login code

  • Nem
  • Guru
  • Guru
  • Nem
  • Posts: 1243
  • Loc: UK

Post 3+ Months Ago

Ok, im just experimenting here...

here is the code:

PHP Code: [ Select ]
include "../req/functions.php";
 
 
 
if (isset($loginvars['submit'])) {
 
 
 
 
 
if ( $loginvars['user'] == "" ) { $uerror = $loginerrors['nouser']; }
 
if ( $loginvars['pass'] == "" ) { $uerror = $loginerrors['nopass']; }
 
if ( $loginvars['user'] == "" && $loginvars['pass'] == "" ) { $uerror = $loginerrors['noinput']; }
 
 
 
 
 
include "../req/connect.php";
 
$query = ("SELECT * FROM `gs_admin` WHERE `id` = 1");
 
while ($row = mysql_fetch_array($query)) {
 
$sqluser = $row['user'];
 
$sqlpass = $row['pass'];
 
 
 
    if(!$sqluser || !$sqlpass){ $uerror = $loginerrors['nodata']; }
 
    else{
 
        if($sqluser == $loginvars['user'] && $sqlpass == $loginvars['pass']){
 
         
 
         echo "Welcome";
 
         
 
        }
 
        else { $uerror = $loginerrors['incorrectinput']; }
 
 
 
}
 
}
  1. include "../req/functions.php";
  2.  
  3.  
  4.  
  5. if (isset($loginvars['submit'])) {
  6.  
  7.  
  8.  
  9.  
  10.  
  11. if ( $loginvars['user'] == "" ) { $uerror = $loginerrors['nouser']; }
  12.  
  13. if ( $loginvars['pass'] == "" ) { $uerror = $loginerrors['nopass']; }
  14.  
  15. if ( $loginvars['user'] == "" && $loginvars['pass'] == "" ) { $uerror = $loginerrors['noinput']; }
  16.  
  17.  
  18.  
  19.  
  20.  
  21. include "../req/connect.php";
  22.  
  23. $query = ("SELECT * FROM `gs_admin` WHERE `id` = 1");
  24.  
  25. while ($row = mysql_fetch_array($query)) {
  26.  
  27. $sqluser = $row['user'];
  28.  
  29. $sqlpass = $row['pass'];
  30.  
  31.  
  32.  
  33.     if(!$sqluser || !$sqlpass){ $uerror = $loginerrors['nodata']; }
  34.  
  35.     else{
  36.  
  37.         if($sqluser == $loginvars['user'] && $sqlpass == $loginvars['pass']){
  38.  
  39.          
  40.  
  41.          echo "Welcome";
  42.  
  43.          
  44.  
  45.         }
  46.  
  47.         else { $uerror = $loginerrors['incorrectinput']; }
  48.  
  49.  
  50.  
  51. }
  52.  
  53. }


this is on top of the form.... i do not have an else statement underneath because i want any errors to show in the form itself... meaning the form should always be there.

When i made this code, not even the form shows now..... Can anyone spot any errors?!
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Scorpius
  • Proficient
  • Proficient
  • User avatar
  • Posts: 401
  • Loc: Scorpion Hole

Post 3+ Months Ago

Here I changed your code somewhat.
I don't know where you got $loginvars from but I dropped all of those.
PHP Code: [ Select ]
include "../req/functions.php";
 
 
 
if ($_POST['submit']) {
 
   if ( $_POST['user'] == "" ) {
 
      $uerror = $loginerrors['nouser'];
 
   }
 
   if ( $_POST['pass'] == "" ) {
 
      $uerror = $loginerrors['nopass'];
 
   }
 
   if ( $POST['user'] == "" && $POST['pass'] == "" ) {
 
      $uerror = $loginerrors['noinput'];
 
   }
 
   include "../req/connect.php";
 
   $md5pass = md5($_POST['password']);
 
   $query = ("SELECT * FROM `gs_admin` WHERE `user` = '$_POST[user]' AND `pass` = '$md5pass' LIMIT 1");
 
   if(mysql_num_rows($query) > 0) {
 
      $user = mysql_fetch_object($query);
 
      echo "Welcome $user->user";
 
      // set the cookie and/or sessions depending on what you use.
 
