('localhost', 'christopher-foster_com', 'exorcist1');
if (!$dbcnx) {
exit ('<p>Unable to connect to the ' .
'database server at this time.</p>');
}
// Select the Book Share database
mysql_select_db('christopher-foster_com_1');

if (!@mysql_select_db('christopher-foster_com_1')) {
exit('<p>Unable to locate the ' .
'Book Share database at this time.</p>');

$query = "SELECT Username, Password FROM Students WHERE Username='" . $_POST['$Username'] . "' AND " .
"Password='" . $_POST['$Password'] ."'";
$result = mysql_query($query) or die("ERROR: " . mysql_error());

if ($row = mysql_fetch_array($result)) {
// If login and password are correct...

$_SESSION['signin'] = "YES";
$_SESSION['username'] = $_POST['Username'];
$_SESSION['time'] = date("r");

header("Refresh: 4;URL=index.php");
print "<h1>Welcome, ". $_SESSION['username'] . "!</h1>";
print "You'll be redirected to the index page!";
exit();
}
else {
$error = "<font color='red'>Invalid Login and Password!</font><br />";
}
}
</PHP>

<PHP>include ('header.html');</PHP>

<h1>Login</h1>
<form action="<?php echo $PHP_SELF; ?>" method="post">
<fieldset>
<p><b>Username:</b> <input type="text" name="Username" size="15" maxlength="15" /></p>
<p><b>Password:</b> <input type="password" name="Password" size="15" maxlength="15"/></p>
</fieldset>
<br/>
<div align="left"><input type="submit" name="submit" value="Login" /></div>
<input type="hidden" name="submitted" value="TRUE" />
</form>

<PHP> include ('footer.html');

NogDog

05-13-2006, 10:46 AM

First: please use the [ php ]...[/ php ] tags (without the spaces) around your code so that it's more readable. (Use the "Edit" button at the bottom right of your message to edit it.)

Second: please define "but it just won't work". What does it not do that it should do, or does that it shouldn't do.

ultramarine11

05-13-2006, 10:55 AM

Hi,

Thanks for your reply.

http://www.christopher-foster.com/register.php and /login.php If you first register that goes ok. However when you try to login it produces:

Parse error: parse error, unexpected $ in /data/members/paid/c/h/christopher-foster.com/htdocs/www/login.php on line 104

What I am trying to do is to check that the username and password are correct and then use the session data to forward them to an index page which will display their information. I can't seem to do this though!

Huevoos

05-13-2006, 11:29 AM

I don't know which one is line 104 but I'm guessing that you forgot a semicolon on line 103

ultramarine11

05-13-2006, 11:32 AM

Hi, Sorry I did not understand what you meant!

line 104 is the very last ?> tag if that is any help?

Huevoos

05-13-2006, 01:36 PM

I've had this problem before, it means that you forgot a closing curly braquet somewhere on the login.php
I recommend to indent always

NogDog

05-13-2006, 01:44 PM

The first problem I see is that you did not terminate this if block:

if (!@mysql_select_db('christopher-foster_com_1')) {
exit('<p>Unable to locate the ' .
'Book Share database at this time.</p>');
} // <<--- need to add this closing brace

ultramarine11

05-13-2006, 03:21 PM

Hi That is better. Thanks for your help. The login page displays but now it prints out the error message when i know that the username and password is correct. Is there something wrong with the Mysql or connection?

solomon

05-13-2006, 07:15 PM

I haven't tested it but I think your problem lies here:

$query = "SELECT Username, Password FROM Students WHERE Username='" . $_POST['$Username'] . "' AND " . "Password='" . $_POST['$Password'] ."'";
$result = mysql_query($query) or die("ERROR: " . mysql_error());

You have used '$' within the square brackets of your $_POST variable. The '$' only goes at the beginning - if you were relying on superglobals on then you could say $Username and $Password but in your syntax you should be saying $_POST['Username'} and $_POST['Password'];

Try this:

$query = "SELECT `Username`, `Password` FROM `Students` WHERE `Username`='" . $_POST['Username'] . "' AND `Password`='" . $_POST['Password'] ."'";

// try incorporating these two lines for debugging purposes:
print_r($_POST); // to show you the variables being POSTed to this script
echo $query; // to show you the query you've tried building. This line should help you in this situation

$result = mysql_query($query) or die("ERROR: " . mysql_error());

BTW, just for cleanliness, you should be able to drop the first of these mysql_select_db statements:

mysql_select_db('christopher-foster_com_1');

if (!@mysql_select_db('christopher-foster_com_1')) {
exit('<p>Unable to locate the ' .
'Book Share database at this time.</p>');
}

because you are selecting the database twice - the one in the if statement and doing some error trapping too

hth :)

ultramarine11

05-13-2006, 07:20 PM

Hi,

Thanks for taking the time to look. I think I am pretty close to solving it now and the problem is I believe, with the database connection and the mysql. I am now having problems with recording and displaying my sessions after the user has logged in!

ultramarine11

05-13-2006, 07:30 PM

session.php
<?php
session_start();
$_SESSION['Username']=$_POST['Username'] ;
?>

newsession.php

<?php

$_SESSION['id']=session_id();
$_SESSION['Username']=$_POST['Username'] ;
//echo $_session['Username'];
?>

welcome.php

<?
session_start();

$_SESSION['Username']= $_POST['Username'] ;
?>
<!doctype html public "-//w3c//dtd html 3.2//en">

<html>

<head>
<title>Welcome to the Book Share homepage</title>

</head>

<body bgcolor="#ffffff" text="#000000" link="#0000ff" vlink="#800080" alink="#ff0000">
<?

print "<h1>Welcome, ". $_SESSION['Username'] . "!</h1>";

?>
</body>

</html>

loginck.php ( to check the login)

Is there anything wrong here? Basically I can log on. I can check the log in in loginck.php which redirects to welcome.php where I then want to display the username. So far however it goes through and only displays the the welcome and the ! mark.

I AM SORRY but i dont know how to do the close all tags.... :confused:

Sheldon

05-13-2006, 11:31 PM

What do you not understand about adding the V B Tags?

The Little Guy

05-14-2006, 01:24 AM

This is how your code should look When you type it up.

[PHP]<?php echo"This Is PHP"; ?>[/PHP]

BTW: I used entity: [

Huevoos

05-15-2006, 10:15 AM

And I think it doesn't work because you have
session_start();

$_SESSION['Username']= $_POST['Username'] ;
in the welcome page and I guessing there is no post username there

Webnerd

05-15-2006, 02:38 PM

Yeah, you need to do this:

if(isset($_POST["Username"])){

$_SESSION['Username']= $_POST['Username'] ;

}

Every time you write :

$_SESSION['Username']= $_POST['Username'] ;

you are redefining the username to blank