The following script is supposed to validate a username and password in a mysql
db. When entering the username and password of a preregistered user, I get the
following errors:
Warning: mysql_num_rows(): supplied argument is not a valid MySQL result
resource in /var/www/login.php on line 24
On Fri, 2010-02-19 at 00:30 -0800, David Hutto wrote:
The following script is supposed to validate a username and password in a
mysql db. When entering the username and password of a preregistered user, I
get the following errors:
Warning: mysql_num_rows(): supplied argument is not a
--- On Fri, 2/19/10, Ashley Sheridan a...@ashleysheridan.co.uk wrote:
From: Ashley Sheridan a...@ashleysheridan.co.uk
Subject: Re: [PHP] Login Script: mysql_num_rows(): supplied argument is not a
valid MySQL result resource
To: David Hutto dwightdhu...@yahoo.com
Cc: php-general@lists.php.net
On Jan 5, 2008 11:50 AM, Reese [EMAIL PROTECTED] wrote:
Daniel Brown wrote:
Do you expect the value of $key in this condition to be a literal zero?
$twoyears = array('alphanumeric_code1', 'alphanumeric_code2',
'alphanumeric_code3', 'alphanumeric_code4',
Daniel Brown wrote:
if(!isset($key=='1')) //caused parse error
That's because isset() isn't able to eval() an expression.
Got it, I see the mistake now.
Remove the !isset() part, or the =='1' part and that will remove
the parse error.
I changed it to if(!isset($key)) and
that the programmer isn't seeing for whatever reason. Does
anyone see anything obviously wrong in the code below?
I've obscured the actual server domain name, login, passwords, and some
path statements. Watch for line wraps.
Reese
--
?php
//
//login script, invoked by all premium content pages via GET
On Jan 4, 2008 9:54 AM, Reese [EMAIL PROTECTED] wrote:
Greetings,
I've been lurking for several weeks, I thought I'd post to describe
a problem I've been having in the hope that a solution can be found.
And my thanks to Casey, for his offlist assistance with another,
unrelated issue earlier
Web Design Company wrote:
Someone?
Me31!1!1ONE
Please, if you do not need amplifying information or if you do
not intend to pose a suggestion, it is better to remain silent.
I wasn't helped by your Someone? post, no one else was either.
Reese
--
PHP General Mailing List
Someone?
-
http://ooyes.net Web design company | http://ooyes.net Graphic design
company | http://ooyes.net Outsourcing company
--
View this message in context:
http://www.nabble.com/Login-script-problem-tp14618073p14618942.html
Sent from the PHP - General mailing list archive at
Daniel Brown wrote:
[snip=all]
Reese,
While I noticed several areas for improvement in the code (such as
being sure to exit; after calling header(Location: ); ), two
things primarily come to mind:
Do you expect the value of $key in this condition to be a literal zero?
On Jan 4, 2008 11:55 AM, Reese [EMAIL PROTECTED] wrote:
Web Design Company wrote:
Someone?
Me31!1!1ONE
Please, if you do not need amplifying information or if you do
not intend to pose a suggestion, it is better to remain silent.
I wasn't helped by your Someone? post, no one else was
available please help me try
that.
Thanks,
Chris
--
View this message in context:
http://www.nabble.com/php-Login-script-issue-tf4450691.html#a12698139
Sent from the PHP - General mailing list archive at Nabble.com.
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http
On 9/16/07, Chris Carter [EMAIL PROTECTED] wrote:
Hi,
Its just a login and password validation that I am trying to achieve. If the
username is correct then the person is able to view certain page, if
incorrect then he is directed elsewhere.
?
$userid=mysql_real_escape_string($userid);
@lists.php.net
Subject: [PHP] php Login script issue
Hi,
Its just a login and password validation that I am trying to achieve. If the
username is correct then the person is able to view certain page, if
incorrect then he is directed elsewhere.
?
