php Login script issue

16/09/2007, 10h39

Hi,

Its just a login and password validation that I am trying to achieve. If the
username is correct then the person is able to view certain page, if
incorrect then he is directed elsewhere.

<?
$userid=mysql_real_escape_string($userid);
$password=mysql_real_escape_string($password);

if($rec=mysql_fetch_array(mysql_query("SELECT * FROM tablename WHERE
userName='$userName' AND password = '$password'"))){
if(($rec['userName']==$userName)&&($rec['password']==$password)){
include "../include/newsession.php";
echo "<p class=data> <center>Successfully,Logged in<br><br>
logout.php Log OUT <br><br> welcome.php Click here if your browser is not
redirecting automatically or you don't want to wait. <br></center>";
print "<script>";
print " self.location='submit-store-details.php';"; // Comment this
line if you don't want to redirect
print "</script>";

}
}
else {

session_unset();
echo "Wrong Login. Use your correct Userid and Password and Try
<br><center><input type='button' value='Retry'
onClick='history.go(-1)'></center>";

}
?>

I am getting this error when I am using this code:

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result
resource in thispage.php on line 37
Wrong Login. Use your correct Userid and Password and Try

Why does it show up everytime and whats wrong with mysql_fetch_array().

Please advice also if there is some other way available please me try
that.

Thanks,

Chris
--
View this message in context: http://www.nabble.com/php-Login-scri...html#a12698139
Sent from the PHP - General mailing list archive at Nabble.com.

16/09/2007, 11h04

On 9/16/07, Chris Carter <chandan9sharma@yahoo.com> wrote:
>
> Hi,
>
> Its just a login and password validation that I am trying to achieve. If the
> username is correct then the person is able to view certain page, if
> incorrect then he is directed elsewhere.
>
> <?
> $userid=mysql_real_escape_string($userid);

Here you call it $userid

> $password=mysql_real_escape_string($password);
>
> if($rec=mysql_fetch_array(mysql_query("SELECT * FROM tablename WHERE
> userName='$userName' AND password = '$password'"))){

and here you call it $userName. If this is the full code, $userName is
not set here, and it would result in query userName='' and mysql_query
will return FALSE, which isn't a valid mysql resource for
mysql_fetch_array.

> if(($rec['userName']==$userName)&&($rec['password']==$password)){
> include "../include/newsession.php";
> echo "<p class=data> <center>Successfully,Logged in<br><br>
> logout.php Log OUT <br><br> welcome.php Click here if your browser is not
> redirecting automatically or you don't want to wait. <br></center>";
> print "<script>";
> print " self.location='submit-store-details.php';"; // Comment this
> line if you don't want to redirect
> print "</script>";
>
> }
> }
> else {
>
> session_unset();
> echo "Wrong Login. Use your correct Userid and Password and Try
> <br><center><input type='button' value='Retry'
> onClick='history.go(-1)'></center>";
>
> }
> ?>
>
> I am getting this error when I am using this code:
>
> Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result
> resource in thispage.php on line 37
> Wrong Login. Use your correct Userid and Password and Try
>
> Why does it show up everytime and whats wrong with mysql_fetch_array().
>
> Please advice also if there is some other way available please me try
> that.
>
> Thanks,
>
> Chris

I advice you to split the code up in 2 seperate actions, and check for errors.

> if($rec=mysql_fetch_array(mysql_query("SELECT * FROM tablename WHERE userName='$userName' AND password = '$password'"))){

would become:
$result = mysql_query("SELECT * FROM tablename WHERE
userName='$userName' AND password = '$password'") or die
(mysql_error());
// You could also add some checks here with mysql_num_rows for example...
if($rec=mysql_fetch_array($result)){

Tijnema

--
If this is a mailing list: DO NOT TOP POST! why?:
http://www.caliburn.nl/topposting.html

Vote for PHP Color Coding (aka Syntax Highlighting) in Gmail! ->
http://gpcc.tijnema.info

16/09/2007, 13h54

Hi,

$result = mysql_query("SELECT * FROM tablename WHERE
userName='$userName' AND password = '$password'");
if($rec = mysql_fetch_array($result)){
//your code
}

Try like this it may solve. It may solve your problem
Don't try to fetch the result from one single line code.