   } else {
 
      $uerror = $loginerrors['incorrectinput'];
 
   }
 
}
  1. include "../req/functions.php";
  2.  
  3.  
  4.  
  5. if ($_POST['submit']) {
  6.  
  7.    if ( $_POST['user'] == "" ) {
  8.  
  9.       $uerror = $loginerrors['nouser'];
  10.  
  11.    }
  12.  
  13.    if ( $_POST['pass'] == "" ) {
  14.  
  15.       $uerror = $loginerrors['nopass'];
  16.  
  17.    }
  18.  
  19.    if ( $POST['user'] == "" && $POST['pass'] == "" ) {
  20.  
  21.       $uerror = $loginerrors['noinput'];
  22.  
  23.    }
  24.  
  25.    include "../req/connect.php";
  26.  
  27.    $md5pass = md5($_POST['password']);
  28.  
  29.    $query = ("SELECT * FROM `gs_admin` WHERE `user` = '$_POST[user]' AND `pass` = '$md5pass' LIMIT 1");
  30.  
  31.    if(mysql_num_rows($query) > 0) {
  32.  
  33.       $user = mysql_fetch_object($query);
  34.  
  35.       echo "Welcome $user->user";
  36.  
  37.       // set the cookie and/or sessions depending on what you use.
  38.  
  39.    } else {
  40.  
  41.       $uerror = $loginerrors['incorrectinput'];
  42.  
  43.    }
  44.  
  45. }

I also cleaned it up a bit to make it look a bit more readable.
And if you don't have your passwords md5ed then you should do so.
Hope this helps.
  • Nem
  • Guru
  • Guru
  • Nem
  • Posts: 1243
  • Loc: UK

Post 3+ Months Ago

i want to show an error if there is no username and password in the database, and also if its incorrect
  • Nem
  • Guru
  • Guru
  • Nem
  • Posts: 1243
  • Loc: UK

Post 3+ Months Ago

this is why i had

PHP Code: [ Select ]
 
    if(!$sqluser || !$sqlpass){
 
$uerror = $loginerrors['nodata'];
 
}
 
 
 
 
  1.  
  2.     if(!$sqluser || !$sqlpass){
  3.  
  4. $uerror = $loginerrors['nodata'];
  5.  
  6. }
  7.  
  8.  
  9.  
  10.  
  • Scorpius
  • Proficient
  • Proficient
  • User avatar
  • Posts: 401
  • Loc: Scorpion Hole

Post 3+ Months Ago

Well then something like this?
PHP Code: [ Select ]
include "../req/functions.php";
 
 
 
if ($_POST['submit']) {
 
   $errCount = "0";
 
   if ( $_POST['user'] == "" ) {
 
      $uerror = "$uerror$loginerrors[nouser]<br>";
 
      $errCount = $errCount + 1;
 
   }
 
   if ( $_POST['pass'] == "" ) {
 
      $uerror = "$uerror$loginerrors[nopass]<br>";
 
      $errCount = $errCount + 1;
 
   }
 
   if ( $POST['user'] == "" && $POST['pass'] == "" ) {
 
      $uerror = "$uerror$loginerrors[noinput]<br>";
 
      $errCount = $errCount + 1;
 
   }
 
   if($errCount > 0) {
 
      echo $uerror;
 
   } else {
 
      include "../req/connect.php";
 
      $md5pass = md5($_POST['password']);
 
      $query = ("SELECT * FROM `gs_admin` WHERE `user` = '$_POST[user]' AND `pass` = '$md5pass' LIMIT 1");
 
      if(mysql_num_rows($query) > 0) {
 
         $user = mysql_fetch_object($query);
 
         echo "Welcome $user->user";
 
         // set the cookie and session if you use sessions.
 
