Help! I'm trying to get a login script to work.
I get this error message
MySQL Login Error: You have an error in your SQL syntax near
''jvsd0001_cust omers` WHERE cust_name='test user' AND
cust_pass='test 123'' at line 1
I'm using a database called test
here is mysql table:
mysql> select * from jvsd0001_custom ers;
+---------+-----------+---------------+
| cust_id | cust_name | cust_password |
+---------+-----------+---------------+
| 1 | testuser | test123 |
+---------+-----------+---------------+
1 row in set (0.00 sec)
[jvsd0001@hal] pico login.php
UW PICO(tm) 4.2 File:
login.php Modified
<?php
$username = $_POST['user'];
$password = $_POST['pass'];
if (!$_POST['pass'] && !$_POST['user']) {
?>
<html><b>Memb er Login</b>
<br><form method="POST">U sername:
<br><input type="text" name="user" value="">
<br>Password:
<br><input type="text" name="pass" value="">
<br><input type="submit" name="submit" value="Login">
<?php
} else {
mysql_connect ("localhost" , "abdullah") or die ('My SQL Error: ' .
mysql_error());
mysql_select_db ("test");
$stuff = mysql_query("SE LECT * FROM 'jvsd0001_custo mers` WHERE
username='".$cu st_name."' AND password='".$cu st_pass."'") or
die("MySQL
Login Error: ".mysql_error() );
if (mysql_num_rows ($stuff) > 0) {
echo("Logged in");
} else {
echo("Login Incorrect. Please Try Again!");
}
}
?>
What's wrong???
I can't get this script to work either.
<?php
if(!isset($HTTP _POST_VARS['cust_name'])&&!isset($HTTP _POST_VARS['cust_pass']))
{
//Visitor needs to enter a name and password
?>
<h1>Please Log In</h1>
This page is secret.
<form method="post" action="secretd b.php">
<table border="1">
<tr>
<th> Username </th>
<td> <input type="text" name="cust_name "> </td>
</tr>
<tr>
<th> Password </th>
<td> <input type="password" name="cust_pass "> </td>
</tr>
<tr>
<td colspan="2" align="center">
<input type="submit" value="Log In">
</td>
</tr>
</table>
</form>
<?php
}
else
{
// connect to mysql
$mysql = mysql_connect( 'localhost', 'abdullah');
if(!$mysql)
{
echo 'Cannot connect to database.';
exit;
}
// select the appropriate database
$mysql = mysql_select_db ( 'test' );
if(!$mysql)
{
echo 'Cannot select database.';
exit;
}
// query the database to see if there is a record which matches
$query = "select count(*) from jvsd0001_custom ers where
cust_name = '$cust_name' and
cust_pass = '$cust_pass'";
$result = mysql_query( $query );
if(!$result)
{
echo 'Cannot run query.';
exit;
}
$count = mysql_result( $result, 0, 0 );
if ( $count > 0 )
{
// visitor's name and password combination are correct
echo '<h1>Here it is!</h1>';
echo 'I bet you are glad you can see this secret page.';
}
else
{
// visitor's name and password combination are not correct
echo '<h1>Go Away!</h1>';
echo 'You are not authorized to view this resource.';
}
}
?>
Can abody tell me what I'm doing wrong here, please! 6 3402
Well, in answer to your question, you need to change a few lines:
For starters:
mysql_connect ("localhost" , "abdullah") or die ('My SQL Error: ' .
mysql_error());
mysql_select_db ("test");
should read:
$db = mysql_connect(" localhost", "abdullah") or die ('My SQL Error: ' .
mysql_error());
mysql_select_db ("test", $db);
Secondly:
$stuff = mysql_query("SE LECT * FROM 'jvsd0001_custo mers` WHERE
username='".$cu st_name."' AND password='".$cu st_pass."'")
should read:
$stuff = mysql_query("SE LECT * FROM jvsd0001_custom ers WHERE
username='".$cu st_name."' AND password='".$cu st_pass."'", $db);
This is because PHP can manage several databases at once, so you need to
give each database a variable name. I've chosen $db, but you can use
whatever you want.
Secondly, you should probably be using encrypted passwords. It's just a
good idea. It's even built right in to MySQL. Instead of using password =
"your password here", you would use password = password("your password
here"). This will encode the password into a 16-digit hexadecimal string.
Next, if a user enters a quotation mark into their username or password,
it'll screw up your query. I'm not sure if there's a simple way of fixing
this.