Warm Regards,
Sanjeev
http://www.sanchanworld.com/
http://webdirectory.sanchanworld.com - Submit your website URL
http://webhosting.sanchanworld.com - Choose your best web hosting plan
-----Original Message-----
From: Chris Carter [mailto:chandan9sharma@yahoo.com]
Sent: Sunday, September 16, 2007 3:10 PM
To: php-general@lists.php.net
Subject: [php] php Login script issue

Hi,

Its just a login and password validation that I am trying to achieve. If the
username is correct then the person is able to view certain page, if
incorrect then he is directed elsewhere.

<?
$userid=mysql_real_escape_string($userid);
$password=mysql_real_escape_string($password);

if($rec=mysql_fetch_array(mysql_query("SELECT * FROM tablename WHERE
userName='$userName' AND password = '$password'"))){
if(($rec['userName']==$userName)&&($rec['password']==$password)){
include "../include/newsession.php";
echo "<p class=data> <center>Successfully,Logged in<br><br>
logout.php Log OUT <br><br> welcome.php Click here if your browser is not
redirecting automatically or you don't want to wait. <br></center>";
print "<script>";
print " self.location='submit-store-details.php';"; // Comment this
line if you don't want to redirect
print "</script>";

}
}
else {

session_unset();
echo "Wrong Login. Use your correct Userid and Password and Try
<br><center><input type='button' value='Retry'
onClick='history.go(-1)'></center>";

}
?>

I am getting this error when I am using this code:

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result
resource in thispage.php on line 37
Wrong Login. Use your correct Userid and Password and Try

Why does it show up everytime and whats wrong with mysql_fetch_array().

Please advice also if there is some other way available please me try
that.

Thanks,

Chris
--
View this message in context:
http://www.nabble.com/php-Login-script-issue-tf4450691.html#a12698139
Sent from the PHP - General mailing list archive at Nabble.com.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

16/09/2007, 14h48

argh! hotmail sucks

I don't see in the script where you are using $_POST / $_GET / $_REQUEST toaccess tha data from the form. Its likely that the example you are following is old and uses 'register_globals'. Since register_globals is a huge security hole and is not active in any new installations of PHP you need to change your script to use the above methods to get the form data. The error you are getting is due to the fact that you are not passing in the values tothe sql and not getting a valid result

Note that the below example fixes your issue but DOES NOT do any validation, which you really should do before passing your data to the sql...

$userid=mysql_real_escape_string($_POST['userid']);
$password=mysql_real_escape_string($_POST['password']);

if($rec=mysql_fetch_array(mysql_query("SELECT * FROM tablename WHERE> userName='$userName' AND password = '$password'"))){

if(($rec['userName']==$userName)&&($rec['password']==$password))

bastien

----------------------------------------> Date: Sun, 16 Sep 2007 02:39:57 -0700> From: chandan9sharma@yahoo.com> To: php-general@lists.php.net> Subject: [php] php Login script issue>>> Hi,>> Its just a login and password validation that I am trying to achieve. If the> username is correct then the person is able to view certain page, if> incorrect then he is directed elsewhere.>> $userid=mysql_real_escape_string($userid);> $password=mysql_real_escape_string($password);>> if($rec=mysql_fetch_array(mysql_query("SELECT * FROM tablename WHERE> userName='$userName' AND password = '$password'"))){> if(($rec['userName']==$userName)&&($rec['password']==$password)){> include "../include/newsession.php";> echo " Successfully,Logged in> logout.php Log OUT welcome.php Click here if your browser is not> redirecting automatically or you don't want to wait. ";> print "";>> }> }> else{>> session_unset();> echo "Wrong Login. Use your correct Userid and Password and Try> onClick='history.go(-1)'>";>> }> ?>>> I am getting this error when I am using this code:>> Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result> resource in thispage.php on line 37> Wrong Login. Use your correct Userid and Password and Try>> Why does it show upeverytime and whats wrong with mysql_fetch_array().>> Please advice also if there is some other way available please me try> that.>> Thanks,>> Chris> --> View this message in context: http://www.nabble.com/php-Login-script-issue-tf4450691.html#a12698139> Sent from the PHP - General mailing list archive at Nabble.com.>> --> PHP General Mailing List (http://www.php.net/)> To unsubscribe, visit: http://www.php.net/unsub.php>

__________________________________________________ _______________
Connect to the next generation of MSN Messenger
http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-us&source=wlmailtagline