      } else {
 
         $uerror = $loginerrors['incorrectinput'];
 
      }
 
   }
 
}
  1. include "../req/functions.php";
  2.  
  3.  
  4.  
  5. if ($_POST['submit']) {
  6.  
  7.    $errCount = "0";
  8.  
  9.    if ( $_POST['user'] == "" ) {
  10.  
  11.       $uerror = "$uerror$loginerrors[nouser]<br>";
  12.  
  13.       $errCount = $errCount + 1;
  14.  
  15.    }
  16.  
  17.    if ( $_POST['pass'] == "" ) {
  18.  
  19.       $uerror = "$uerror$loginerrors[nopass]<br>";
  20.  
  21.       $errCount = $errCount + 1;
  22.  
  23.    }
  24.  
  25.    if ( $POST['user'] == "" && $POST['pass'] == "" ) {
  26.  
  27.       $uerror = "$uerror$loginerrors[noinput]<br>";
  28.  
  29.       $errCount = $errCount + 1;
  30.  
  31.    }
  32.  
  33.    if($errCount > 0) {
  34.  
  35.       echo $uerror;
  36.  
  37.    } else {
  38.  
  39.       include "../req/connect.php";
  40.  
  41.       $md5pass = md5($_POST['password']);
  42.  
  43.       $query = ("SELECT * FROM `gs_admin` WHERE `user` = '$_POST[user]' AND `pass` = '$md5pass' LIMIT 1");
  44.  
  45.       if(mysql_num_rows($query) > 0) {
  46.  
  47.          $user = mysql_fetch_object($query);
  48.  
  49.          echo "Welcome $user->user";
  50.  
  51.          // set the cookie and session if you use sessions.
  52.  
  53.       } else {
  54.  
  55.          $uerror = $loginerrors['incorrectinput'];
  56.  
  57.       }
  58.  
  59.    }
  60.  
  61. }
  • Nem
  • Guru
  • Guru
  • Nem
  • Posts: 1243
  • Loc: UK

Post 3+ Months Ago

blank page all the time, something to do with:

PHP Code: [ Select ]
 
     include "../req/connect.php";
 
     $query = ("SELECT * FROM `gs_admin` WHERE `id` = 1");
 
     $row = mysql_fetch_array($query);
 
     $sqluser = $row['user'];
 
     $sqlpass = $row['pass'];
 
     if(!$sqluser || !$sqlpass){ $uerror = $loginerrors['nodata']; }{
 
  } else {
 
       if($sqluser == $loginvars['user'] && $sqlpass == $loginvars['pass']){
 
         echo "Welcome";
 
    } else {
 
               $uerror = $loginerrors['incorrectinput'];  
 
          }
 
     }
 
 
  1.  
  2.      include "../req/connect.php";
  3.  
  4.      $query = ("SELECT * FROM `gs_admin` WHERE `id` = 1");
  5.  
  6.      $row = mysql_fetch_array($query);
  7.  
  8.      $sqluser = $row['user'];
  9.  
  10.      $sqlpass = $row['pass'];
  11.  
  12.      if(!$sqluser || !$sqlpass){ $uerror = $loginerrors['nodata']; }{
  13.  
  14.   } else {
  15.  
  16.        if($sqluser == $loginvars['user'] && $sqlpass == $loginvars['pass']){
  17.  
  18.          echo "Welcome";
  19.  
  20.     } else {
  21.  
  22.                $uerror = $loginerrors['incorrectinput'];  
  23.  
  24.           }
  25.  
  26.      }
  27.  
  28.  


something in there
  • Cafu
  • Student
  • Student
  • Cafu
  • Posts: 97

Post 3+ Months Ago

put echo statements after every line like:

Code: [ Select ]
$query = ("SELECT * FROM `gs_admin` WHERE `id` = 1");
echo ($query."<br>"););
$row = mysql_fetch_array($query);
echo("did query<br>");
$sqluser = $row['user'];
echo("user= ".$sqluser."<br>");
$sqlpass = $row['pass'];
echo("pass= ".$sqlpass ."<br>");
  1. $query = ("SELECT * FROM `gs_admin` WHERE `id` = 1");
  2. echo ($query."<br>"););
  3. $row = mysql_fetch_array($query);
  4. echo("did query<br>");
  5. $sqluser = $row['user'];
  6. echo("user= ".$sqluser."<br>");
  7. $sqlpass = $row['pass'];
  8. echo("pass= ".$sqlpass ."<br>");


etc, etc.

