Simple Login not working

[JRF2k]

Hello,

Not sure where I am going wrong with this. When I run it, I get a blank page or if I have Friendly Error messages turned on I get a 500 Internal Server error.

Any help is tremendously welcomed!

PHP Code:

<?php


$conn=odbc_connect('Warranty','','');
if (!$conn)
  {exit("Connection Failed: " . $conn);}



$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

$sql="SELECT * FROM Admins WHERE Username='$myusername' and Password='$mypassword'";

$results= odbc_execute($sql);

$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "AdminPage.php"
session_register("myusername");
session_register("mypassword"); 
header("location:AdminPage.php");
}
else {
echo "Wrong Username or Password";
}
?>

[NXArmada]

You are using a MySQL Command to do a count on an ODBC connection. you need to use the ODBC version of mysql_num_rows()

Detail can be found here: http://us.php.net/manual/en/function.odbc-num-rows.php

PHP Code:

<?php


$conn=odbc_connect('Warranty','','');
if (!$conn)
  {exit("Connection Failed: " . $conn);}



$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

$sql="SELECT * FROM Admins WHERE username='$myusername' and password='$mypassword'";

$results= odbc_execute($sql);

$count= odbc_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "AdminPage.php"
session_register("myusername");
session_register("mypassword"); 
header("location:AdminPage.php");
}
else {
echo "Wrong Username or Password";
}
?>

[JRF2k]

Thank you, Ryan!

That got it working somewhat.

Now when I type in the user/pass and hit submit it just tells me my username and password are wrong. I checked the DB where I am storing this and I am using the correct entries. I checked the script again and now with your help everything appears to be correct.

Not sure if this would be helpful but here is my Form HTML:

Code:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD><TITLE>Enter Page Title Here</TITLE>
<META http-equiv=Content-Type content="text/html; charset=UTF-8">
<META content="MSHTML 6.00.6000.16608" name=GENERATOR>
<STYLE type=text/css>BODY {
	FONT-FAMILY: verdana, arial, sans-serif
}
</STYLE>
</HEAD>
<BODY>
<P><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR><BR>&nbsp;</P>
<P><BR>&nbsp;</P>
<TABLE cellSpacing=1 cellPadding=0 width=300 align=center bgColor=#cccccc 
border=0>
  <TBODY>
  <TR>
    <FORM name=form1 action=checkuser.php method=post>
    <TD>
      <TABLE cellSpacing=1 cellPadding=3 width="100%" bgColor=#ffffff 
        border=0><TBODY>
        <TR>
          <TD colSpan=3><STRONG>Admin Login </STRONG></TD></TR>
        <TR>
          <TD width=78>Username</TD>
          <TD width=6>:</TD>
          <TD width=294><INPUT id=myusername name=myusername></TD></TR>
        <TR>
          <TD>Password</TD>
          <TD>:</TD>
          <TD><INPUT id=mypassword name=mypassword></TD></TR>
        <TR>
          <TD>&nbsp;</TD>
          <TD>&nbsp;</TD>
          <TD><INPUT type=submit value=Login name=Submit></TD></TR></TBODY></TABLE></TD></FORM></TR></TBODY></TABLE></BODY></HTML>

Thank you for your time and expertise.

[city_coder]

Try echoing $count out to your screen at the same time as your error message, you may find that it isn't 1 :P

Also you may find that you will want to LIMIT the sql statement so that it only brings back one result, otherwise it may bring back 5 and it will just take the first one of the result set.

[JRF2k]

OK, I tried to echo $count and I just get the page again with Invalid Username or Password. I put the statement right below $count= odbc_num_rows($result); statement. I've also tried putting the echo state at the very end, but that doesn't show me anything either.

PHP Code:

<?php


$conn=odbc_connect('Warranty','','');
if (!$conn)
  {exit("Connection Failed: " . $conn);}



$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

$sql="SELECT * FROM Admins WHERE Username='$myusername' and Password='$mypassword'";

$results= odbc_execute($sql);

$count= odbc_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row
echo $count;
if($count==1){
// Register $myusername, $mypassword and redirect to file "AdminPage.php"
session_register("myusername");
session_register("mypassword"); 
header("location: AdminPage.php");
}
else {
echo "Wrong Username or Password";
}
?>

[thetestingsite]

It should be

Code:

$count= odbc_num_rows($results);

Hope this helps.

[JRF2k]

Thank you. I didn't see the missing 's'.

However, I still get the same result. Even if I echo $count I get a white page with Wrong Username or Password on it.

I had really hoped all it was was the missing 's'

[JRF2k]

I verified that the values of the form are being stored correctly.

I commented out everything except what is below:

PHP Code:

<?php


$conn=odbc_connect('Warranty','','');
if (!$conn)
  {exit("Connection Failed: " . $conn);}



$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 
echo $myusername;
echo $mypassword;

?>

The values from the form are being carried over.

I then did:

PHP Code:

<?php


$conn=odbc_connect('Warranty','','');
if (!$conn)
  {exit("Connection Failed: " . $conn);}



$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 
echo $myusername;
echo $mypassword;

$sql="SELECT * FROM Admins WHERE Username='$myusername' and Password='$mypassword'";

$results= odbc_execute($sql);

$count= odbc_num_rows($results);
echo $count;
?>

But I get nothing but what I typed in the form. I've tried to echo $count and $results but it's the same thing over and over.

$sql appears to be right. It's when I try to echo $results or $count that I get nothing. I've tried chaning $count == from 1 to 2 since I have 2 entries in there and still nothing.

[JRF2k]

ALMOST!!! ARGH!!!

So close!

Code:

<?php


$conn=odbc_connect('Warranty','','');
if (!$conn)
  {exit("Connection Failed: " . $conn);}



$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

$sql="SELECT * FROM Admins WHERE Username='$myusername' and Password='$mypassword'";

$results=odbc_execute($sql);

$count= odbc_num_rows($results);

$num= count($count);

echo $num;

//If result matched $myusername and $mypassword, table row must be 1 row

if($num==1){
// Register $myusername, $mypassword and redirect to file "AdminPage.php"
session_register("myusername");
session_register("mypassword"); 
header("location:http://server/AdminPage.php"); 
}
else {
echo "Wrong Username or Password";
}

?>

So I added:

$num= count($count);

echo $num;

to the code and that seemed to fix it, however, now it doesn't matter what user/pass I put in it, it will let you into the Admin page.

Seems to me though I would need some logic to tell it to compare $myusername and $mypassword to what was entered.

[city_coder]

If in your database you have only 1 entry that matches the details that you entered(which should be the case) then mysql will bring back an array of results and an array starts from 0.

try doing this, you will see that you are getting $count back or $num whichever you use.

Code:

echo 'number of results returned is '.$count.'.';

If there is just a space inbetween the msg and the fullstop then you know that the results are equal to NULL or 0.

Try putting the echo $num; in the section of the if when the results have been compared.

You may also want to strip any spaces in front of or after the username and password being sent through. It wont help for now but its something you should think about for when you get it up and running.

Anyway, hopefully those things will help, either that or iv just wasted your time then sorry, lol. hope not