Utherr12 Posted October 8, 2010 Share Posted October 8, 2010 $username = strtolower($_POST["Username"]);$mail = strtolower($_POST["Mail"]);$username_array = mysql_query("SELECT `name` FROM `test_table` WHERE `name` = '$username';",$phpDB);$mail_array = mysql_query("SELECT `mail` FROM `test_table` WHERE `mail` = '$mail';",$phpDB); $username_db = mysql_result($username_array,0);$mail_db = mysql_result($mail_array,0);if (($username==$username_db)&&($mail==$mail_db)) { $get_Umessages_array = mysql_query("SELECT `id` from `messages` WHERE `read` = '0' AND `to` = '$username';",$phpDB); $unread_msg = mysql_result($get_Umessages_array,0); $i = 0; if ($unread_msg=="") //get number ofundread messages { $num_msg = 0;} else { while($unread_msg!="") {$i += 1; $num_msg += 1; $unread_msg = mysql_result($get_Umessages_array,$i);} } $hash_pw_db_array = mysql_query("SELECT from `pw_hash` WHERE `name` = '$username';",$phpDB); $hash_pw_db = mysql_result($hash_pw_db_array,0); $pass = $_POST["pass_log"]; $pass_hash = hash('md5',$pass,false); if($hash_pw_db==$pass_hash) //check password { echo "some very long html code" } else {echo "Password is incorrect.<br />"; // debug echo $hash_pw_db."<br />"; echo $pass."<br />"; echo $pass_hash; } } // else {echo "<p style=\"font-family:Tahoma;font-size:medium\">Wrong Username or E-mail!</p>";} No matter what i type the password is incorrect because $pass_hash is "" nothing, and i don't know what i'm doing wrong because i've used this function earlier and it worked. SO the problem is that $pass_hash contains nothing and i dont know why... Link to comment Share on other sites More sharing options...
jeffman Posted October 8, 2010 Share Posted October 8, 2010 For a temporary test, try var_dump($_POST) just to make sure your form is passing along the data it's supposed to, and that the indexes are what you think they are.Using isset($_POST["pass_log"]) or !empty($_POST["pass_log"]) is also good practice before you try accessing that data.Have you tested the $hash function by passing it a hard-coded string? Are you sure $hash is available on your system? It requires a comparatively new version of PHP that some hosts may not have installed. Link to comment Share on other sites More sharing options...
Utherr12 Posted October 8, 2010 Author Share Posted October 8, 2010 It's passing the data because i used that debug thing and every variable there has the correct value $pass contains the string i entered in the form and $hash_pw_db contains the value in my sql db from the respective user name. The only variable that has nothing in it is $pass_hash. So i answered all your "questions"; the hash function works because i have it in db and the post variables are correct.BTW i changed the code a bit, i removed the email req in login page and replaced it with the password field and ReqI uploaded it here: http://pastebin.ca/1957568 Link to comment Share on other sites More sharing options...
jeffman Posted October 8, 2010 Share Posted October 8, 2010 So i answered all your "questions"What's up with the quotes? You asked for help, and I offered some. No need to be snarky about it. Link to comment Share on other sites More sharing options...
justsomeguy Posted October 8, 2010 Share Posted October 8, 2010 The hash function returns false if there was a problem and issues a warning. You can use var_dump on $pass_hash to determine if it is an empty string or boolean false. It may also be a good idea to make sure error messages are enabled:ini_set('display_errors', 1);error_reporting(E_ALL); Link to comment Share on other sites More sharing options...
Utherr12 Posted October 9, 2010 Author Share Posted October 9, 2010 Warning: mysql_result(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Helsinki' for '3.0/DST' instead in D:\webserver\messaging.php on line 23 Warning: mysql_result(): Unable to jump to row 0 on MySQL result index 5 in D:\webserver\messaging.php on line 23 line 23 is: "$unread_msg = mysql_result($get_Umessages_array,0);"Warning: mysql_result(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Helsinki' for '3.0/DST' instead in D:\webserver\messaging.php on line 33 Warning: mysql_result() expects parameter 1 to be resource, boolean given in D:\webserver\messaging.php on line 33 line 33 is: $hash_pw_db = mysql_result($hash_pw_db_array,0);Warning: main(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Helsinki' for '3.0/DST' instead in D:\webserver\messaging.php on line 36I had some errors in my SQL query sintax, i'm fixing them right now...LE: yes, now it works, the sql query was wrongly written. But how do i get rid of the "not safe to rely on..." warning message? Link to comment Share on other sites More sharing options...
wirehopper Posted October 9, 2010 Share Posted October 9, 2010 Set the timezone like so ini_set('date.timezone','Europe/Helsinki'); in the beginning of the script.Another option would be to use .htaccess and set it like so:php_value date.timezone 'Europe/Helsinki'Or set it in /etc/php.inidate.timezone = 'Europe/Helsinki'http://www.php.net/manual/en/configuration.changes.php Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.