right now you need to know which line causes the error. This is a primitive way of finding out, but it works.
  • Nem
  • Guru
  • Guru
  • Nem
  • Posts: 1243
  • Loc: UK

Post 3+ Months Ago

I have been trying to do that using:

PHP Code: [ Select ]
 
<?PHP
 
     include "../req/connect.php";
 
   
 
     $query = ("SELECT * FROM `gs_admin` WHERE id = 1");
 
     $result = MYSQL_QUERY($query);
 
     $row = mysql_fetch_row($result);
 
 
 
     $sqluser = $row['user'];
 
     $sqlpass = $row['pass'];
 
     
 
     echo $sqluser;
 
     echo "<BR>";
 
     echo $sqlpass;  
 
?>
 
 
  1.  
  2. <?PHP
  3.  
  4.      include "../req/connect.php";
  5.  
  6.    
  7.  
  8.      $query = ("SELECT * FROM `gs_admin` WHERE id = 1");
  9.  
  10.      $result = MYSQL_QUERY($query);
  11.  
  12.      $row = mysql_fetch_row($result);
  13.  
  14.  
  15.  
  16.      $sqluser = $row['user'];
  17.  
  18.      $sqlpass = $row['pass'];
  19.  
  20.      
  21.  
  22.      echo $sqluser;
  23.  
  24.      echo "<BR>";
  25.  
  26.      echo $sqlpass;  
  27.  
  28. ?>
  29.  
  30.  


Nothing what so ever.
  • Nem
  • Guru
  • Guru
  • Nem
  • Posts: 1243
  • Loc: UK

Post 3+ Months Ago

I just checked phpmyadmin, all the details are there, even the ID
  • Cafu
  • Student
  • Student
  • Cafu
  • Posts: 97

Post 3+ Months Ago

two things:

1) when doing echo commands like that, do them like this:
Code: [ Select ]
echo "user: ".$sqluser;

Without putting some other text in there, you can't be sure what is happening. Maybe those values are blank, maybe we are never even reaching that line of code. Putting some other text in there narrows it down.

2) If i had to guess, I'd say this line is causing the error for some reason:
Quote:
$result = MYSQL_QUERY($query);


you might want to try something like:

Code: [ Select ]
    if (! $result) {
            echo "<h2>Can't execute query</h2>";
            echo "<pre>" . htmlspecialchars($query) . "</pre>";
            echo "<p><b>MySQL Error</b>: ", mysql_error();
    }
  1.     if (! $result) {
  2.             echo "<h2>Can't execute query</h2>";
  3.             echo "<pre>" . htmlspecialchars($query) . "</pre>";
  4.             echo "<p><b>MySQL Error</b>: ", mysql_error();
  5.     }
  • Nem
  • Guru
  • Guru
  • Nem
  • Posts: 1243
  • Loc: UK

Post 3+ Months Ago

it shows:

Quote:
user:
pass:


Preview: http://dhost.info/gmforum/rethink/admin/testlog.php

Mind the pop up, its a free service after all.
  • Cafu
  • Student
  • Student
  • Cafu
  • Posts: 97

Post 3+ Months Ago

ok, so now you know its not crapping out before those echo statements, but you are not getting valid values in your variables.

I'd try these two things to narrow it down.

add:
Code: [ Select ]
echo "rows found: ". mysql_num_rows($result) . "<br>"

after
Code: [ Select ]
$result = MYSQL_QUERY($query);


also, if you are getting a row, try changing the lines where you set your variables to:
Code: [ Select ]
   $sqluser = $row[0];
   $sqlpass = $row[1];
  1.    $sqluser = $row[0];
  2.    $sqlpass = $row[1];
  • Nem
  • Guru
  • Guru
  • Nem
  • Posts: 1243
  • Loc: UK

Post 3+ Months Ago

code:

PHP Code: [ Select ]
 
<?PHP
 
     include "../req/connect.php";
 
   
 
