I have tried like 3 people's code (well one from me, and 2 others) and they are all basically the same and they all are working fine except that when I tried to log in it won't work, it just goes straight to the error bad login. So here is my code, see if you can find the problem:


<?php
$username = "hjkhjk";
$password = "hjkhjk";
$database = "hjkhjk";
$hostname = "hjkhjk";

//connection to the database
$handle = mysql_connect($hostname, $username, $password, $database)
or die("");
echo "";

//select a database to work with
$selected = mysql_select_db("hjkhjk",$handle)
or die("Could not select dhjkhj");

session_start();
$username = $_POST[‘username’];
$password = md5($_POST[‘password’]);

$query = “select * from users where username=’$username’ and password=’$password’”;

$result = mysql_query($query);

if (mysql_num_rows($result) != 1) {
$error = “Bad Login”;
include “login.html”;

} else {
$_SESSION[‘username’] = “$username”;
include “memberspage.php”;
}

?>

//connection to the database
$handle = mysql_connect($hostname, $username, $password)
or die("");
//select a database to work with
$selected = mysql_select_db( $database ,$handle)
or die("Could not select " . $database);
</SPAN>



$query = “select * from users where username=’$username’ and password=’$password’”;

$result = mysql_query($query);
//try to echo the numrows first to see what we have, delete the next line after
echo mysql_num_rows( $result );
//you should only have one record in the database so you can use the < operator
if (mysql_num_rows($result) < 1) {
$error = “Bad Login”;
include “login.html”;

} else {
$_SESSION[‘username’] = “$username”;
include “memberspage.php”;
}
</SPAN>

so what am I changing? I am now just getting a blank page with bad login

<?php
$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');
if (!$link) {
die('Could not connect: ' . mysql_error());
}
echo 'Connected successfully';
mysql_close($link);
?>

check out http://uk2.php.net/manual/en/function.mysql-connect.php for more info on how to do this though drummer.


<?php

$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');
if (!$link) {
die('Not connected : ' . mysql_error());
}

// make foo the current db
$db_selected = mysql_select_db('foo', $link);
if (!$db_selected) {
die ('Can\'t use foo : ' . mysql_error());
}
?>

and here's the select db http://uk2.php.net/manual/en/function.mysql-select-db.php


If I might add though, some of the single/double quotes in your posted code look like dodgy microsoft extended character set symbols, so it might be worth replacing these with the standard ones and see if that makes any difference before you hit these two links.


Hope this all helps anyway.

Yeah, I fixed all the single/double quotes. That fixed some problems. So What is wrong with the way I am connecting to the database? That's what I always use and it always works.

hmmmmmm......

if you don't mind me asking mate, what server provider are you with for this job?

I know with mediatemple you need to specify internal and external database connections, so that, say if you're deving on localhost, or maybe hitting the db from another server you can allow by ip.

is it actually connecting for you (ie are either of the "die"'s firing on connection) or is there maybe any syntax that's wrong...

Also, as a sub point, never trust mysql_num_rows unless you've done a SELECT TOP 100% (think that might be standard SQL, but a selection of the range might help here) instead of the num_rows function maybe try just doing...


$query = getUser('whatever your query might be here');
$result = mysql_query($query) or die(mysql_error() . " ------ " . $query);

$foundUser = false;

while ( $row = mysql_fetch_array($result) ) {

$foundUser = true;

}

if ($foundUser){

echo "success";

}

Hope you find a solution anyway man.

It think it is something with the PHP. I have always been able to connect and put and retreive data into the database. This is the first time I have tried making a login feature.

I am using phpmyadmin with a service called 1and1.com
For some reason, I added some code that you guys said I should add, and still it is reloading to the login page again like it should if the username and password aren't correct. I know what the username and password is for the test user to log in, and it is not working. Can you guys help me anymore. Hopefully I can get this thing to work eventually!


<?php
$username = "hgjghj";
$passworddb = "ghjghj";
$database = "db274302009";
$hostname = "db1860.perfora.net:/tmp/mysql5.sock";
//connection to the database
$handle = mysql_connect($hostname, $username, $passworddb, $database)
or die("");
echo "";
//select a database to work with
$selected = mysql_select_db($database,$handle)
or die("Could not select database");
session_start();
$username = $_POST[‘username’];
$password = md5($_POST[‘password’]);
$query = "select * from users where username='$username' and password='$password'";
$result = mysql_query($query) or die(mysql_error() . " ------ " . $query);

$foundUser = false;

while ( $row = mysql_fetch_array($result) ) {

$foundUser = true;

}

if ($foundUser)
{
$_SESSION['username'] = "$username";
include "memberspage.php";
echo "success";
}
else
{
include "login.php";
}
?>

<?php
$username = "hgjghj";
$passworddb = "ghjghj";
$database = "db274302009";
$hostname = "db1860.perfora.net:/tmp/mysql5.sock";
//connection to the database
$handle = mysql_connect($hostname, $username, $passworddb, $database)
or die("");
echo "";
//select a database to work with
$selected = mysql_select_db($database,$handle)
or die("Could not select database");
session_start();
$username = $_POST[‘username’];
$password = md5($_POST[‘password’]);
$query = "select * from users where username='$username' and password='$password'";
$result = mysql_query($query) or die(mysql_error() . " ------ " . $query);

echo "<h1>" . $query . "</h1>";
//ADD THIS LINE

$foundUser = false;

while ( $row = mysql_fetch_array($result) ) {

$foundUser = true;

}

if ($foundUser)
{
$_SESSION['username'] = "$username";
include "memberspage.php";
echo "success";
}
else
{
include "login.php";
}
?>

It would appear you still have those dodgy quote marks in your script, so maybe take those out and see if your $_POST requests get through then.


$username = $_POST['username'];
$password = md5($_POST['password']);

okay. So the information is in the database and the the PHP is connecting to the database. But the PHP is still not grabing the information I guess.

What does the $founduser do?

$founduser is just a boolean variable to check whether the while loop ever fires, assuming the db finds the info you're looking for.

did you echo out the $query like I said?

what does it say, and whatever it does say, have you tried posting that back into the SQL box of phpmyadmin to see if you actually get a recordset back from said query...?

I have entered the query (and i saw it on the line you wanted me to add) into the database and it all comes back okay. It's just the php code i think?!?!

okay. The problem was the md5 on the password. I took it off and now it works like a charm!

glad to hear you managed to get this sorted out yourself brandon.

nice folio by the way mate.

take care!