As said in my edit:
Make sure there is a field named login, and in the above code you posted, there is NOT one.Quote:
Originally Posted by thetestingsite
Either add a hidden field that for that or change the submit button name.
Printable View
As said in my edit:
Make sure there is a field named login, and in the above code you posted, there is NOT one.Quote:
Originally Posted by thetestingsite
Either add a hidden field that for that or change the submit button name.
Ok, I changed the name and now that works (seems I am good at making stupid little errors), but now I find that the data is not being entered into the sql table from the register.php page, so I set it to display an error, and this is what I get: "Column count doesn't match value count at row 1". It comes from this line of code:I have never seen this error and have no idea what it means, anyone know? Could it be related to my SQL code?PHP Code:$add = "INSERT INTO `users` VALUES ('', '$username', '$md5pass', '$email', '$ip', '$signup')";
mysql_query($add) or die (mysql_error()); //Run query
You need to include the column list or specify them exactly.
so it should look like this.
column_name needs to be changed to the correct columns(in the exact order)Code:INSERT INTO `users`(column_name,column_name,column_name,column_name,column_name,column_name) VALUES ('', '$username', '$md5pass', '$email', '$ip', '$signup')
Ok, I added what you said to and now it adds the data to the table :). However, yet another problem, I still get the "incorrect username" when I try to login. Since I know the data is indeed in the sql database, it must be something with the login page. Here is the full code:I get the error:PHP Code:<?php
require('config.php');
if (empty($online['id'])){
if ($_POST['Login']) { //If loggin submitted
$username = clean($_POST['username']);
$password = clean($_POST['password']);
if (!$username || !$password){ //If fields are empty
echo 'You left a field empty. <a href="'.$_SERVER['REQUEST_URI'].'">Back</a>.';
}
else {
$password = md5($password);
$query = "SELECT * FROM `users` WHERE username = '$username' AND password = '$password'";
mysql_query($query) or die(mysql_error());
if (mysql_num_rows($query) == 1){ //Info found
$expire = time() + (7*86400);
setcookie("username", $user, $expire); //Set Username cookie
setcookie("password", $pass, $expire); //Set password cookie
//Success
echo 'Success, you have been logged in!<br />';
echo '<a href="cpanel.php">Continue</a>...';
}
else { //If no info found
echo 'Incorrect username and password. <a href="'.$_SERVER['REQUEST_URI'].'">Back</a>.';
}
}
}
else {
require('form.php');
}
}
else {
require('logged_in.php');
}
?>
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /home/bntqann/public_html/testing/user_login/login.php on line 23. I do not know why it says mysql_num_rows() is not valid result, anyone know?
It should be like this:
Code:$query = "SELECT * FROM `users` WHERE username = '$username' AND password = '$password'";
$result = mysql_query($query) or die(mysql_error());
if (mysql_num_rows($result) == 1){ //Info found
Ok, I changed the mysql_num_rows() to what you showed me and it works good, but I still get the username incorrect error, anything else it could be?
Try echoing the variable $password after the following line in the above code.
If it matches the SQL entry, then you may need to make a workaround for this, by calling upon different queries (ex: one for the user information, and one for the password itself [like the below example]).Code:$password = md5($password);
However, if the variable $password does not match that in the SQL entry, you may need to make it into a new variable. Like so:Code:$password = md5($password);
$query = "SELECT * FROM `users` WHERE username = '$username'";
$result = mysql_query($query) or die(mysql_error());
$q = mysql_fetch_array($result);
if ($password == $q['password']) {
echo 'Login Success!';
}
else {
echo 'Login Failed';
}
//edit to your liking of course
Hope this helps.Code:$pwd = md5($password);
//sql query...
Another trick I use when a query isn't working, echo out the final query(after the variables have been added) and run it manually(with mysql command line tool, or maybe PhpMyAdmin). This will make sure you get the results you thought you would.
I tested echoed the password and it matches up with the database record of it. I am not sure how to make 2 different queries for the password and the username. In the code you gave before, what does this do:I don't know what the $q['password'] would do.PHP Code:if ($password == $q['password']) {
Another thing that I think may be the problem is my query code:Anything wrong in there?PHP Code:$query = "SELECT * FROM `users` WHERE username = '$user' AND password = '$password'";
$result = mysql_query($query) or die(mysql_error());
if (mysql_num_rows($result) == 1){ //Info found
thanks for all the help so far, hope someone sees something in the code or has an idea on whats wrong :)
Ok, so here's something that you could do. Change the following:
to this:Code:$query = "SELECT * FROM `users` WHERE username = '$username' AND password = '$password'";
$result = mysql_query($query) or die(mysql_error());
Then, below that, add the following:Code:$query = "SELECT * FROM `users` WHERE username = '$username'";
$result = mysql_query($query) or die(mysql_error());
What the above does is assign a variable ($q) to the array in the sql data that was returned from the query. After that, it takes that same variable with the array name "password" ( $q[password] ) and checks against the md5 encryption of that entered. If it matches, then the login was successful. Else, the login failed.Code:$q = mysql_fetch_array($result); //fetches the mysql array from the table.
if ($password == $q[password]) {
echo 'Login Success';
}
else {
echo 'Login Failed';
}
Hope this helps.