     $query = ("SELECT * FROM `gs_admin` WHERE id = 1");
 
     
 
       echo "rows found: ". mysql_num_rows($result) . "<br>";
 
       
 
     
 
       $result = MYSQL_QUERY($query);
 
       
 
          if (! $result) {
 
                        echo "<h2>Can't execute query</h2>";
 
                        echo "<pre>" . htmlspecialchars($query) . "</pre>";
 
                        echo "<p><b>MySQL Error</b>: ", mysql_error();
 
       }
 
       
 
     $row = mysql_fetch_row($result);
 
 
 
     $sqluser = $row['user'];
 
     $sqlpass = $row['pass'];
 
     
 
     echo "user: ".$sqluser; ;
 
     echo "<BR>";
 
     echo "pass: ".$sqlpass; ;   
 
?>
 
 
  1.  
  2. <?PHP
  3.  
  4.      include "../req/connect.php";
  5.  
  6.    
  7.  
  8.      $query = ("SELECT * FROM `gs_admin` WHERE id = 1");
  9.  
  10.      
  11.  
  12.        echo "rows found: ". mysql_num_rows($result) . "<br>";
  13.  
  14.        
  15.  
  16.      
  17.  
  18.        $result = MYSQL_QUERY($query);
  19.  
  20.        
  21.  
  22.           if (! $result) {
  23.  
  24.                         echo "<h2>Can't execute query</h2>";
  25.  
  26.                         echo "<pre>" . htmlspecialchars($query) . "</pre>";
  27.  
  28.                         echo "<p><b>MySQL Error</b>: ", mysql_error();
  29.  
  30.        }
  31.  
  32.        
  33.  
  34.      $row = mysql_fetch_row($result);
  35.  
  36.  
  37.  
  38.      $sqluser = $row['user'];
  39.  
  40.      $sqlpass = $row['pass'];
  41.  
  42.      
  43.  
  44.      echo "user: ".$sqluser; ;
  45.  
  46.      echo "<BR>";
  47.  
  48.      echo "pass: ".$sqlpass; ;   
  49.  
  50. ?>
  51.  
  52.  


preview: http://dhost.info/gmforum/rethink/admin/testlog.php

its 'crapping' nothing out at all, not even rows.
  • Cafu
  • Student
  • Student
  • Cafu
  • Posts: 97

Post 3+ Months Ago

you need to put the mysql_num_rows after the $result = MYSQL_QUERY($query); line
  • Nem
  • Guru
  • Guru
  • Nem
  • Posts: 1243
  • Loc: UK

Post 3+ Months Ago

ok

preview: http://dhost.info/gmforum/rethink/admin/testlog.php

code:
PHP Code: [ Select ]
 
<?PHP
 
     include "../req/connect.php";
 
   
 
     $query = ("SELECT * FROM `gs_admin` WHERE id = 1");
 
 
 
       $result = MYSQL_QUERY($query);
 
       
 
       echo "rows found: ". mysql_num_rows($result) . "<br>";
 
       
 
       if (! $result) {
 
     echo "<h2>Can't execute query</h2>";
 
     echo "<pre>" . htmlspecialchars($query) . "</pre>";
 
     echo "<p><b>MySQL Error</b>: ", mysql_error();
 
     }
 
       
 
     $row = mysql_fetch_row($result);
 
 
 
     $sqluser = $row[0];
 
     $sqlpass = $row[1];
 
     
 
     echo "user: ".$sqluser;
 
     echo "<BR>";
 
     echo "pass: ".$sqlpass;  
 
