On Aug 28, 2007, at 10:21 AM, Daniel Brown wrote:
On 8/28/07, Jason Pruim <[EMAIL PROTECTED]> wrote:
On Aug 28, 2007, at 10:03 AM, Daniel Brown wrote:
On 8/28/07, Jason Pruim <[EMAIL PROTECTED]> wrote:
[snip]
$sql = "SELECT * FROM users WHERE user='".$user."' AND
pass='".$pass."' LIMIT 0,1;";
$result = mysql_query($sql) or die("Wrong data supplied or
database error");
while($row = mysql_fetch_array($result)) {
Sounds to me like you're not getting through the while() clause,
meaning that there's no matching rows in the database.
$sql = "SELECT * FROM login WHERE loginid='".$user."' AND
email='".$pass."' LIMIT 0,1;";
Is the password they supply in the `email` column of the
database?
Yes it is... For now... I am just using test/test and I had a field
named password in the database but thought that was messing it up, so
I dropped that field and currently I am just using the e-mail field
as a password.
Once it works I'll change the field to a more appropriate selection
with MD5 hashing, and maybe even a little salt in the hash. (Gotta
add the flavor!)
--
Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424
www.raoset.com
[EMAIL PROTECTED]
If you have phpMyAdmin installed on that server, J, try using the
"search" tab to see if you can find that user/email combination in the
database using = and not LIKE.
Perhaps there's a whitespace or something of the like that's
causing it to return zero rows.
Also, try doing this after the $result = mysql_query($sql); line:
die("Number of rows returned by MySQL: ".mysql_num_rows
($result));
I don't have phpMyAdmin installed, never saw the need to... But I'll
look into it in the future.
And after adding the die that you recommended, you were right, it
wasn't returning any rows. So... I did some checking and it's amazing
sometimes that you can't see the trees through the forrest.... a
simple $user =$_POST['user']; and $pass=$_POST['pass']; and all is
well. It logs into the page, now I just need to fine tune it since it
doesn't like to display the actual database now, but that's something
I should be able to figure out.
One other question, to logout, can I just call a file that has
session_destroy() and a header("Location: ???"); in it? Or should I
do something else for logging out?
Thanks again! Without your help... I wouldn't be able to do this!
--
Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424
www.raoset.com
[EMAIL PROTECTED]
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