Hopefully, this helps.
--
Jonathan Lamothe
Founder of the Anime Void. http://ani-void.cjb.net
Jonathan Lamothe wrote: Next, if a user enters a quotation mark into their username or password, it'll screw up your query. I'm not sure if there's a simple way of fixing this.
$sql .= "WHERE '".str_replace( "'","''",$dubio us_user_input). "'";
Look at your line:
username='".$cu st_name."' AND password='".$cu st_pass."'"
and write
username='$cust _name' AND password='$cust _pass'")
instead.
Eagle
On 24 Nov 2003 13:38:20 -0800, da**@cogeco.ca (Dal) wrote: Help! I'm trying to get a login script to work.
I get this error message
MySQL Login Error: You have an error in your SQL syntax near ''jvsd0001_cus tomers` WHERE cust_name='test user' AND cust_pass='tes t123'' at line 1
I'm using a database called test here is mysql table: mysql> select * from jvsd0001_custom ers; +---------+-----------+---------------+ | cust_id | cust_name | cust_password | +---------+-----------+---------------+ | 1 | testuser | test123 | +---------+-----------+---------------+ 1 row in set (0.00 sec)
[jvsd0001@hal] pico login.php
UW PICO(tm) 4.2 File: login.php Modified
<?php $username = $_POST['user']; $password = $_POST['pass']; if (!$_POST['pass'] && !$_POST['user']) { ?> <html><b>Membe r Login</b> <br><form method="POST">U sername: <br><input type="text" name="user" value=""> <br>Password : <br><input type="text" name="pass" value=""> <br><input type="submit" name="submit" value="Login"> <?php } else { mysql_connec t ("localhost" , "abdullah") or die ('My SQL Error: ' . mysql_error()) ; mysql_select_d b ("test"); $stuff = mysql_query("SE LECT * FROM 'jvsd0001_custo mers` WHERE username='".$c ust_name."' AND password='".$cu st_pass."'") or die("MySQL Login Error: ".mysql_error() ); if (mysql_num_rows ($stuff) > 0) { echo("Logged in"); } else { echo("Login Incorrect. Please Try Again!"); } } ?>
What's wrong???
I can't get this script to work either.
<?php if(!isset($HTTP _POST_VARS['cust_name'])&&!isset($HTTP _POST_VARS['cust_pass'])) { //Visitor needs to enter a name and password ?> <h1>Please Log In</h1> This page is secret. <form method="post" action="secretd b.php"> <table border="1"> <tr> <th> Username </th> <td> <input type="text" name="cust_name "> </td> </tr> <tr> <th> Password </th> <td> <input type="password" name="cust_pass "> </td> </tr> <tr> <td colspan="2" align="center"> <input type="submit" value="Log In"> </td> </tr> </table> </form> <?php } else { // connect to mysql $mysql = mysql_connect( 'localhost', 'abdullah'); if(!$mysql) { echo 'Cannot connect to database.'; exit; } // select the appropriate database $mysql = mysql_select_db ( 'test' ); if(!$mysql) { echo 'Cannot select database.'; exit; }
// query the database to see if there is a record which matches $query = "select count(*) from jvsd0001_custom ers where cust_name = '$cust_name' and cust_pass = '$cust_pass'";
$result = mysql_query( $query ); if(!$result) { echo 'Cannot run query.'; exit; }
$count = mysql_result( $result, 0, 0 );
if ( $count > 0 ) { // visitor's name and password combination are correct echo '<h1>Here it is!</h1>'; echo 'I bet you are glad you can see this secret page.'; } else { // visitor's name and password combination are not correct echo '<h1>Go Away!</h1>'; echo 'You are not authorized to view this resource.'; } } ?> Can abody tell me what I'm doing wrong here, please! password = password("your password here").
Hi !
What function is this ???????
It's not even listed in the PHP.net manual or anywhere else I look.
Am I missing something?
Eagle
Eagle wrote: Look at your line:
username='".$cu st_name."' AND password='".$cu st_pass."'"
and write
username='$cust _name' AND password='$cust _pass'")
instead. Eagle
Am I missing something or is that just a coding style issue.
Personally, I prefer the former. It separates the variables out more
clearly and is therefor easier to read for me.
I NEVER include variables references in a double quoted string literals.
But that's just my style.
"Eagle" <ea*********@ly cos.com> wrote in message
news:rp******** *************** *********@4ax.c om... password = password("your password here").