?>
 
 
  1.  
  2. <?PHP
  3.  
  4.      include "../req/connect.php";
  5.  
  6.    
  7.  
  8.      $query = ("SELECT * FROM `gs_admin` WHERE id = 1");
  9.  
  10.  
  11.  
  12.        $result = MYSQL_QUERY($query);
  13.  
  14.        
  15.  
  16.        echo "rows found: ". mysql_num_rows($result) . "<br>";
  17.  
  18.        
  19.  
  20.        if (! $result) {
  21.  
  22.      echo "<h2>Can't execute query</h2>";
  23.  
  24.      echo "<pre>" . htmlspecialchars($query) . "</pre>";
  25.  
  26.      echo "<p><b>MySQL Error</b>: ", mysql_error();
  27.  
  28.      }
  29.  
  30.        
  31.  
  32.      $row = mysql_fetch_row($result);
  33.  
  34.  
  35.  
  36.      $sqluser = $row[0];
  37.  
  38.      $sqlpass = $row[1];
  39.  
  40.      
  41.  
  42.      echo "user: ".$sqluser;
  43.  
  44.      echo "<BR>";
  45.  
  46.      echo "pass: ".$sqlpass;  
  47.  
  48. ?>
  49.  
  50.  


0 = $row['id']
1 = $row['ip']

This is why it doesnt show user and pass because they are on a different row...

however, if i do:

$row['user']
$row['pass']

It doesnt show, which means the problem is there somewhere
  • Nem
  • Guru
  • Guru
  • Nem
  • Posts: 1243
  • Loc: UK

Post 3+ Months Ago

works now i changed:

PHP Code: [ Select ]
 
     $row = mysql_fetch_assoc($result);
 
 
 
     $sqluser = $row['user'];
 
     $sqlpass = $row['pass'];
 
     
 
     echo "user: ".$sqluser;
 
     echo "<BR>";
 
     echo "pass: ".$sqlpass;  
 
?>
 
 
  1.  
  2.      $row = mysql_fetch_assoc($result);
  3.  
  4.  
  5.  
  6.      $sqluser = $row['user'];
  7.  
  8.      $sqlpass = $row['pass'];
  9.  
  10.      
  11.  
  12.      echo "user: ".$sqluser;
  13.  
  14.      echo "<BR>";
  15.  
  16.      echo "pass: ".$sqlpass;  
  17.  
  18. ?>
  19.  
  20.  
  • Cafu
  • Student
  • Student
  • Cafu
  • Posts: 97

Post 3+ Months Ago

yeah man, I can't help you there because it has been a recurring problem of mine since I started using PHP and I've never figured it out. When I call the columns by name I almost invariably don't get values, but when I switch to refering to them by their column numbers it works.

So, I just always use column numbers rather than names.

You can change your query to select the colums you want rather than all columns like this:
Code: [ Select ]
   $query = ("SELECT user,pass FROM `gs_admin` WHERE id = 1");


or just figure out which column numbers are for user and pass and change the "0" and "1" to something else.


I suggest going the first route and selecting specific columns rather than using an asterix because:
1) When you select all columns using the wildcard I am not sure column order is guaranteed
2) Why select columns you don't need?
  • Cafu
  • Student
  • Student
  • Cafu
  • Posts: 97

Post 3+ Months Ago

ah, great, you solved the problem I was having too then:

It was the mysql_fetch_row that was the culprit.

I wonder if mysql_fetch_array would have worked for you also.
  • Nem
  • Guru
  • Guru
  • Nem
  • Posts: 1243
  • Loc: UK

Post 3+ Months Ago

the problem is you use:

mysql_fetch_array < i think

when your suppose to use:

mysql_fetch_assoc
  • Nem
  • Guru
  • Guru
  • Nem
  • Posts: 1243
  • Loc: UK

Post 3+ Months Ago

Now i used the same method for my login script, no luck!

http://dhost.info/gmforum/rethink/admin/login.php

user: gmforum
pass: gmforum

^^ its a test script...
  • Nem
  • Guru
  • Guru
  • Nem
  • Posts: 1243
  • Loc: UK

Post 3+ Months Ago

PHP Code: [ Select ]
 
//------------------PROBLEM STARTS HERE---------------------<<
 
 
 
include "../req/functions.php";
 
//make error count: 0
 
 $errorcount = 0;
 
 
 
     if (isset($loginvars['submit'])) {
 
     if ( $loginvars['user'] == "" ) {
 
          $uerror = $loginerrors['nouser'];
 
        $errorcount = $errorcount + 1;
 
     }
 
     if ( $loginvars['pass'] == "" ) {
 
          $uerror = $loginerrors['nopass'];
 