$userid=mysql_real_escape_string($userid);
$password
'))){
if(($rec['userName']==$userName)($rec['password']==$password))
bastien
Date: Sun, 16 Sep 2007 02:39:57
-0700 From: [EMAIL PROTECTED] To: php-general@lists.php.net Subject: [PHP]
php Login script issue Hi, Its just a login and password validation
Hi All,
Having a grey brain moment here and need some advise on the logic of
this, should be simple, login script.
I am checking validity of
customer number
customer email
customer password (md5 in mysql)
So i have my form with relevant fields
Now i am getting problems with either sql or
- Original Message -
From: Dave Carrera [EMAIL PROTECTED]
Hi All,
Having a grey brain moment here and need some advise on the logic of this,
should be simple, login script.
I am checking validity of
customer number
customer email
customer password (md5 in mysql)
So i have my form
Dave Carrera wrote:
Hi All,
Having a grey brain moment here and need some advise on the logic of
this, should be simple, login script.
I am checking validity of
customer number
customer email
customer password (md5 in mysql)
So i have my form with relevant fields
Now i am getting problems
Hi Stut,
I think i have found where i am going wrong.
Its in the comparison login for the db result.
So i select * from jfjfjfjf where custno=$_POST[number]
But now i am getting messed up with if cust no not found then all i get
is a blank page but hoping for an error
And i dont think
On p, 2007-02-02 at 12:10 +, Dave Carrera wrote:
Hi Stut,
I think i have found where i am going wrong.
Its in the comparison login for the db result.
So i select * from jfjfjfjf where custno=$_POST[number]
But now i am getting messed up with if cust no not found then all i get
Stut wrote:
I'm not totally clear what the question was in there. Personally I keep
this simple...
?php
$_POST['number'] =
(isset($_POST['number']) ? trim($_POST['number']) : '');
$_POST['email'] =
(isset($_POST['email']) ? trim($_POST['email']) : '');
if
On Fri, February 2, 2007 5:19 am, Dave Carrera wrote:
Having a grey brain moment here and need some advise on the logic of
this, should be simple, login script.
I am checking validity of
customer number
customer email
customer password (md5 in mysql)
So i have my form with relevant
On Fri, February 2, 2007 5:33 am, Satyam wrote:
In login scripts you usually don't tell which part of the login is
wrong,
otherwise, you are hinting at what is right. Once the customer is
logged
in, you are right to be as helpful as possible, but until the customer
proves who he/she is, you
If you are splicing $_POST directly into your SQL, you are DEFINITELY
doing it wrong, but not in the way that you think.
Start reading here:
http://phpsec.org
On Fri, February 2, 2007 6:10 am, Dave Carrera wrote:
Hi Stut,
I think i have found where i am going wrong.
Its in the
On Fri, February 2, 2007 7:05 am, Jürgen Wind wrote:
// Set up the session here, or however you're tracking the
// current customer/user/whatever
header('Location: /somewhere_else');
?
Hope that helps.
-Stut
be aware that you need a session_write_close(); before
header('Location...
Richard Lynch wrote:
And using a re-direct instead of an include is a shocking waste of
HTTP resources imho, but that may not matter if traffic is low.
I generally redirect there because on occasion the login process does
stuff like clear out potentially pre-existing session data from another
Hello,
I have a couple of questions
first how do I check two tables is it?
$sql = SELECT * FROM mytable, mytable2 WHERE username = '$username' AND
userpass = '$userpass';
Secondly my table just sends and returns straight values from the db but I
expect some kind of encription is required.
Ross wrote:
first how do I check two tables is it?
$sql = SELECT * FROM mytable, mytable2 WHERE username = '$username' AND
userpass = '$userpass';
That depends on what you are trying to achieve. Your example makes no
sense at all. What are you trying to get from each table? How are they
On 15/08/06, Ross [EMAIL PROTECTED] wrote:
Hello,
I have a couple of questions
first how do I check two tables is it?
