[Other] Trying to make a login form.

Audacious · 08-22-2012, 12:57 PM

PHP Code:


			
<?php

if (isset($_POST['username'])&&isset($_POST['password'])) 
{
    $username = $_POST['username'];
    $password = $_POST['password'];
    $password_hash = md5($password);
    
    if (!empty($username)&&!empty($password)) 
    {
        $query = "SELECT id FROM users WHERE username='$username' AND password='$password_hash'";
            if ($query_run = mysql_query($query)) 
            {
                $query_num_rows = mysql_num_rows($query_run);
                if ($query_num_rows==0)
                {
                echo 'Invalid username/password combination.';
                } else if ($query_num_rows==1){
                    echo 'ok';
                        }
            }
    } else {    
        echo 'You must supply a username and a password.';    
            }            
}

?>

<form action="<?php echo $current_file; ?>" method="POST">    

Username: <input type="text" name="username"> Password: <input type="password" name="password">

<input type="submit" value="Log in">
</form>

But it doesn't seem to respond.

I believe the error is somewhere here:

PHP Code:


			
$query = "SELECT id FROM users WHERE username='$username' AND password='$password_hash'";

Just not sure what the error is. :/

Can anyone help me?

---------------

Best regards,

Audacious.

Erios · 08-22-2012, 09:00 PM

Gonna look it later although just by looking at it from afar.

if (!empty($username)&&!empty($password)) is wrong. Unless you accept empty usernames or empty passwords.

Audacious · 08-22-2012, 09:33 PM

Quote:

Originally Posted by Erios

Gonna look it later although just by looking at it from afar.

if (!empty($username)&&!empty($password)) is wrong. Unless you accept empty usernames or empty passwords.

I don't accept it, but I do tell people, that they need to fill in text.

PHP Code:


			
   echo 'You must supply a username and a password.';

MauranKilom · 08-22-2012, 09:43 PM

Well do you get any output? If yes, which, if no, what path does it take through the ifs/elses?
That way you should be able to find out which line exactly causes the error (add more echos if necessary), and from there on you probably don't even have to ask us for the error... Or is there anything that prevents you from debugging it that way?

Oh by the way, creating a string should not end up making the script unresponsive (if that's the error you're dealing with) as you suspected. Only the query itself has the potential for that. But again, this is just one interpretation of "it doesn't respond".

Audacious · 08-22-2012, 10:20 PM

Quote:

Originally Posted by MauranKilom

Well do you get any output? If yes, which, if no, what path does it take through the ifs/elses?
That way you should be able to find out which line exactly causes the error (add more echos if necessary), and from there on you probably don't even have to ask us for the error... Or is there anything that prevents you from debugging it that way?

Oh by the way, creating a string should not end up making the script unresponsive (if that's the error you're dealing with) as you suspected. Only the query itself has the potential for that. But again, this is just one interpretation of "it doesn't respond".

It doesn't give me any responds, but - if I don't put anything in the input forms, it gives me my expected responds and error of:

PHP Code:


			
echo 'You must supply a username and a password.';

I am very new to all of this. Could you try to give me an example for how I could debug?

Madchen · 08-23-2012, 12:09 AM

You can write, for example after you do query agains db,

Quote:

echo 'I'm here';

so you can trace whats happening, whcih line of code is doing fine and so on.

I would say something is wrong with query.

Try this:

Quote:

$query = "SELECT id FROM users WHERE username='".$username."' AND password='".$password_hash.'";

Audacious · 08-23-2012, 01:10 AM

Quote:

Originally Posted by Madchen

You can write, for example after you do query agains db,

so you can trace whats happening, whcih line of code is doing fine and so on.

I would say something is wrong with query.

Try this:

Can I do that after every line?

Like I said. I am really new.

Thank you so much, ill try it tomorrow.

What does the '.' do infront of '.$' ?

Best regards,

Audacious

Erios · 08-23-2012, 07:56 AM

Ok, try this.

