473,395 Members | 1,456 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > first time php login

Join Bytes to post your question to a community of 473,395 software developers and data experts.

First time PHP Login

Hey guys, I'm brand new to PHP (have been coding for about 2 days).

I made a simple form that pulls from a MySQL database, it worked fine and dandy. I tried to password protect it and it just keeps giving me the error message that I defined for a wrong password.

#1 Here's my code:
Expand|Select|Wrap|Line Numbers
  1.  
  2. <?php
  3.  
  4. include 'dbc.php';
  5.  
  6. $passfromhtml = $_POST["passhtml"];
  7. $emailfromhtml = $_POST["emailhtml"];
  8.  
  9. $password_select = mysql_query("SELECT pwd FROM client WHERE client_email = '$emailfromhtml'");
  10.  
  11. if($passfromhtml == $password_select) 
  12. {
  13.  
  14. $q=$_GET["q"];
  15.  
  16. $data_array = mysql_query("SELECT * FROM client WHERE client_email = '".$q."'");
  17. while($row = mysql_fetch_array($data_array))
  18. {
  19. $id = $row['id'];
  20. $full_name = $row['full_name'];
  21. $company_name = $row['company_name'];
  22. $client_email = $row['client_email'];
  23. $designer_email = $row['designer_email'];
  24. $user_level = $row['user_level'];
  25. $pwd = $row['pwd'];
  26. $address = $row['address'];
  27. $country = $row['country'];
  28. $tel = $row['tel'];
  29. $fax = $row['fax'];
  30. $website = $row['website'];
  31. $temp_website = $row['temp_website'];
  32. $price = $row['price'];
  33. $price_per_hour = $row['price_per_hour'];
  34. $percent_done = $row['percent_done'];
  35. $hours_worked = $row['hours_worked'];
  36. $services = $row['services'];
  37. $additional = $row['additional'];
  38. $status = $row['status'];
  39. }
  40.  
  41. $total_cost = $price_per_hour * $hours_worked ;
  42.  
  43. echo <<<HTML
  44.  
  45.  
  46. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
  47. <html xmlns="http://www.w3.org/1999/xhtml">
  48. <head>
  49. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
  50. <title>Admin Panel</title>
  51. <link href="css/admin.css" rel="stylesheet" type="text/css">
  52. <script type="text/javascript">
  53. function showUser(str)
  54. {
  55. if (str=="")
  56.   {
  57.   document.getElementById("panel").innerHTML="";
  58.   return;
  59.   } 
  60. if (window.XMLHttpRequest)
  61.   {// code for IE7+, Firefox, Chrome, Opera, Safari
  62.   xmlhttp=new XMLHttpRequest();
  63.   }
  64. else
  65.   {// code for IE6, IE5
  66.   xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
  67.   }
  68. xmlhttp.onreadystatechange=function()
  69.   {
  70.   if (xmlhttp.readyState==4 && xmlhttp.status==200)
  71.     {
  72.     document.getElementById("panel").innerHTML=xmlhttp.responseText;
  73.     }
  74.   }
  75. xmlhttp.open("GET","admin_cp.php?q="+str,true);
  76. xmlhttp.send();
  77. }
  78. </script>
  79. </head>
  80. <body>
  81. <div id="panel">
  82. <p>&nbsp;</p>
  83. <p>
  84. <form>
  85. <select name="users" onchange="showUser(this.value)">
  86. <option value="">Select a person:</option>
  87. <option value="biondizzle@gmail.com">Michael Biondi</option>
  88. <option value="saltolve@gmail.com">Salvatore Tolve</option>
  89. <option value="3">Glenn Quagmire</option>
  90. <option value="4">Joseph Swanson</option>
  91. </select>
  92. </form>
  93. $company_name | <a href=http://$temp_website target=_blank>My Websites progress</a> | Send Message to my designer |</p>
  94. <hr />
  95.  
  96. <ol>
  97.  
  98. <li>
  99. <div class="left">
  100. <p>
  101. <b>Client ID:</b> $id <br />
  102. <b>Company Name:</b> $company_name <br />
  103. <b>Email:</b> $client_email <br />
  104. <b>Website Price:</b> $price <br />
  105. <b>Price Per Hour:</b> $price_per_hour <br />
  106. <b>Percentage Done:</b> $percent_done <br />
  107. <b>Services:</b><br />
  108. $services<br />
  109. <b>Additional Comments:</b><br />
  110. $additional<br />
  111. <b>Hours Worked:</b> $hours_worked <b>Total Cost:</b> $total_cost
  112. </p>
  113. </div>
  114. </li>
  115.  
  116. <li>
  117. <div class="middle">
  118. <p>
  119. <h2>Status Update to Client:<h2><br />
  120. <textarea name="textarea" id="textarea" cols="25" rows="5"></textarea>
  121. </p>
  122. </div>
  123. </li>
  124.  
  125. <li>
  126. <div class="right">
  127. <p>
  128. <h2>Status:<h2><br />
  129. $status
  130. </p>
  131. </div>
  132. </li>
  133.  
  134. </ol>
  135. </div>
  136. </body>
  137. </html>
  138.  
  139.  
  140. HTML;
  141. }
  142. else
  143. {
  144. echo "Wrong password dipshit";
  145. }
  146. ?>
  147.  