$sql = SELECT * FROM mytable, mytable2 WHERE username = '$username' AND
userpass = '$userpass';
Secondly my table just sends and returns straight values from the db but I
I would hope that MD5 hashing is MD5 hashing no matter where it
originates. However, I think it's better to use the database server's
implementation. I believe it is less likely to be changed in future
versions, and it removes some processing time from the front end.
Additionally, if you ever
On Tue, August 15, 2006 5:37 am, Ross wrote:
I have a couple of questions
first how do I check two tables is it?
You probably should not have 2 tables at all.
Both username and password would normally be stored in a single record
in the same table
CREATE TABLE user (
user_id int(11)
On Tue, August 15, 2006 5:51 am, Dave Goodchild wrote:
I think the php and mysql md5 functions differ but I may be wrong!
You are wrong. :-)
The whole point of MD5 is that MD5 is MD5, no matter where you go.
Even ASP MD5 is the same as PHP MD5.
Except it probably sucks for being too slow or
Could anyone let me know or point me to where I could find out how to setup
a login for my php site. I've been looking around and found plenty of stuff
for PHP/Apache, but nothing for just PHP.
Any help or info about this would be appreciated.
Thanks,
Chuck
--
PHP General Mailing List
Chuck wrote:
Could anyone let me know or point me to where I could find out how to setup
a login for my php site. I've been looking around and found plenty of stuff
for PHP/Apache, but nothing for just PHP.
You need to store user information somewhere and apache .htpasswd files
and mysql
Chuck [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Could anyone let me know or point me to where I could find out how to
setup
a login for my php site. I've been looking around and found plenty of
stuff
for PHP/Apache, but nothing for just PHP.
Any help or info about this would
Hey Brian,
how about something like this, just change the session info to cookies
if you want?
?
session_start();
## get db connection
Require_once('../conf/Systemconfig.inc.php');
## Disable DOS Attacks
if ($_SERVER['HTTP_USER_AGENT'] == || $_SERVER['HTTP_USER_AGENT'] ==
-) {
die();
}
//
Thanks for all the suggestions guys, I took your advice and currently
have a working login script (hopefully :) ). If I have any more
problems I'll be sure to ask you, it's nice to know that there's a place
I can always go for questions.
Thanks,
Brian
--
PHP General Mailing List
While I know there are many scripts out there, and have spent many hours
looking through them, I am having trouble finding a login script that
fits my needs. I am looking for the following:
A MySQL-based login system that doesn't use Pear :: DB. All I would
like is for it to support cookies
[snip]
While I know there are many scripts out there, and have spent many hours
looking through them, I am having trouble finding a login script that
fits my needs. I am looking for the following:
A MySQL-based login system that doesn't use Pear :: DB. All I would
like is for it to support
Well I already have a db with username/password fields, etc. I'm just
looking for code for a login page and a file to include at the top of
each page for auth.
Jay Blanchard wrote:
[snip]
While I know there are many scripts out there, and have spent many hours
looking through them, I am having
[snip]
Well I already have a db with username/password fields, etc. I'm just
looking for code for a login page and a file to include at the top of
each page for auth.
[/snip]
a. do not reply off-list unless asked, your question may not receive the
attention it needs
2. You do know basic PHP,
Hello Brian,
Take a look at setcookie() in the PHP manual. The algorithm is pretty
simple. Once the user submits the form, you compare form data with the
data in the database. If the password matches, then set a cookie with
the username (using setcookie()). Then you'll just have to check if the
[snip]
a. do not reply off-list unless asked, your question may not receive the
attention it needs
[/snip]
Sorry, I got the email before the board post so I assumed you were only
replying off-list.
[snip]
2. You do know basic PHP, correct? Create a page that accepts a username
and password.
Brian Krausz [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
[snip]
a. do not reply off-list unless asked, your question may not receive the
attention it needs
[/snip]
Sorry, I got the email before the board post so I assumed you were only
replying off-list.
