Linera Posted October 9, 2008 Share Posted October 9, 2008 I'm getting the following errors: Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in F:\AppServ\www\gm\login.php on line 15Warning: Cannot modify header information - headers already sent by (output started at F:\AppServ\www\gm\login.php:15) in F:\AppServ\www\gm\login.php on line 29Here is the login code:<?php // Session startensession_start ();include 'db.php';// Datenbankverbindung aufbauen $connectionid = mysql_connect ("$host_realm", "$usr_realm", "$pwd_realm"); if (!mysql_select_db ("$db_realm", $connectionid)) { die ("Keine Verbindung zur Datenbank"); } $result = mysql_query("SELECT acct, login, password FROM accounts WHERE `gm` > '0' AND `banned` = '0' AND login like '".$_REQUEST["name"]."' AND password = '".$_REQUEST["pwd"]."'"); if (mysql_num_rows($result) > 0) { // Benutzerdaten in ein Array auslesen. $data = mysql_fetch_array ($result); // Sessionvariablen erstellen und registrieren $_SESSION["user_id"] = $data["acct"]; $_SESSION["user_login"] = $data["login"]; $_SESSION["user_password"] = $data["password"]; header ("Location: main.php"); } else { header ("Location: formular.php?fehler=1"); } ?> Link to comment Share on other sites More sharing options...
Lulzim Posted October 9, 2008 Share Posted October 9, 2008 Your query is failing, that's why you get the first error. Check your sql query.after your mysql_query try to echo what's in mysql_error() it can help. echo mysql_error(); The second error is caused by the first error.Another tipuse $_POST or $_GET instead of $_REQUEST and don't use like in your sql queries on login scripts Link to comment Share on other sites More sharing options...
Ingolme Posted October 9, 2008 Share Posted October 9, 2008 One question:Is this at the beginning of the page? <?php// Session startensession_start (); I have a feeling you have some HTML or something before it.session_start() must always go before anything else is written. Link to comment Share on other sites More sharing options...
Lulzim Posted October 9, 2008 Share Posted October 9, 2008 One question:Is this at the beginning of the page?<?php // Session starten session_start (); I have a feeling you have some HTML or something before it.session_start() must always go before anything else is written. because of that mysql error, it outputs Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in F:\AppServ\www\gm\login.php on line 15 before header(). that's when the second error is thrown. Link to comment Share on other sites More sharing options...
Ingolme Posted October 9, 2008 Share Posted October 9, 2008 Hmm, that's right, actually. I didn't see the sencond header being sent. header ("Location: main.php"); The only thing is to make sure the MySQL query is correct.I think the problem is here: `gm` > '0' 0 shouldn't be between quotes because it's a number. Link to comment Share on other sites More sharing options...
Linera Posted October 12, 2008 Author Share Posted October 12, 2008 this is just the login.php file.Also I didn't write this, but since I don't know php I can't fix it myself. Link to comment Share on other sites More sharing options...
Lulzim Posted October 12, 2008 Share Posted October 12, 2008 well then the first step would be to check if column names on php are matching with the ones on dbsee if these columns acct, login, password , gm, banned exist on table accounts Link to comment Share on other sites More sharing options...
Linera Posted October 13, 2008 Author Share Posted October 13, 2008 I get this error: if (isset($_REQUEST["fehler"])) { echo "Die Zugangsdaten waren ungültig."; } Here is that php page: <?php session_start (); ?><html> <head> <body text="#FFFF00" bgcolor="#000000" vlink="#FF00FF"> <title>Login</title> </head> <body> <?php if (isset($_REQUEST["fehler"])) { echo "Die Zugangsdaten waren ungültig."; }?> <br><br><br><center> GameMaster Account Daten eingeben: </center><form action="login.php" method="post"> <p align="center">Login:      <input type="text" name="name" size="20"><br> Passwort: <input type="password" name="pwd" size="20"><br> <input type="submit" value="Login"> </p></form> </body> </html> Link to comment Share on other sites More sharing options...
justsomeguy Posted October 13, 2008 Share Posted October 13, 2008 Then apparently there is a variable in either post, get, session, or cookie called "fehler" that is getting set somewhere. Where would that get set? It's not in the code you posted. What does it mean when that is set? And what does the error message mean? Link to comment Share on other sites More sharing options...
Linera Posted October 13, 2008 Author Share Posted October 13, 2008 Then apparently there is a variable in either post, get, session, or cookie called "fehler" that is getting set somewhere. Where would that get set? It's not in the code you posted. What does it mean when that is set? And what does the error message mean?I have no idea what "Die Zugangsdaten waren ungültig." meansLike I said, I didn't write this.I'm trying to get it fixed since the person who did write it stopped working on it.also I don't know any php.btw, that last code script I posted is the first page you see. Link to comment Share on other sites More sharing options...
justsomeguy Posted October 13, 2008 Share Posted October 13, 2008 Well, then all I can say is what I already did, that there is a variable in either post, get, session, or cookie called "fehler" that is getting set somewhere. I can't tell from the code you posted where it's getting set or why, but that's the reason it's showing that message. That's exactly what the if statement is checking for:if (isset($_REQUEST["fehler"]))Also, why are you trying to fix a script that you didn't write that's written in a language you don't understand? Link to comment Share on other sites More sharing options...
Linera Posted October 13, 2008 Author Share Posted October 13, 2008 It goes with a game server I run. Link to comment Share on other sites More sharing options...
Linera Posted October 13, 2008 Author Share Posted October 13, 2008 I found the problem in my DB. The table has password and encrypted_password. I've always used encrypted_passwordThe password field is suppose to say blank in my DBHow can I have it check the entered password with the encrypted_passwordFor encrypted_password this is what it did: $sha1pass = sha1(strtoupper($in_user).":".strtoupper($pw3)); Here is the login script: <?php // Session startensession_start ();include 'db.php';// Datenbankverbindung aufbauen $connectionid = mysql_connect ("$host_realm", "$usr_realm", "$pwd_realm"); if (!mysql_select_db ("$db_realm", $connectionid)) { die ("Keine Verbindung zur Datenbank"); } $result = mysql_query("SELECT acct, login, password FROM accounts WHERE `gm` > '0' AND `banned` = '0' AND login like '".$_REQUEST["name"]."' AND password = '".$_REQUEST["pwd"]."'"); if (mysql_num_rows($result) > 0) { // Benutzerdaten in ein Array auslesen. $data = mysql_fetch_array ($result); // Sessionvariablen erstellen und registrieren $_SESSION["user_id"] = $data["acct"]; $_SESSION["user_login"] = $data["login"]; $_SESSION["user_password"] = $data["password"]; header ("Location: main.php"); } else { header ("Location: formular.php?fehler=1"); } ?> Link to comment Share on other sites More sharing options...
justsomeguy Posted October 13, 2008 Share Posted October 13, 2008 $result = mysql_query("SELECT acct, login, password FROM accounts WHERE `gm` > '0' AND `banned` = '0' AND login='".mysql_real_escape_string($_REQUEST["name"])."' AND password='".sha1(strtoupper($_REQUEST["name"]).":".strtoupper($_REQUEST["pwd"]))."'"); If the field in the database is something other than "password" then change that field name in the query. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.