PHP Code:


			
<?php



if (isset($_POST['username'])&&isset($_POST['password'])) 

{

    $username = $_POST['username'];

    $password = $_POST['password'];

    $password_hash = md5($password);

    

    if (!empty($username)&&!empty($password)) 

    {

        $query = "SELECT id FROM users WHERE username='$username' AND password='$password_hash'";

            if ($query_run = mysql_query($query)) 

            {

                $query_num_rows = mysql_num_rows($query_run);

                if ($query_num_rows==0)

                {

                echo 'Invalid username/password combination.';

                } else if ($query_num_rows==1){

                    echo 'ok';

                        }

                if ($query_num_rows>=2){

                    echo 'I am here';

                }

            }

    } else {    

        echo 'You must supply a username and a password.';    

            }            

}



?>



<form action="<?php echo $current_file; ?>"

Audacious · 08-23-2012, 10:40 AM

Quote:

Originally Posted by Erios

Ok, try this.

PHP Code:


			
<?php



if (isset($_POST['username'])&&isset($_POST['password'])) 

{

    $username = $_POST['username'];

    $password = $_POST['password'];

    $password_hash = md5($password);

    

    if (!empty($username)&&!empty($password)) 

    {

        $query = "SELECT id FROM users WHERE username='$username' AND password='$password_hash'";

            if ($query_run = mysql_query($query)) 

            {

                $query_num_rows = mysql_num_rows($query_run);

                if ($query_num_rows==0)

                {

                echo 'Invalid username/password combination.';

                } else if ($query_num_rows==1){

                    echo 'ok';

                        }

                if ($query_num_rows>=2){

                    echo 'I am here';

                }

            }

    } else {    

        echo 'You must supply a username and a password.';    

            }            

}



?>



<form action="<?php echo $current_file; ?>"

Still, no respond. When I insert username and password, correct or incorrect. Nothing happens.

Erios · 08-23-2012, 11:53 AM

PHP Code:


			
<?php



if (isset($_POST['username'])&&isset($_POST['password'])) 

{

    $username = $_POST['username'];

           echo 'You got the username.';

    $password = $_POST['password'];

           echo 'You got the password.';

    $password_hash = md5($password);

           echo 'You got the password_hash.';

    

    if (!empty($username)&&!empty($password)) 

    {

           echo 'You entered the if';

        $query = "SELECT id FROM users WHERE username='$username' AND password='$password_hash'";

           echo 'You got the query.';

            if ($query_run = mysql_query($query)) 

            {

           echo 'You entered the if';

                $query_num_rows = mysql_num_rows($query_run);

           echo 'You got the query+num_rows.';

                if ($query_num_rows==0)

                {

                echo 'Invalid username/password combination.';

                } else if ($query_num_rows==1){

                    echo 'ok';

                        }

            }

    } else {    

        echo 'You must supply a username and a password.';    

            }            

}



?>



<form action="<?php echo $current_file; ?>" method="POST">    



Username: <input type="text" name="username"> Password: <input type="password" name="password">



<input type="submit" value="Log in">

</form>

Try that.

Madchen · 08-23-2012, 02:46 PM

Can you add the html form too.

Audacious · 08-24-2012, 11:10 AM

Quote:

Originally Posted by Erios

PHP Code:


			
<?php

if (isset($_POST['username'])&&isset($_POST['password'])) 
{
    $username = $_POST['username'];
           echo 'You got the username.';
    $password = $_POST['password'];
           echo 'You got the password.';
    $password_hash = md5($password);
           echo 'You got the password_hash.';
    
    if (!empty($username)&&!empty($password)) 
    {
           echo 'You entered the if';
        $query = "SELECT id FROM users WHERE username='$username' AND password='$password_hash'";
           echo 'You got the query.';
            if ($query_run = mysql_query($query)) 
            {
           echo 'You entered the if';
                $query_num_rows = mysql_num_rows($query_run);
           echo 'You got the query+num_rows.';
                if ($query_num_rows==0)
                {
                echo 'Invalid username/password combination.';
                } else if ($query_num_rows==1){
                    echo 'ok';
                        }
            }
    } else {    
        echo 'You must supply a username and a password.';    
            }            
}

?>

<form action="<?php echo $current_file; ?>" method="POST">    

Username: <input type="text" name="username"> Password: <input type="password" name="password">

<input type="submit" value="Log in">
</form>

Try that.

I get: You got the username.You got the password.You got the password_hash.You entered the ifYou got the query.

And that is when I try to put in a name and a pass - no matter if it is the right or a wrong.