and #2:
here's the link for you guys to see what I mean:

http://btdstudios.com/login.html
Try to log in as me:
<removed for your safety>

Like I said, I'm pretty new to PHP, so take it easy on me :) Thanks a bunch guys!
Jan 5 '12 #1
2 1473
Rabbit
12,516 Expert Mod 8TB
You may want to take down your login info... Someone can do bad things with it.
Jan 5 '12 #2
Dormilich
8,658 Expert Mod 8TB
I tried to password protect it and it just keeps giving me the error message that I defined for a wrong password.
that’s because you compare apples with pears. while $passfromhtml is indeed the password (a string) $password_select is a resource (a different data type). you either need to fetch the data from the mysql resource or (better) test inside mysql for a match.

ex. (this code may look like overkill, but this is necessary to prevent SQL Injection attacks. besides that is allows a graceful degadation, should your database fail (and you don’t give out system details in case of an error))
Expand|Select|Wrap|Line Numbers
  1. try
  2. {
  3.   // connect
  4.   $pdo = new PDO("mysql:host=localhost;dbname=my_database", $login, $pass);
  5.   // enable error handling
  6.   $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  7.   // create a safe query
  8.   $ps = $pdo->prepare("SELECT COUNT(*) FROM client WHERE client_email = :mail AND pwd = :pass");
  9.   // submit user data
  10.   $ps->bindValue("mail", $_POST["emailhtml"], PDO::PARAM_STR);
  11.   $ps->bindValue("pass", $_POST["passhtml"], PDO::PARAM_STR);
  12.   // get result
  13.   $ps->execute();
  14.   $logged_in = (bool) $ps->fetchColumn();
  15. }
  16. catch (Exception $e)
  17. {
  18.   // apologise to users
  19.   echo "<p>Sorry, an error occurred</p>";
  20.   // send details to you
  21.   mail("admin@example.com", "error", $e->getMessage(), "From: noreply@example.com");
  22. }
  23.  
  24. // proceed
  25. if ($logged_in)
  26. {
  27.   // …
  28. }
Jan 5 '12 #3

Sign in to post your reply or Sign up for a free account.

Similar topics

2
Process.Start taking a long time, the FIRST time only
by: Slide-O-Mix | last post by:
I am using the Process class to run an external application from my application. The first time I call the .Start() method it takes several seconds for the process to actually start. Subsequent...
.NET Framework
1
Runs Slow The First Time
by: Steve Bishop | last post by:
I have an application that uses data access that runs slow the first time. My first page reads data from an ODBC source and the second page hits a MSDE database. After each page opens the first...
C# / C Sharp
1
Events not firing (First time only) in a dynamic user control. Please help.
by: Shourie | last post by:
I've noticed that none of the child controls events are firing for the first time from the dynamic user control. Here is the event cycle. 1) MainPage_load 2) User control1_Load user clicks a...
ASP.NET
1
performance ( slow at the first time )
by: BK Kim | last post by:
Hello. I have made my aspx websites and I realized that my application is running slow at the first time but next time, it is very fast. Is it because the codes are compiled at the first time?...
ASP.NET
2
IIS hangs the first time two requests are made for same page quick
by: Brad Quinn | last post by:
It appears that IIS hangs the first time two requests are made for same page in quick succession. Although it may very well be something else I'm doing wrong. I have a page (ViewDocument.aspx)...
ASP.NET
11
ASP.NET application and first time load
by: Jason | last post by:
Hi I have a "problem" i have got a ASP.NET application. in this application i have included logging. in the logging i have logged how many seconds it takes for this application to fully load....
ASP.NET
16
an old geezer running visual studio for the first time
by: TB | last post by:
Hi all: If you think that the following comments are absolute amateurish, then please bear with me, or simply skip this thread. A couple of months back I made the decision to initiate a...
ASP.NET
1
Redirect not working first time in classic ASP
by: Andrew Poulos | last post by:
I have a simple page with a form in it that gets posted to the following ASP <%@ language="javascript" %> <% var login_success_page = "../intro.asp"; var login_failed_page =...
ASP / Active Server Pages
3
Showing a winform in Excel is slow the first time
by: Torben Laursen | last post by:
I have a COM shared add-in written in C# that I use in Excel. One of the thinks that the user can do is to open some winforms. The problem that I have is that the first time the user opens a...
C# / C Sharp
7
Session works, just not the first time
by: ArizonaJohn | last post by:
Hello, On my site, a user enters a value into a form, and if that value is not in my database, the code below is meant to give the user the message "The topic "value" has not been added. Add the...
PHP
0
Batch import of multiple excel files into the database
by: ryjfgjl | last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
Data Management
0
Merging data from multiple Excel files
by: ryjfgjl | last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
Data Management
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
0
BarryA
Navigating the Data Structures and Algorithms (DSA)
by: BarryA | last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
Algorithms / Advanced Math
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!