Synook Posted April 3, 2008 Share Posted April 3, 2008 while on that topic, any idea why anything below the welcome line is not showing up?Probably because the query is not returning any rows. Check using mysql_num_rows() Link to comment Share on other sites More sharing options...
Faracus Posted April 3, 2008 Author Share Posted April 3, 2008 no matter where I put mysql_num_rows();, nothing below the welcome $_COOKIE is not showing up Link to comment Share on other sites More sharing options...
justsomeguy Posted April 3, 2008 Share Posted April 3, 2008 The query isn't returning anything because you're using the password from the cookie which is going to be different then what's saved in the database. You're also using a while loop, that should be an if statement just checking if a row was returned and showing an error if the user wasn't found in the database. It might also help you to format the code better so that it's easier to read. Link to comment Share on other sites More sharing options...
Faracus Posted April 3, 2008 Author Share Posted April 3, 2008 why would it not be the same?If I do a echo "You password is " . $_COOKIE['password'] . "<br>"; then it shows up with the password. Why wont it work on the query? Link to comment Share on other sites More sharing options...
justsomeguy Posted April 3, 2008 Share Posted April 3, 2008 Really? Are you storing the plain-text password in the cookie? Or are you using the code I gave you to hash the password? Link to comment Share on other sites More sharing options...
Faracus Posted April 3, 2008 Author Share Posted April 3, 2008 i'm not hashing them the code for the password cookie is setrawcookie("password", $_POST['password'], time()+1800); Link to comment Share on other sites More sharing options...
justsomeguy Posted April 3, 2008 Share Posted April 3, 2008 Why are you using setrawcookie instead of setcookie? Why are you even saving the username and password in a cookie at all instead of using the session. You should be aware that since cookies are just files sitting on the user's computer that storing both the username and password in plain text is highly insecure, there are many cookie-based attacks.Check for errors during the query, and also print the query out so you can see what you're sending to the database.$result = mysql_query($query) or exit(mysql_error()); Link to comment Share on other sites More sharing options...
Faracus Posted April 3, 2008 Author Share Posted April 3, 2008 well as i'm new to using Cookies and I have not even used sessions before I'm not exactly sure what I should have been using, but I think I see my problem, no where in my code am I connecting to the database.edit: after adding the connect line everything works. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.