[snip]
2. You do
[snip]
a. do not reply off-list unless asked, your question may not receive the
attention it needs
[/snip]
Sorry, I got the email before the board post so I assumed you were only
replying off-list.
[snip]
2. You do know basic PHP, correct? Create a page that accepts a username
and
On Tuesday 20 July 2004 03:24, Brian Krausz wrote:
While I know there are many scripts out there, and have spent many hours
looking through them, I am having trouble finding a login script that
fits my needs. I am looking for the following:
A MySQL-based login system that doesn't use Pear ::
I'm looking for some good, secure login code, and found the following
article:
http://www.devshed.com/c/a/PHP/Creating-a-Secure-PHP-Login-Script/
Not being much of a security expert, I was wondering if anyone here
could say whether this code is any good? Or if there's a better one
elsewhere
Hay people.
This is my code below ...
?php
requireconfig.php;
// IS THERE A USERNAME AND PASSWORD?
if (!$siteUserName || !$sitePassword) {
// NO INFO FOUND!
header(Location: /undercover.php?startWeb=error_401sid=$siteSession);
end;
} else {
//CHECK IF USER AND PASS MATCH.
--- Master Mark [EMAIL PROTECTED] wrote:
Is HTTP auth better than HTML?
In my opinion, no. Handling authentication in your application is a much better
choice for numerous reasons (although HTTP authentication has its place and can
be very useful).
Chris
=
Become a better Web developer
Sounds good (o;
I find it easyer to work with HTML auth anyway.
/ Mark
- Original Message -
From: Chris Shiflett [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; PHP [EMAIL PROTECTED]
Sent: Thursday, July 24, 2003 4:06 PM
Subject: Re: [PHP] Login Script and Global Registering Things
hey guys,
I was wondering if you can see why i cant insert the info into a table,
right now its
Warning: Cannot add header information - headers already sent by (output started at /home/virtual/site12/fst/var/www/html/Create_Account.php:8) in
PROTECTED]]
Sent: Monday, 20 January 2003 1:59 PM
To: php
Subject: [PHP] login script fix help needed
hey guys,
I was wondering if you can see why i cant insert the info into a table,
right now its
Warning: Cannot add header information - headers already sent by (output
started at /home
--- Karl James [EMAIL PROTECTED] wrote:
Warning: Cannot add header information - headers already
sent by (output started at
/home/virtual/site12/fst/var/www/html/Create_Account.php:8)
in
/home/virtual/site12/fst/var/www/html/Create_Account.php
on line 10
This means you have something on line
I made a simple login script which uses MySQL for username and password
retrieval and that stores the username in a session, the problem is that
this script only works locally, e.g. I can only login from this computer but
not from any other, I have session.use_cookies = 1 and I also have another
More information is needed... what version of PHP are your running? I bit
of sample code on how you set up your sessions would also be helpful...
/dkm
- Original Message -
From: Hawk [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, January 15, 2002 11:19 AM
Subject: [PHP] Login
Lo all,
I am trying to get the following script to work..
?
if ($HTTP_POST_VARS[action] == 1)
{
checklogin($HTTP_POST_VARS[user_name], $HTTP_POST_VARS[password]);
exit;
}
function checklogin($user, $pass)
{
$sid (login($user, $pass));
if ($sid != -1)
{
Line 10 is?
$sid (login($user, $pass)); --- missing =
-Original Message-
From: Necro [mailto:[EMAIL PROTECTED]]
Sent: Friday, December 21, 2001 1:40 PM
To: [EMAIL PROTECTED]
Subject: [PHP] Login Script
Lo all,
I am trying to get the following script to work..
?
if ($HTTP_POST_VARS
This is your problem -- what do you expect this line to do?
$sid (login($user, $pass));
Bogdan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail:
58 matches
Mail list logo