If I put nothing in both input boxes I get:

You got the username.You got the password.You got the password_hash.You entered the ifYou must supply a username and a password.

Best regards,

Audacious

Audacious · 08-24-2012, 11:15 AM

Quote:

Originally Posted by Madchen

Can you add the html form too.

The "." didn't change a thing.

But does it make you able to use HTML or are you talking about the hash tags here in the post?

HTML Code:

orm action="<?php echo $current_file; ?>" method="POST">	

Username: <input type="text" name="username"> Password: <input type="password" name="password">

<input type="submit" value="Log in">
</form>

?

Best regards,

Audacious

Erios · 08-24-2012, 12:33 PM

if ($query_run = mysql_query($query))

Not that good on php, but that should not be an statement.

if ($query_run == mysql_query($query))

This should be, try that.

MauranKilom · 08-24-2012, 04:06 PM

The problem obviously (as already hinted some times above) comes from your query call. The error is not in your script but in the database system you are using. Are you querying your own database or is it a remote one?

Audacious · 08-24-2012, 05:27 PM

Quote:

Originally Posted by MauranKilom

The problem obviously (as already hinted some times above) comes from your query call. The error is not in your script but in the database system you are using. Are you querying your own database or is it a remote one?

My own.

Audacious · 08-24-2012, 05:29 PM

Quote:

Originally Posted by Erios

if ($query_run = mysql_query($query))

Not that good on php, but that should not be an statement.

if ($query_run == mysql_query($query))

This should be, try that.

Woot now shit happened.

1 sec.

Audacious · 08-24-2012, 07:06 PM

Hmm.... Now it says:

"Notice: Undefined variable: query_run in C:\xampp\htdocs\loginform.inc.php on line 12

Notice: Undefined variable: query_run in C:\xampp\htdocs\loginform.inc.php on line 14

Warning: mysql_num_rows() expects parameter 1 to be resource, null given in C:\xampp\htdocs\loginform.inc.php on line 14
Invalid username/password combination."

Line 14 is: "$query_num_rows = mysql_num_rows($query_run);"

----------------------------------------

I only have 1 user, at as far as I can understand from the warning, it seems like my user is on row 0 ? Or am I wrong?

I thought my first user would be on row 1 ? Right?

MauranKilom · 08-24-2012, 10:04 PM

Erios got it wrong, you had it right (you need to assign the result of the query to the query_run variable, not check them against each other).

Your code should look something like this:

PHP Code:


			
echo 'You entered the if';
$query = "SELECT id FROM users WHERE username='$username' AND password='$password_hash'";
echo 'You set the query.';
$query_run = mysql_query($query);
echo 'You got a query response.';
if ($query_run) 
{
    ...
}

I believe that should work. But it's possible that you have to check query_run in another way (like $result = mysql_store_result($query_run) or whatever).

Audacious · 08-24-2012, 10:31 PM

Quote:

Originally Posted by MauranKilom

Erios got it wrong, you had it right (you need to assign the result of the query to the query_run variable, not check them against each other).

Your code should look something like this:

PHP Code:


			
echo 'You entered the if';

$query = "SELECT id FROM users WHERE username='$username' AND password='$password_hash'";

echo 'You set the query.';

$query_run = mysql_query($query);

echo 'You got a query response.';

if ($query_run) 

{

    ...

}

I believe that should work. But it's possible that you have to check query_run in another way (like $result = mysql_store_result($query_run) or whatever).

I've put in the echos and the only one I get out is: "You've entered the if"

So I should echo "$result = mysql_store_result($query_run)" ?

08-22-2012, 12:57 PM	#1
Audacious Member Join Date: Jun 2009 Location: In the world Platon doesn't believe in. Posts: 5,603 Blog Entries: 10	Trying to make a login form. PHP Code: <?php if (isset($_POST['username'])&&isset($_POST['password'])) { $username = $_POST['username']; $password = $_POST['password']; $password_hash = md5($password); if (!empty($username)&&!empty($password)) { $query = "SELECT id FROM users WHERE username='$username' AND password='$password_hash'"; if ($query_run = mysql_query($query)) { $query_num_rows = mysql_num_rows($query_run); if ($query_num_rows==0) { echo 'Invalid username/password combination.'; } else if ($query_num_rows==1){ echo 'ok'; } } } else { echo 'You must supply a username and a password.'; } } ?> <form action="<?php echo $current_file; ?>" method="POST"> Username: <input type="text" name="username"> Password: <input type="password" name="password"> <input type="submit" value="Log in"> </form> But it doesn't seem to respond. I believe the error is somewhere here: PHP Code: `$query = "SELECT id FROM users WHERE username='$username' AND password='$password_hash'";` Just not sure what the error is. :/ Can anyone help me? --------------- Best regards, Audacious.

