hugomax
07-13-2007, 09:07 AM
I am quite new to php and Mysql.
I am having problems with getting data from the mysql database when Im directed to another page.
Using a log in script when it posts it checks that data from the mysql exists then directs me to an alternative page, if the data isnt in the mysql database it stays on the same page...simple so far.
If i use this code it will direct me to the "getin.php" page but I can not get any of the data of the user from the mysql into the "getin.php" page it seems to loose it. (Below is the code for login.php)
<?php
include 'config.php';
ob_start();
echo "<left><font size=1><font face=\"verdana\"><b> Please enter your details here to log in</b></left></font><br><br>";
echo "<left><font size=1><font face=\"verdana\"><font color=\"red\">If you are a new user please click the register link below..<br></font>";
echo "<form action=\"./login.php\" method=\"POST\">";
echo "NTID: <br><input type=\"text\" name=\"ntid\"><br>";
echo "Pass: <br><input type=\"password\" name=\"password\"><br>";
echo "<input type=\"submit\" value=\"Login!\">";
echo "</form>";
echo "<br>Click <a href=\"reg/register.php\"><u>here!</u></a> to register your details";
echo "<br>Cant Login? Click <a href=\"recovery.php\"><u>here!</u></font></a>";
$connection = @mysql_connect($hostname, $user, $pass)
or die(mysql_error());
$dbs = @mysql_select_db($database, $connection) or
die(mysql_error());
$sql = "SELECT * FROM `users` WHERE ntid = '$_POST[ntid]' AND password = '$_POST[password]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$num = @mysql_num_rows($result);
if ($num != 0) {
$cookie_name = "auth";
$cookie_value = "fook";
$cookie_expire = "0";
$cookie_domain = $domain;
setcookie($cookie_name, $cookie_value, $cookie_expire, "/", $cookie_domain, 0);
header ("Location: http://" . $domain . "getin.php");
ob_end_flush();
exit;
}
?>
If I change the post command to read echo "<form action=\"./getin.php\" method=\"POST\">";
Then I can go directly to the "getin.php" page and can get the users details by using the code below within the "getin.php" script, but the drawback is that you can still get to the "getin.php" page without typing the correct username or password, then it wont show the details from mysql which is great but I would prefere it if they cant get passed the login page...
<?
include 'config.php';
$conn = mysql_connect("localhost","mydatabase","mypassword");
$db = mysql_select_db("mydatabase");
$firstname = $_POST["firstname"];
$surname = $_POST["surname"];
$phonelogin = $_POST["phonenumber"];
$location = $_POST["location"];
$ntid = $_POST["ntid"];
$password = $_POST["password"];
$result = MYSQL_QUERY("SELECT * from users WHERE ntid='$ntid'and password='$password'") or die ("Name and password not found or not matched");
$worked = mysql_fetch_array($result);
$firstname = $worked[firstname];
$surname = $worked[surname];
$phonelogin = $worked[phonenumber];
$location = $worked[location];
$ntid = $worked[ntid];
$password = $worked[password];
if($worked)
?>
<? echo "$firstname$surname $phonenumber $location $ntid"; ?>
What I want to do is have it so that the user cant go any further if they type incorrect details in the login page....but if they do type the correct details, it directs them to the "getin.php" page and Im able to pull information about the user from the database.
Sorry if its all a bit confusing...but if anyone can help or give me guidance I would really appreciate it, as I have a big red dot at the front of my head where Ive been banging it against the wall for the last few days.
Thanks
Hugo
I am having problems with getting data from the mysql database when Im directed to another page.
Using a log in script when it posts it checks that data from the mysql exists then directs me to an alternative page, if the data isnt in the mysql database it stays on the same page...simple so far.
If i use this code it will direct me to the "getin.php" page but I can not get any of the data of the user from the mysql into the "getin.php" page it seems to loose it. (Below is the code for login.php)
<?php
include 'config.php';
ob_start();
echo "<left><font size=1><font face=\"verdana\"><b> Please enter your details here to log in</b></left></font><br><br>";
echo "<left><font size=1><font face=\"verdana\"><font color=\"red\">If you are a new user please click the register link below..<br></font>";
echo "<form action=\"./login.php\" method=\"POST\">";
echo "NTID: <br><input type=\"text\" name=\"ntid\"><br>";
echo "Pass: <br><input type=\"password\" name=\"password\"><br>";
echo "<input type=\"submit\" value=\"Login!\">";
echo "</form>";
echo "<br>Click <a href=\"reg/register.php\"><u>here!</u></a> to register your details";
echo "<br>Cant Login? Click <a href=\"recovery.php\"><u>here!</u></font></a>";
$connection = @mysql_connect($hostname, $user, $pass)
or die(mysql_error());
$dbs = @mysql_select_db($database, $connection) or
die(mysql_error());
$sql = "SELECT * FROM `users` WHERE ntid = '$_POST[ntid]' AND password = '$_POST[password]'";
$result = @mysql_query($sql,$connection) or die(mysql_error());
$num = @mysql_num_rows($result);
if ($num != 0) {
$cookie_name = "auth";
$cookie_value = "fook";
$cookie_expire = "0";
$cookie_domain = $domain;
setcookie($cookie_name, $cookie_value, $cookie_expire, "/", $cookie_domain, 0);
header ("Location: http://" . $domain . "getin.php");
ob_end_flush();
exit;
}
?>
If I change the post command to read echo "<form action=\"./getin.php\" method=\"POST\">";
Then I can go directly to the "getin.php" page and can get the users details by using the code below within the "getin.php" script, but the drawback is that you can still get to the "getin.php" page without typing the correct username or password, then it wont show the details from mysql which is great but I would prefere it if they cant get passed the login page...
<?
include 'config.php';
$conn = mysql_connect("localhost","mydatabase","mypassword");
$db = mysql_select_db("mydatabase");
$firstname = $_POST["firstname"];
$surname = $_POST["surname"];
$phonelogin = $_POST["phonenumber"];
$location = $_POST["location"];
$ntid = $_POST["ntid"];
$password = $_POST["password"];
$result = MYSQL_QUERY("SELECT * from users WHERE ntid='$ntid'and password='$password'") or die ("Name and password not found or not matched");
$worked = mysql_fetch_array($result);
$firstname = $worked[firstname];
$surname = $worked[surname];
$phonelogin = $worked[phonenumber];
$location = $worked[location];
$ntid = $worked[ntid];
$password = $worked[password];
if($worked)
?>
<? echo "$firstname$surname $phonenumber $location $ntid"; ?>
What I want to do is have it so that the user cant go any further if they type incorrect details in the login page....but if they do type the correct details, it directs them to the "getin.php" page and Im able to pull information about the user from the database.
Sorry if its all a bit confusing...but if anyone can help or give me guidance I would really appreciate it, as I have a big red dot at the front of my head where Ive been banging it against the wall for the last few days.
Thanks
Hugo