16/09/2007, 10h39	#1 (permalink)
Chris Carter Messages: n/a Hébergeur:	php Login script issue Hi, Its just a login and password validation that I am trying to achieve. If the username is correct then the person is able to view certain page, if incorrect then he is directed elsewhere. <? $userid=mysql_real_escape_string($userid); $password=mysql_real_escape_string($password); if($rec=mysql_fetch_array(mysql_query("SELECT * FROM tablename WHERE userName='$userName' AND password = '$password'"))){ if(($rec['userName']==$userName)&&($rec['password']==$password)){ include "../include/newsession.php"; echo "<p class=data> <center>Successfully,Logged in<br><br> logout.php Log OUT <br><br> welcome.php Click here if your browser is not redirecting automatically or you don't want to wait. <br></center>"; print "<script>"; print " self.location='submit-store-details.php';"; // Comment this line if you don't want to redirect print "</script>"; } } else { session_unset(); echo "Wrong Login. Use your correct Userid and Password and Try <br><center><input type='button' value='Retry' onClick='history.go(-1)'></center>"; } ?> I am getting this error when I am using this code: Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in thispage.php on line 37 Wrong Login. Use your correct Userid and Password and Try Why does it show up everytime and whats wrong with mysql_fetch_array(). Please advice also if there is some other way available please me try that. Thanks, Chris -- View this message in context: http://www.nabble.com/php-Login-scri...html#a12698139 Sent from the PHP - General mailing list archive at Nabble.com.

16/09/2007, 11h04	#2 (permalink)
Tijnema Messages: n/a Hébergeur:	Re: [PHP] php Login script issue On 9/16/07, Chris Carter <chandan9sharma@yahoo.com> wrote: > > Hi, > > Its just a login and password validation that I am trying to achieve. If the > username is correct then the person is able to view certain page, if > incorrect then he is directed elsewhere. > > <? > $userid=mysql_real_escape_string($userid); Here you call it $userid > $password=mysql_real_escape_string($password); > > if($rec=mysql_fetch_array(mysql_query("SELECT * FROM tablename WHERE > userName='$userName' AND password = '$password'"))){ and here you call it $userName. If this is the full code, $userName is not set here, and it would result in query userName='' and mysql_query will return FALSE, which isn't a valid mysql resource for mysql_fetch_array. > if(($rec['userName']==$userName)&&($rec['password']==$password)){ > include "../include/newsession.php"; > echo "<p class=data> <center>Successfully,Logged in<br><br> > logout.php Log OUT <br><br> welcome.php Click here if your browser is not > redirecting automatically or you don't want to wait. <br></center>"; > print "<script>"; > print " self.location='submit-store-details.php';"; // Comment this > line if you don't want to redirect > print "</script>"; > > } > } > else { > > session_unset(); > echo "Wrong Login. Use your correct Userid and Password and Try > <br><center><input type='button' value='Retry' > onClick='history.go(-1)'></center>"; > > } > ?> > > I am getting this error when I am using this code: > > Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result > resource in thispage.php on line 37 > Wrong Login. Use your correct Userid and Password and Try > > Why does it show up everytime and whats wrong with mysql_fetch_array(). > > Please advice also if there is some other way available please me try > that. > > Thanks, > > Chris I advice you to split the code up in 2 seperate actions, and check for errors. > if($rec=mysql_fetch_array(mysql_query("SELECT * FROM tablename WHERE userName='$userName' AND password = '$password'"))){ would become: $result = mysql_query("SELECT * FROM tablename WHERE userName='$userName' AND password = '$password'") or die (mysql_error()); // You could also add some checks here with mysql_num_rows for example... if($rec=mysql_fetch_array($result)){ Tijnema -- If this is a mailing list: DO NOT TOP POST! why?: http://www.caliburn.nl/topposting.html Vote for PHP Color Coding (aka Syntax Highlighting) in Gmail! -> http://gpcc.tijnema.info