Hi !
What function is this ??????? It's not even listed in the PHP.net manual or anywhere else I look. Am I missing something?
Eagle
It is a function in MySQL, not PHP. This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics |
by: Dave |
last post by:
After following Microsofts admonition to reformat my system before doing a
final compilation of my app I got many warnings/errors upon compiling an rtf
file created in word. I used the Help Workshop program: hcw.exe that's
included with Visual Basic. This exact same file compiled perfectly with no
notes, warnings or errors prior to reformatting my system. Prior to the
reformatting, I copied the help.rtf file onto a CD and checked the box to...
|
by: Tom |
last post by:
A question for gui application programmers. . .
I 've got some GUI programs, written in Python/wxPython, and I've got
a help button and a help menu item. Also, I've got a compiled file
made with the microsoft HTML workshop utility, lets call it
c:\path\help.chm. My question is how do you launch it from the GUI?
What logic do I put behind the "help" button, in other words.
I thought it would be
os.spawnv(os.P_DETACH,...
|
by: wukexin |
last post by:
Help me, good men. I find mang books that introduce bit "mang header
files",they talk too bit,in fact it is my too fool, I don't learn it, I have
do a test program, but I have no correct doing result in any way. Who can
help me, I thank you very very much.
list.cpp(main program)
//--------------------------------------------------------------------------
-
#pragma hdrstop
#pragma argsused
|
by: Colin J. Williams |
last post by:
Python advertises some basic service:
C:\Python24>python
Python 2.4.1 (#65, Mar 30 2005, 09:13:57) on
win32
Type "help", "copyright", "credits" or "license" for more information.
>>>
With numarray, help gives unhelpful responses:
|
by: Corepaul |
last post by:
Missing Help Files
When I enter "recordset" as the keyword and search the Visual Basic Help index,
I get many topics of interest in the resulting list. But there isn't any
information available from clicking on many of the available topics (mostly
methods but some properties are also unavailable). This same problem occurs
with many, if not most, keywords.
Is there any way I can activate these "missing" help topics? HELP!
| |
by: Steve |
last post by:
I have written a help file (chm) for a DLL and referenced it using Help.ShowHelp
My expectation is that a developer using my DLL would be able to access this help file during his development time using "F1" help within the VB IDE. Is this expectation achievable
In trying to test my help file in the IDE, I have a solution with 2 projects: the DLL and a tester. VB does not look for my help file; instead, it looks for path to my source code...
|
by: Mark |
last post by:
I have loaded Visual Studio .net on my home computer and my laptop, but my
home computer has an abbreviated help screen not 2% of the help on my laptop.
All the settings look the same on both including search the internet for
help, but the help is worthless. Any ideas?
|
by: JonathanOrlev |
last post by:
Hello everybody,
I wrote this comment in another message of mine, but decided to post it
again as a standalone message.
I think that Microsoft's Office 2003 help system is horrible, probably
the worst I
ever seen.
I almost cannot find anything I need, including things I
|
by: trunxnirvana007 |
last post by:
'UPGRADE_WARNING: Array has a new behavior. Click for more: 'ms-help://MS.VSCC.v80/dv_commoner/local/redirect.htm?keyword="9B7D5ADD-D8FE-4819-A36C-6DEDAF088CC7"'
'UPGRADE_WARNING: Couldn't resolve default property of object Label. Click for more: 'ms-help://MS.VSCC.v80/dv_commoner/local/redirect.htm?keyword="6A50421D-15FE-4896-8A1B-2EC21E9037B2"'
Label = New Object(){Box1, Box2, Box3, Box4, Box5, Box6, Box7, Box8, Box9, Box10, Box11,...
|
by: hitencontractor |
last post by:
I am working on .NET Version 2003 making an SDI application that calls MS Excel 2003.
I added a menu item called "MyApp Help" in the end of the menu bar to show Help-> About.
The application calls MS Excel, so the scenario is that I am supposed to see the Excel Menu bar,
FILE EDIT VIEW INSERT ... HELP.
I am able to see the menu bar, but in case of Help, I see the Help of Excel and help of my application, both as a submenu of help.
...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth.
The Art of Business Website Design
Your website is...
| |
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own....
Now, this would greatly impact the work of software developers. The idea...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one.
At the time of converting from word file to html my equations which are in the word document file was convert into image.
Globals.ThisAddIn.Application.ActiveDocument.Select();...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols.
I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
| |
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
|
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
| |