Everybody! This is important. In a few days, these forums will be moving over to using the totally sweet Discourse platform. To ensure this migration happens smoothly with no loss of content, these forums are currently in a read-only mode. I do apologize for the inconvenience.

There is never a good time to turn the forums off for an extended period of time, but I promise the new forums will be a billion times better. I'm pretty sure of it.

See you all on the other side in a few days, and if you have any (non-technical) questions, please e-mail me at kirupa@kirupa.com. For technical questions, try to find a tutorial that corresponds to what you are looking for and post in the comments section of that page.

Cheers,
Kirupa

Results 1 to 3 of 3

Thread: php or die problem

  1. #1

    php or die problem

    I have a login form that submits to an authorization page that makes sure the user is in the database and creates the session. All of the login features work fine except I realized today when I entered my password wrong that the or die ("Name and password not found or not matched"); part after the mysql query is not working. If I enter the wrong password it just shows me a blank white page without my text or a php error.

    Here's the code for the authorization page. Any help is great. Thanks!!
    Code:
    <?php
    
    session_start();
    
    if(isset($_POST['submit'])){
    
    // *** The text input will come in through the variable $_POST["captcha_input"],
    //    while the correct answer is stored in the cookie $_COOKIE["pass"] ***
    if ($_POST["captcha_input"] == $_SESSION["pass"]){
    
    $ip = $_SERVER[REMOTE_ADDR];  
    
    $conn = mysql_connect("***","***","***");
    $db = mysql_select_db("***");
    
    $PlayerName = mysql_real_escape_string($_POST["actname"]);
    $Password = mysql_real_escape_string($_POST["actpass"]);
    
     $result = mysql_query("SELECT * FROM players WHERE PlayerName='$PlayerName'and Password='$Password'") 
        or die ("Name and password not found or not matched");
    
    $worked = mysql_fetch_array($result);   
       
    $PlayerName = $worked[PlayerName];
    $Password = $worked[Password];
    
    if($worked)
    {
    $_SESSION['playername'] = $PlayerName;
    $_SESSION['password'] = $Password;
    $_SESSION['Authenticated'] = ***;
    $_SESSION['IP'] = $ip;
    
    $new = $worked[Lastlogin];
    $Time = time();
    
    session_write_close();
    
    if ($new = 0) {
    mysql_query("UPDATE players SET ip1='$ip', Lastlogin='$Time' WHERE PlayerName='$PlayerName'"); 
    header("Location: overview.php");
    }
    
    else{
    
    mysql_query("UPDATE players SET ip1='$ip', Lastlogin='$Time' WHERE PlayerName='$PlayerName'"); 
    
    header("Location: overview.php");
    }
    }
    mysql_close($conn);
    } 
    
    else {
    
        echo "Sorry, you did not pass the CAPTCHA test.<br><br>";
    
            echo "    - Please click back in your browser and try again <br><br>";
    
    }
    }
    
    if(isset($_GET['logout'])){
    session_destroy();
    header("Location: index.php");
    }
    
    
    ?>
    Last edited by FirePenguins; December 14th, 2007 at 09:52 PM.

  2. #2
    The mysql_query() or die() only dies when the query has an error - syntax errors, no database connection, etc. It will not die if it selected nothing, since that is not an error. You should use a mysql function to check how many rows were selected.
    If you notice this notice you will notice that this notice is not worth noticing.

    "Are you doing anything tonight? If not, how about me?"

    Opera Sucks! - FIX IT
    Oliver Zheng

  3. #3
    Thank you very much

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Home About kirupa.com Meet the Moderators Advertise

 Link to Us

 Credits

Copyright 1999 - 2012