syco Posted May 11, 2008 Share Posted May 11, 2008 For some reason it says there is an invalid key or something... dusacomp.zxq.net/register.phptry and register and it says: Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /www/zxq.net/d/u/s/dusacomp/htdocs/register.php on line 28Warning: Cannot modify header information - headers already sent by (output started at /www/zxq.net/d/u/s/dusacomp/htdocs/register.php:28) in /www/zxq.net/d/u/s/dusacomp/htdocs/register.php on line 37 <?phprequire_once 'db.php';$page_mode = isset($_POST['page_mode']) ? $_POST['page_mode'] : '';$error_string = '';if ($page_mode == 'register'){ $email = trim($_POST['email']); // trim to remove whitespace $name = trim($_POST['username']); // trim to remove whitespace $password = $_POST['password']; $conf_password = $_POST['conf_password']; if (!isValidEmail($email)) $error_string .= 'Please enter a valid email address.<br>'; if ($name == '') $error_string .= 'Please enter your name.<br>'; if (strlen(trim($password)) < 6) $error_string .= 'You must enter a password of at least 6 characters.<br>'; if ($password != $conf_password) $error_string .= 'The password and confirmation password do not match.<br>'; if ($error_string == '') { $result = db_query("SELECT id FROM users WHERE email='" . mysql_real_escape_string($email) . "'"); if (mysql_num_rows($result) > 0) $error_string .= 'That email address is already registerd.<br>'; else { $email = mysql_real_escape_string($email); // protect against SQL attacks $name = mysql_real_escape_string($name); $password = sha1($password); // hash password db_query("INSERT INTO users (email, name, password) VALUES ('{$email}', '{$name}', '{$password}')"); header('Location: thankyou.php'); exit(); } }}function isValidEmail($email = ''){ return preg_match("/^[\d\w\/+!=#|$?%{^&}*`'~-][\d\w\/\.+!=#|$?%{^&}*`'~-]*@[A-Z0-9][A-Z0-9.-]{1,61}[A-Z0-9]\.[A-Z]{2,6}$/ix",$email);}?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html> <head> <title>Register</title> <style type="text/css"> .error_text { color: #FF0000; width: 400px; text-align: center; } .left_box { float: left; width: 150px; text-align: right; padding-right: 5px; } .right_box { clear: right; } </style> </head> <body> <div class="error_text"><?php echo $error_string; ?></div> <form action="register.php" method="post"> <input type="hidden" name="page_mode" value="register"> <div class="left_box">Email address</div> <div class="right_box"><input type="text" name="email" size="30" maxlength="255" value="<?php if (isset($email)) echo $email; ?>"></div> <div class="left_box">Username</div> <div class="right_box"><input type="text" name="username" size="30" maxlength="255" value="<?php if (isset($name)) echo $name; ?>"></div> <div class="left_box">Password</div> <div class="right_box"><input type="password" name="password" size="30"></div> <div class="left_box">Confirm Password</div> <div class="right_box"><input type="password" name="conf_password" size="30"></div> <div class="left_box"> </div> <div class="right_box"><input type="submit" value="Register" size="30"></div> </form> </body></html> Link to comment Share on other sites More sharing options...
Ingolme Posted May 11, 2008 Share Posted May 11, 2008 Can you show me where you declared the function db_query()? I'd say there's something wrong with it.Why not try mysql_query() instead? Link to comment Share on other sites More sharing options...
syco Posted May 11, 2008 Author Share Posted May 11, 2008 In the required file db.php <?php$con = mysql_connect('localhost', '*********************', '*******'); // host, username, passwordmysql_select_db('**********************', $con);function db_query($sql){ return mysql_query($sql, $GLOBALS['con']);}?> Also it said something about my mysql_num_rows() code Link to comment Share on other sites More sharing options...
Ingolme Posted May 12, 2008 Share Posted May 12, 2008 I recommend you edit your post and hide your information of the mysql_connect() function for security.Why not writing echo mysql_error(); to see what it tells you? Link to comment Share on other sites More sharing options...
syco Posted May 12, 2008 Author Share Posted May 12, 2008 1st i dont know where to put it but i put it there anyways, and nothing changed when i put it where i think it went... Link to comment Share on other sites More sharing options...
Ingolme Posted May 12, 2008 Share Posted May 12, 2008 Put it here: $result = db_query("SELECT id FROM users WHERE email='" . mysql_real_escape_string($email) . "'"); echo "<strong>Error:</strong> " . mysql_error(); And check what the page outputs when you run it. Link to comment Share on other sites More sharing options...
syco Posted May 12, 2008 Author Share Posted May 12, 2008 It basically said i had to move the header, but i don't know where to mover it Error: Warning: Cannot modify header information - headers already sent by (output started at /www/zxq.net/d/u/s/dusacomp/htdocs/register.php:28) in /www/zxq.net/d/u/s/dusacomp/htdocs/register.php on line 38 Link to comment Share on other sites More sharing options...
