Imoddedu Posted June 4, 2010 Share Posted June 4, 2010 I always get the Error: that I put in at the end of the code. <?php session_start(); if($_POST) { require_once 'config.php'; $username = $_POST['username']; $password = $_POST['password']; $conn = mysql_connect($dbhost,$dbuser,$dbpass) or die ('Error connecting to mysql'); mysql_select_db($dbname); $query = sprintf("SELECT COUNT(id) FROM users WHERE UPPER(username) = UPPER('%s') AND password='%s'", mysql_real_escape_string($username), mysql_real_escape_string(md5($password))); $result = mysql_query($query); list($count) = mysql_fetch_row($result); if($count == 1) { $_SESSION['authenticated'] = true; $_SESSION['username'] = $username; $query = sprintf("UPDATE users SET last_login = NOW() WHERE UPPER(username) = UPPER('%s') AND password = '%s'", mysql_real_escape_string($username), mysql_real_escape_string(md5($password))); mysql_query($query); $query = sprintf("SELECT is_admin FROM users WHERE UPPER(username) = UPPER('%s') AND password='%s'", mysql_real_escape_string($username), mysql_real_escape_string(md5($password))); $result = mysql_query($query); list($is_admin) = mysql_fetch_row($result); if($is_admin == 1) { header('Location:admin.php'); } else { header('Location:index.php'); } } else { ?><span style='color:red'>Error: that username and password combination does not match any currently within our database.</span><?php } }?> Link to comment Share on other sites More sharing options...
wirehopper Posted June 4, 2010 Share Posted June 4, 2010 Have you created any users? Link to comment Share on other sites More sharing options...
Imoddedu Posted June 4, 2010 Author Share Posted June 4, 2010 Yes I have made users and tried their logon information. I'm staring at my PHPmyAdmin right now. Link to comment Share on other sites More sharing options...
justsomeguy Posted June 4, 2010 Share Posted June 4, 2010 Since this is the if statement which evaluates to false: $result = mysql_query($query); list($count) = mysql_fetch_row($result); if($count == 1) { you'll want to test all that data. Print out the query to make sure it's correct, and run the query directly in phpMyAdmin to make sure it returns the record. Print the value of $count and see what that got set to. Link to comment Share on other sites More sharing options...
Imoddedu Posted June 5, 2010 Author Share Posted June 5, 2010 Since this is the if statement which evaluates to false: $result = mysql_query($query); list($count) = mysql_fetch_row($result); if($count == 1) { you'll want to test all that data. Print out the query to make sure it's correct, and run the query directly in phpMyAdmin to make sure it returns the record. Print the value of $count and see what that got set to. $count is equal to 0, won't workcould you help explain to me what the SQL query is doing as well? Link to comment Share on other sites More sharing options...
Imoddedu Posted June 5, 2010 Author Share Posted June 5, 2010 I suppose something is wrong with the coding, not the database? Link to comment Share on other sites More sharing options...
justsomeguy Posted June 6, 2010 Share Posted June 6, 2010 The query is selecting the number of rows where the username and password match. If $count is 0 then it sounds like it's not finding the user in the database. Have PHP print out the query it builds and copy and paste it to run in phpMyAdmin. You can see exactly what the database is being told to do. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.