I have been using the following code to validate a user on login to a members' section of a website (It was working on a RAQ4). After moving the site to a Linux Server [running Apache/2.0.50 (Fedora)]. The script does not work.. Can anyone help me diagnose it? Even if the correct login information is entered, it still lands on the first if statement and returns to the login page rather than going to the main content page. The musql query works fine when ran using telnet... meaning that the database has been set up fine. ... any ideas?
*************************************
<?php
$username = strtolower( $username );
$password = strtolower( $password );
include("mysqlconn.php");
$result = mysql_query( "select * from users where username='$username' and password='$password'");
$data = mysql_fetch_object($result);
$num_rows = mysql_num_rows($result);
if ($num_rows == 0){
header("location:index.php?loginfailed=YES");
}
if ($num_rows > 0) {
session_start();
session_register( "sid_user" );
session_register( "sid_email" );
session_register( "curr" );
$sid_user = $data->realname;
$sid_email = $data->email;
$curr = $data->currency;
include("mysqltidy.php");
$locator1 = "main.php?curr=$curr";
header("location:".$locator1);
}
?>**********************************
Thanks
Busy posted this at 21:25 — 30th October 2004.
He has: 6,157 posts
Joined: May 2001
break this down into two lines : $result = mysql_query( "select * from users where username='$username' and password='$password'");
something like:
$query = "select * from users where username='$username' and password='$password'";
$result = mysql_query($query);
then you can display the query: echo $query;
can also try:
$query = "select * from users where username='".$username."' and password='".$password."'";
<?bhb if(broken){ echo("It wasn't me
"); } ?>
Learn HTML the ez way - EzHTML.net
Some people are like slinkies, they dont really serve any purpose but they still bring a smile to your face when you push them down the stairs ...
mizzy posted this at 20:01 — 31st October 2004.
They have: 47 posts
Joined: Jun 2001
I think the problem is with the way the session anf URL variables are being handled... I have tried to put actual data into the query
eg
$result = mysql_query( "select * from users where username='test' and password='test'");
It logs me in fine though it does not carry the session variables for the name and the like... any ideas what the problem could be?
Busy posted this at 10:13 — 1st November 2004.
He has: 6,157 posts
Joined: May 2001
put your session register variables below the listing of the database variables
$sid_user = $data->realname;
$sid_email = $data->email;
$curr = $data->currency;
session_start();
session_register( "sid_user" );
session_register( "sid_email" );
session_register( "curr" );
you can also do the session register with one variable: session_register("sid_user","sid_email","curr");
<?bhb if(broken){ echo("It wasn't me
"); } ?>
Learn HTML the ez way - EzHTML.net
Some people are like slinkies, they dont really serve any purpose but they still bring a smile to your face when you push them down the stairs ...
Mark Hensler posted this at 03:06 — 17th November 2004.
He has: 4,044 posts
Joined: Aug 2000
Does the new server have a different version of PHP? It may not have register_globals on.
Try:
$username = strtolower( $_POST['username'] );
Mark Hensler ["Max Albert"] [Email]
If there is no answer on Google, then there is no question.