16/09/2007, 13h54	#3 (permalink)
Sanjeev N Messages: n/a Hébergeur:	RE: [PHP] php Login script issue Hi, $result = mysql_query("SELECT * FROM tablename WHERE userName='$userName' AND password = '$password'"); if($rec = mysql_fetch_array($result)){ //your code } Try like this it may solve. It may solve your problem Don't try to fetch the result from one single line code. Warm Regards, Sanjeev http://www.sanchanworld.com/ http://webdirectory.sanchanworld.com - Submit your website URL http://webhosting.sanchanworld.com - Choose your best web hosting plan -----Original Message----- From: Chris Carter [mailto:chandan9sharma@yahoo.com] Sent: Sunday, September 16, 2007 3:10 PM To: php-general@lists.php.net Subject: [php] php Login script issue Hi, Its just a login and password validation that I am trying to achieve. If the username is correct then the person is able to view certain page, if incorrect then he is directed elsewhere. <? $userid=mysql_real_escape_string($userid); $password=mysql_real_escape_string($password); if($rec=mysql_fetch_array(mysql_query("SELECT * FROM tablename WHERE userName='$userName' AND password = '$password'"))){ if(($rec['userName']==$userName)&&($rec['password']==$password)){ include "../include/newsession.php"; echo "<p class=data> <center>Successfully,Logged in<br><br> logout.php Log OUT <br><br> welcome.php Click here if your browser is not redirecting automatically or you don't want to wait. <br></center>"; print "<script>"; print " self.location='submit-store-details.php';"; // Comment this line if you don't want to redirect print "</script>"; } } else { session_unset(); echo "Wrong Login. Use your correct Userid and Password and Try <br><center><input type='button' value='Retry' onClick='history.go(-1)'></center>"; } ?> I am getting this error when I am using this code: Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in thispage.php on line 37 Wrong Login. Use your correct Userid and Password and Try Why does it show up everytime and whats wrong with mysql_fetch_array(). Please advice also if there is some other way available please me try that. Thanks, Chris -- View this message in context: http://www.nabble.com/php-Login-script-issue-tf4450691.html#a12698139 Sent from the PHP - General mailing list archive at Nabble.com. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php

16/09/2007, 14h48	#4 (permalink)
Bastien Koert Messages: n/a Hébergeur:	RE: [PHP] php Login script issue argh! hotmail sucks I don't see in the script where you are using $_POST / $_GET / $_REQUEST toaccess tha data from the form. Its likely that the example you are following is old and uses 'register_globals'. Since register_globals is a huge security hole and is not active in any new installations of PHP you need to change your script to use the above methods to get the form data. The error you are getting is due to the fact that you are not passing in the values tothe sql and not getting a valid result Note that the below example fixes your issue but DOES NOT do any validation, which you really should do before passing your data to the sql... $userid=mysql_real_escape_string($_POST['userid']); $password=mysql_real_escape_string($_POST['password']); if($rec=mysql_fetch_array(mysql_query("SELECT * FROM tablename WHERE> userName='$userName' AND password = '$password'"))){ if(($rec['userName']==$userName)&&($rec['password']==$password)) bastien ----------------------------------------> Date: Sun, 16 Sep 2007 02:39:57 -0700> From: chandan9sharma@yahoo.com> To: php-general@lists.php.net> Subject: [php] php Login script issue>>> Hi,>> Its just a login and password validation that I am trying to achieve. If the> username is correct then the person is able to view certain page, if> incorrect then he is directed elsewhere.>> $userid=mysql_real_escape_string($userid);> $password=mysql_real_escape_string($password);>> if($rec=mysql_fetch_array(mysql_query("SELECT * FROM tablename WHERE> userName='$userName' AND password = '$password'"))){> if(($rec['userName']==$userName)&&($rec['password']==$password)){> include "../include/newsession.php";> echo " Successfully,Logged in> logout.php Log OUT welcome.php Click here if your browser is not> redirecting automatically or you don't want to wait. ";> print "";>> }> }> else{>> session_unset();> echo "Wrong Login. Use your correct Userid and Password and Try> onClick='history.go(-1)'>";>> }> ?>>> I am getting this error when I am using this code:>> Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result> resource in thispage.php on line 37> Wrong Login. Use your correct Userid and Password and Try>> Why does it show upeverytime and whats wrong with mysql_fetch_array().>> Please advice also if there is some other way available please me try> that.>> Thanks,>> Chris> --> View this message in context: http://www.nabble.com/php-Login-script-issue-tf4450691.html#a12698139> Sent from the PHP - General mailing list archive at Nabble.com.>> --> PHP General Mailing List (http://www.php.net/)> To unsubscribe, visit: http://www.php.net/unsub.php> __________________________________________________ _______________ Connect to the next generation of MSN Messenger http://imagine-msn.com/messenger/launch80/default.aspx?locale=en-us&source=wlmailtagline

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email