Jump to content

User Profiles


Faracus
 Share

Recommended Posts

ok this is what I have right now:

<?php$con = mysql_connect("localhost","****","****");if (!$con)  {  die('Could not connect: ' . mysql_error());  }    mysql_select_db("shackguys accounts", $con);// This could be supplied by a user, for example$uname = '$_POST[uname]';$password  = '$_POST[password]';// Formulate Query// This is the best way to perform a SQL query// For more examples, see mysql_real_escape_string()$query = sprintf("SELECT uname, password, age FROM accounts WHERE uname='%s' AND password='%s'",    mysql_real_escape_string($uanme),    mysql_real_escape_string($password));// Perform Query$result = mysql_query($query);// Check result// This shows the actual query sent to MySQL, and the error. Useful for debugging.if (!$result) {    $message  = 'Invalid query: ' . mysql_error() . "\n";    $message .= 'Whole query: ' . $query;    die($message);}// Use result// Attempting to print $result won't allow access to information in the resource// One of the mysql result functions must be used// See also mysql_result(), mysql_fetch_array(), mysql_fetch_row(), etc.while ($row = mysql_fetch_assoc($result)) {    echo $row['uname'];    echo $row['password'];    echo $row['age'];}// Free the resources associated with the result set// This is done automatically at the end of the scriptmysql_free_result($result);?>

and all I am getting is a blank screen.EDIT: tryed a new code, but still getting a blank screen, can anyone tell me whats wrong?

Link to comment
Share on other sites

$uname = '$_POST[uname]';$password = '$_POST[password]';Change to:$uname=$_POST['uname'];$password=$_POST['password'];PHP will think the values as actual strings $_POST[uname] and $_POST[password] for the username password instead of what the user entered as them. Make sure you have ' or " inside [] as PHP will think the value is a constant.You misspelled $uname in the following code$query = sprintf("SELECT uname, password, age FROM accounts WHERE uname='%s' AND password='%s'",mysql_real_escape_string($uanme),mysql_real_escape_string($password));Never output what your SQL code is; you don't want others to see it.

Link to comment
Share on other sites

Does your database name really have a space in it? Also, try printing out your query for debugging. What do you see?

Link to comment
Share on other sites

yes the DB does have a space in it, and I have not had problems with it, I only had a problem when the table had a space, but I fixed that a while ago, and I have managed to get this page working now. Thanks for the help people. It just took me some playing around haha.Now this should be my last question, it is HTML, but while I have this topic open I might as well ask it here, how do I check what a person enters in to a form like e-mail containing @ and . and also the date of Birth being in the correct format. Also how can I get it so they type their password twice and it makes sure they match, would I be able to do this with a HTML form or will it have to be in another scripting language?

Link to comment
Share on other sites

how do I check what a person enters in to a form like e-mail containing @ and . and also the date of Birth being in the correct format. Also how can I get it so they type their password twice and it makes sure they match, would I be able to do this with a HTML form or will it have to be in another scripting language?
You can use Regular Expressions - for email check http://www.regular-expressions.info/email.html . Birthdates can be checked for mm/dd/yyyy format using:
/^[1-9][1-2]?\/[0-2]?[1-9]\/[1-2][0-9]{3}$/

You can check their passwords when the form is processed and send them to an error page or back to the form if they don't match.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...