08-22-2012, 09:00 PM	#2
Erios Member Join Date: Jul 2011 Location: Me too! Posts: 2,422 Blog Entries: 1	Re: Trying to make a login form. Gonna look it later although just by looking at it from afar. if (!empty($username)&&!empty($password)) is wrong. Unless you accept empty usernames or empty passwords.

08-23-2012, 07:56 AM	#8
Erios Member Join Date: Jul 2011 Location: Me too! Posts: 2,422 Blog Entries: 1	Re: Trying to make a login form. Ok, try this. PHP Code: <?php if (isset($_POST['username'])&&isset($_POST['password'])) { $username = $_POST['username']; $password = $_POST['password']; $password_hash = md5($password); if (!empty($username)&&!empty($password)) { $query = "SELECT id FROM users WHERE username='$username' AND password='$password_hash'"; if ($query_run = mysql_query($query)) { $query_num_rows = mysql_num_rows($query_run); if ($query_num_rows==0) { echo 'Invalid username/password combination.'; } else if ($query_num_rows==1){ echo 'ok'; } if ($query_num_rows>=2){ echo 'I am here'; } } } else { echo 'You must supply a username and a password.'; } } ?> <form action="<?php echo $current_file; ?>"

08-23-2012, 11:53 AM	#10
Erios Member Join Date: Jul 2011 Location: Me too! Posts: 2,422 Blog Entries: 1	Re: Trying to make a login form. PHP Code: <?php if (isset($_POST['username'])&&isset($_POST['password'])) { $username = $_POST['username']; echo 'You got the username.'; $password = $_POST['password']; echo 'You got the password.'; $password_hash = md5($password); echo 'You got the password_hash.'; if (!empty($username)&&!empty($password)) { echo 'You entered the if'; $query = "SELECT id FROM users WHERE username='$username' AND password='$password_hash'"; echo 'You got the query.'; if ($query_run = mysql_query($query)) { echo 'You entered the if'; $query_num_rows = mysql_num_rows($query_run); echo 'You got the query+num_rows.'; if ($query_num_rows==0) { echo 'Invalid username/password combination.'; } else if ($query_num_rows==1){ echo 'ok'; } } } else { echo 'You must supply a username and a password.'; } } ?> <form action="<?php echo $current_file; ?>" method="POST"> Username: <input type="text" name="username"> Password: <input type="password" name="password"> <input type="submit" value="Log in"> </form> Try that.

08-23-2012, 02:46 PM	#11
Madchen Member Join Date: Jun 2009 Location: Herzegovina Posts: 693	Re: Trying to make a login form. Can you add the html form too. __________________

08-24-2012, 12:33 PM	#14
Erios Member Join Date: Jul 2011 Location: Me too! Posts: 2,422 Blog Entries: 1	Re: Trying to make a login form. if ($query_run = mysql_query($query)) Not that good on php, but that should not be an statement. if ($query_run == mysql_query($query)) This should be, try that.

08-24-2012, 07:06 PM	#18
Audacious Member Join Date: Jun 2009 Location: In the world Platon doesn't believe in. Posts: 5,603 Blog Entries: 10	Re: Trying to make a login form. Hmm.... Now it says: "Notice: Undefined variable: query_run in C:\xampp\htdocs\loginform.inc.php on line 12 Notice: Undefined variable: query_run in C:\xampp\htdocs\loginform.inc.php on line 14 Warning: mysql_num_rows() expects parameter 1 to be resource, null given in C:\xampp\htdocs\loginform.inc.php on line 14 Invalid username/password combination." Line 14 is: "$query_num_rows = mysql_num_rows($query_run);" ---------------------------------------- I only have 1 user, at as far as I can understand from the warning, it seems like my user is on row 0 ? Or am I wrong? I thought my first user would be on row 1 ? Right?