rootKID Posted March 1, 2013 Share Posted March 1, 2013 (edited) ok, just quick... im getting this when trying to login: Unknown column 'e5035533a816cac4c54012281f58543d' in 'where clause' and this is my takelogin.php file: /*==========RUN LOGIN PROCEDURE===============*/$uname = sqlesc($_POST['username']); /*Form Names...*/$pass = sqlesc($_POST['password']); /*Form Names...*/if(isset($pass)){$passhash = md_5($pass); /*Securing The Data...*/}$query = "SELECT * FROM users WHERE username = $uname AND passhash = $passhash AND enabled = 'yes' AND status = 'confirmed'";$query_result = mysql_query($query)or die(mysql_error());//Running query to the DB...if(mysql_num_rows($query_result) == 1)/*if the DB returns somfthing, then run...*/{$row = mysql_fetch_array($query_result);$_SESSION['uid'] = $row['u_id'];$_SESSION['username'] = $row['username'];$_SESSION['pass'] = $row['passhash'];$_SESSION['status'] = $row['status'];$_SESSION['enabled'] = $row['enabled'];$_SESSION['email'] = $row['email'];$_SESSION['ip'] = $row['ip'];$_SESSION['class'] = $row['class'];$_SESSION['time_offset'] = $row['time_offset'];$_SESSION['dst_in_use'] = $row['dst_in_use'];$_SESSION['auto_correct_dst'] = $row['auto_correct_dst'];header('Refresh: 3; url=index.php');//with time delay...}else/*Error messeage...*/{$HTMLOUT .= "<center>Error reading login-session coding base, or a wrong username/pass inserted...</center>";header('Refresh: 3; url=index.php');//with time delay...}/*==========RUN LOGIN PROCEDURE===============*/ any ideas? Oo... Edited March 1, 2013 by rootKID Link to comment Share on other sites More sharing options...
birbal Posted March 1, 2013 Share Posted March 1, 2013 looks like you are using $passhash in place of column name. though your code looks ok. you can dump the query to see how does it look. also you need to quote around $passhash as it is string Link to comment Share on other sites More sharing options...
rootKID Posted March 1, 2013 Author Share Posted March 1, 2013 (edited) well, the quotes helped alot... now its going into the page at least and loading, but im getting this error: (Error reading login-session coding base, or a wrong username/pass inserted...)..) and i have checked the database... it should be just fine... no ideas why its giving me that error... i have used session_start and ob_start on each and one file that was needed... so it should be giving me at least a session running for the sessions im trying to get out... Edited March 1, 2013 by rootKID Link to comment Share on other sites More sharing options...
justsomeguy Posted March 1, 2013 Share Posted March 1, 2013 If it's giving you that error then this if statement is not true: if(mysql_num_rows($query_result) == 1) Link to comment Share on other sites More sharing options...
rootKID Posted March 1, 2013 Author Share Posted March 1, 2013 (edited) ohh... s-h-i-t...just realized that i checked the wrong database, and when i chose the right one, the users was empty... oops... anyways, i have now rechecked, and still doing the same thing, i just dont get it...the code is looking just fine in my eyes... Edited March 1, 2013 by rootKID Link to comment Share on other sites More sharing options...
thescientist Posted March 1, 2013 Share Posted March 1, 2013 is your password column actually called passhash? Link to comment Share on other sites More sharing options...
justsomeguy Posted March 1, 2013 Share Posted March 1, 2013 anyways, i have now rechecked, and still doing the same thing, i just dont get it...I don't understand what the confusion is. If the error message in the else block is showing, then the if statement is false. That means the database did not return any records. That means the query did not match any records. There's nothing mysterious about it, that's all there is to it. Apparently the data you're putting into the query does not match the data in the database. Link to comment Share on other sites More sharing options...
rootKID Posted March 2, 2013 Author Share Posted March 2, 2013 (edited) is your password column actually called passhash? yeah, why?... and yes jsg... i understand that part hehe , but what i dont understand is that the password (Should) be the same since im taking the passhash variable and making a MD5 on it before checking with the query... so it should be a match... Edited March 2, 2013 by rootKID Link to comment Share on other sites More sharing options...
Rollins Posted March 2, 2013 Share Posted March 2, 2013 shouldn the variables in the query be in single quotes.....? $query = "SELECT * FROM users WHERE username = $uname AND passhash = $passhash AND enabled = 'yes' AND status = 'confirmed'"; im just a n00b but shooting any way.....:s Link to comment Share on other sites More sharing options...
thescientist Posted March 2, 2013 Share Posted March 2, 2013 yeah, why?... and yes jsg... i understand that part hehe , but what i dont understand is that the password (Should) be the same since im taking the passhash variable and making a MD5 on it before checking with the query... so it should be a match... tbat's a lot of should's. what debugging/logging have you done to actually confirm what is happening though? echo'd the query? echo'd the md5 hash? visually compared that to what's in the database? don't guess, debug. Link to comment Share on other sites More sharing options...
rootKID Posted March 2, 2013 Author Share Posted March 2, 2013 well... i have done as you said, even tho i did do it last night, but anyhow. i tested with these in the code: $HTMLOUT .= "Username = " . $uname . "<br />";$HTMLOUT .= "pass = " . $pass . "<br />";$HTMLOUT .= "MD5 pass = " . $passhash . "<br />";$HTMLOUT .= $query_result . "<br />"; just for seeing if i got lucky, and i did not.i compared like you said with the user(s) in the Database... still nothing... Screen of what is happening: ATTACHED... so i know you were saying that you dont wonna hear me say it, but im saying anyhow. it (should) work as i see this...any idea, im a little bit lost Oo... Link to comment Share on other sites More sharing options...
birbal Posted March 2, 2013 Share Posted March 2, 2013 you should check the value which you are using to compare in if statement. have you checked how many rows it is printing? You can also copy paste the query in phpmyadmin to see the results instantly. Link to comment Share on other sites More sharing options...
rootKID Posted March 2, 2013 Author Share Posted March 2, 2013 im getting this error in phpmyadmin Unknown column 'Hyperion' in 'where clause' if im using this sql SELECT * FROM users WHERE username = 'Hyperion' AND passhash = 'e5035533a816cac4c54012281f58543d' AND enabled = 'yes' AND status = 'confirmed' ??? Link to comment Share on other sites More sharing options...
justsomeguy Posted March 4, 2013 Share Posted March 4, 2013 It shouldn't show that message if the value is properly quoted. Make sure those are actually regular single quotes and not UTF quotes. Link to comment Share on other sites More sharing options...
rootKID Posted March 16, 2013 Author Share Posted March 16, 2013 sorry for late reply all..i have finded a solution on everything! ... Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now