        $errorcount = $errorcount + 1;
 
     }
 
     if ( $loginvars['user'] == "" && $loginvars['pass'] == "" ) {
 
          $uerror = $loginerrors['noinput'];
 
        $errorcount = $errorcount + 1;
 
     }
 
//if there were no errors carry on with code  
 
 if ($errorcount = 0) {
 
//connect    
 
     include "../req/connect.php";
 
//select the table and extract information   
 
     $query = ("SELECT * FROM `gs_admin` WHERE `id` = 1");
 
    $result = MYSQL_QUERY($query);
 
     $row = mysql_fetch_assoc($query);
 
//make them shorter  
 
     $sqluser = $row['user'];
 
     $sqlpass = $row['pass'];
 
//check if there is no data    
 
     if(!$sqluser || !$sqlpass){
 
    $uerror = $loginerrors['nodata'];
 
     
 
    } else {
 
//see if the form variables and the sql data are the same
 
     if($sqluser == $loginvars['user'] && $sqlpass == $loginvars['pass'])
 
    {
 
     echo "Welcome";
 
//bring out an error if they dont.    
 
    } else {
 
     $uerror = $loginerrors['incorrectinput'];  
 
     
 
    }
 
    }
 
    }
 
    }
 
//----------END PROBLEM HERE----------------------<<
 
 
  1.  
  2. //------------------PROBLEM STARTS HERE---------------------<<
  3.  
  4.  
  5.  
  6. include "../req/functions.php";
  7.  
  8. //make error count: 0
  9.  
  10.  $errorcount = 0;
  11.  
  12.  
  13.  
  14.      if (isset($loginvars['submit'])) {
  15.  
  16.      if ( $loginvars['user'] == "" ) {
  17.  
  18.           $uerror = $loginerrors['nouser'];
  19.  
  20.         $errorcount = $errorcount + 1;
  21.  
  22.      }
  23.  
  24.      if ( $loginvars['pass'] == "" ) {
  25.  
  26.           $uerror = $loginerrors['nopass'];
  27.  
  28.         $errorcount = $errorcount + 1;
  29.  
  30.      }
  31.  
  32.      if ( $loginvars['user'] == "" && $loginvars['pass'] == "" ) {
  33.  
  34.           $uerror = $loginerrors['noinput'];
  35.  
  36.         $errorcount = $errorcount + 1;
  37.  
  38.      }
  39.  
  40. //if there were no errors carry on with code  
  41.  
  42.  if ($errorcount = 0) {
  43.  
  44. //connect    
  45.  
  46.      include "../req/connect.php";
  47.  
  48. //select the table and extract information   
  49.  
  50.      $query = ("SELECT * FROM `gs_admin` WHERE `id` = 1");
  51.  
  52.     $result = MYSQL_QUERY($query);
  53.  
  54.      $row = mysql_fetch_assoc($query);
  55.  
  56. //make them shorter  
  57.  
  58.      $sqluser = $row['user'];
  59.  
  60.      $sqlpass = $row['pass'];
  61.  
  62. //check if there is no data    
  63.  
  64.      if(!$sqluser || !$sqlpass){
  65.  
  66.     $uerror = $loginerrors['nodata'];
  67.  
  68.      
  69.  
  70.     } else {
  71.  
  72. //see if the form variables and the sql data are the same
  73.  
  74.      if($sqluser == $loginvars['user'] && $sqlpass == $loginvars['pass'])
  75.  
  76.     {
  77.  
  78.      echo "Welcome";
  79.  
  80. //bring out an error if they dont.    
  81.  
  82.     } else {
  83.  
  84.      $uerror = $loginerrors['incorrectinput'];  
  85.  
  86.      
  87.  
  88.     }
  89.  
  90.     }
  91.  
  92.     }
  93.  
  94.     }
  95.  
  96. //----------END PROBLEM HERE----------------------<<
  97.  
  98.  


here is the description.... the form is underneath this......

I descrribed each part.

Post Information

  • Total Posts in this topic: 21 posts
  • Users browsing this forum: No registered users and 160 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.