Ingolme Posted May 12, 2008 Share Posted May 12, 2008 OK, I wasn't thinking about that.Try this instead: if ($error_string == '') { $result = db_query("SELECT id FROM users WHERE email='" . mysql_real_escape_string($email) . "'"); $error_string = "<strong>Error:</strong> " . mysql_error(); ... ... Link to comment Share on other sites More sharing options...
syco Posted May 12, 2008 Author Share Posted May 12, 2008 nothing happened but now when i register nothing comes up in the table Link to comment Share on other sites More sharing options...
Ingolme Posted May 12, 2008 Share Posted May 12, 2008 Well, let's get down to the basics:SELECT id FROM users WHERE email=' something '1. Is there a field id?2. Is there a table called users?3. Is there a field email and is it spelled that way? Link to comment Share on other sites More sharing options...
syco Posted May 12, 2008 Author Share Posted May 12, 2008 Register works now, so does login. but when you logged in your username won't appear where i specified it to.Just register and login so you know what i mean. http://dusacomp.zxq.net <?phpsession_start();?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html> <head> <title>Index</title> </head> <body> <?php if (isset($_SESSION['user_id'])) { ?> Hello, <?php echo $_SESSION['user_username']; ?>, what do you think you're doing? I'm sorry, <?php echo $_SESSION['user_username']; ?>, I can't let you do that. <br><br> <a href="logout.php">Log out</a> <?php } else { ?> Click <a href="register.php">here</a> to register or click <a href="login.php">here</a> to log in. <?php } ?> </body></html> Link to comment Share on other sites More sharing options...
Wander Posted May 12, 2008 Share Posted May 12, 2008 are you sure u saved the username in $_SESSION['user_username']?, else try print_r($_SESSION); to see whats stored in the session Link to comment Share on other sites More sharing options...
syco Posted May 12, 2008 Author Share Posted May 12, 2008 yes i was sure but when i plugged in that code it says there is no username... try registering and logging in your self Link to comment Share on other sites More sharing options...
justsomeguy Posted May 12, 2008 Share Posted May 12, 2008 If it's saying no one is logged in then $_SESSION['user_id'] is not being set. Link to comment Share on other sites More sharing options...
syco Posted May 13, 2008 Author Share Posted May 13, 2008 it is set other wise it would tell you to register or login Link to comment Share on other sites More sharing options...
justsomeguy Posted May 13, 2008 Share Posted May 13, 2008 Right, I thought that was the problem. If the user name just isn't being printed then you're not saving the username in the variable that you're printing. That should be obvious. If you're printing $_SESSION['user_username'], and it's not printing anything, then there's nothing in it. Check the login page to see what is being set. Link to comment Share on other sites More sharing options...
syco Posted May 14, 2008 Author Share Posted May 14, 2008 i don't know exactly what being set b/c it was your code with a couple changes. <?phpsession_start();require_once 'db.php';$page_mode = isset($_POST['page_mode']) ? $_POST['page_mode'] : '';$error_string = '';if ($page_mode == 'login'){ $username = $_POST['username']; $password = $_POST['password']; if (trim($username) == '' || trim($password) == '') $error_string .= 'Please enter your username and password.<br>'; else { $result = db_query("SELECT id, email, password FROM users WHERE username='" . mysql_real_escape_string($username) . "'"); if (!($row = mysql_fetch_assoc($result))) $error_string .= 'The username was not found.<br>'; elseif ($row['password'] != sha1($password)) $error_string .= 'The password did not match.<br>'; else { $_SESSION['user_id'] = $row['id']; $_SESSION['user_username'] = $row['username']; $_SESSION['user_email'] = $row['email']; header('Location: index.php'); exit(); } }}?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html> <head> <title>Login</title> <style type="text/css"> .error_text { color: #FF0000; width: 400px; text-align: center; } .left_box { float: left; width: 150px; text-align: right; padding-right: 5px; } .right_box { clear: right; } </style> </head> <body> <div class="error_text"><?php echo $error_string; ?></div> <form action="login.php" method="post"> <input type="hidden" name="page_mode" value="login"> <div class="left_box">Username</div> <div class="right_box"><input type="text" name="username" size="30" maxlength="255" value="<?php if (isset($email)) echo $email; ?>"></div> <div class="left_box">Password</div> <div class="right_box"><input type="password" name="password" size="30"></div> <div class="left_box"> </div> <div class="right_box"><input type="submit" value="Log In" size="30"></div> </form> </body></html> Link to comment Share on other sites More sharing options...
justsomeguy Posted May 14, 2008 Share Posted May 14, 2008 One of the changes messed it up. You're saving $row['username'] into $_SESSION['user_username'], but you're not getting the username from the database. Either get the username from the database or save the $username variable instead of $row['username']. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.