Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Programming/Scripts

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 18th November 2011, 08:30
beaney beaney is offline
Junior Member
 
Join Date: Nov 2011
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default need help with my query script. any help greatly appreciated

Im having trouble getting my login to work on my site.
it keeps telling me query failed, but when i echo out the username and password it matches the one on the server so i dont understand why its not working. heres a link to my site http://trieste.sdsu.edu/~trst016/proj2/proj2.html
Im a new programmer by the way very noob.

PHP Code:
$db mysqli_connect($server$user$password$database);
        
       
            
$salt "45Gxkj9583lPMdxoekfg"
        
$user $_POST['username'];
        
$pass crypt($_POST['password'], $salt);
            
        echo 
"<h2>welcome you are now logged in ".$user." ".$pass."</h2><br />\n";
        
$sql "SELECT username, password FROM faculty WHERE username = $user AND password = $pass";
        
        
$result mysqli_query($sql,$db) or die('Query failed: ' mysql_error($db));
        
        if (
mysql_num_rows($result) == 1)
        {
            
//successful login
            
echo "<h2>Welcome  You are now logged in.</h2>\n";
        }
        else
        {
            
// not successful
            
$page file_get_contents("err_login.html");
                    echo 
$page;
                    exit;
        }
        
            
            
            
//session_start();
            //$_SESSION['valid'] = 1;
            //$_SESSION['user'] = $username; 
Reply With Quote
Sponsored Links
  #2  
Old 19th January 2012, 08:04
Blackbit Blackbit is offline
Junior Member
 
Join Date: Feb 2011
Posts: 11
Thanks: 3
Thanked 4 Times in 3 Posts
Default

$sql = "SELECT username, password FROM faculty WHERE username = $user AND password = $pass";

If you don't put the variables in the SQL-Statements into quotes, they are used as column names. It should be something like this:

$sql = "SELECT username, password FROM faculty WHERE username = \"$user\" AND password = \"$pass\"";
Reply With Quote
  #3  
Old 29th April 2012, 17:01
nicephotog nicephotog is offline
Junior Member
 
Join Date: Nov 2008
Location: Australia
Posts: 19
Thanks: 0
Thanked 2 Times in 2 Posts
Default

$sql = "select username,password from faculty where (username=\"".$user."\" && password=\"".$pass."\")";

I find symbols prevent ambiguation with the query words
absolute on the quotes too.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
DNS Lookups kieron General 4 4th May 2011 19:49
Cannot login to phpmyadmin penkku HOWTO-Related Questions 1 24th February 2011 09:26
Step by step email setup for domain & clients aurasdoom Installation/Configuration 17 19th January 2010 12:25
postfix: "unknown user" with mysql auth. Kruser Server Operation 3 18th June 2009 18:20
Rejected e-mail (unknown user) w/Postfix doronkeller HOWTO-Related Questions 9 27th January 2008 20:09


All times are GMT +2. The time now is 19:02.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.