Re: [nyphp-talk] MySQL Monitor V PHP & MySQL

Sat, 22 Sep 2007 09:22:13 -0700 

Hi everybody
I have implemented all the suggested changes and still cannot get it to work maybe it is time to just hand over the code to see if anybody can see what I am doing wrong. 

What I am trying to do is get the value of ACCESS_CODE

Paul


----- Original Message ----- 
From: "Rick Retzko" <[EMAIL PROTECTED]>

To: "'NYPHP Talk'" <talk@lists.nyphp.org>
Sent: Saturday, September 22, 2007 3:57 PM
Subject: RE: [nyphp-talk] MySQL Monitor V PHP & MySQL



Two errors that I can find:

1. You're missing the 'WHERE' key word in your SQL: $sql = "SELECT
access_code
       FROM authorised_users
       user_id = '$userid' AND
       user_password = '$password' AND
       account = '$account'";
should be:
$sql = "SELECT access_code
       FROM authorised_users
       WHERE user_id = '$userid' AND
       user_password = '$password' AND
       account = '$account'";

2. Your mysql_num_rows is misspelled (Yours is mysql_numrows) making the
subsequent 'if' statement FALSE.

Hope this helps


Rick

-----Original Message-----

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
On

Behalf Of PaulCheung
Sent: Friday, September 21, 2007 3:47 PM
To: talk@lists.nyphp.org
Subject: [nyphp-talk] MySQL Monitor V PHP & MySQL

I have researched, checked and tried everything I can think of and still
cannot get it to work.

when using MySQL monitor  the following works
=================================

SELECT access_code FROM authorised_users WHEN user_id  =  'Nancy' AND
user_password = 'qwerty' AND account = '48572998';

Access_code is displayed = 11966552

When using PHP & MySQL ($userid='Nancy',  $user_password='qwerty',
$account='48572998')
====================
<?PHP session_start(); ob_start(); PHP?>
<HTML><HEAD><TITLE>auth</TITLE></HEAD>
<FORM action="X.php" id="primary" method="post"> <BODY> <?PHP
$userid   = $_POST['user'];
$password = $_POST['passcode'];
$account  = $_POST['account'];
$self     = $_SERVER['PHP_SELF'];
$referer  = $_SERVER['HTTP_REFERER'];
$access_code = $access_code - $access_code;

/* FOR TEST ONLY */
echo ("user id = " . $userid . "<br>");

echo ("password = " . $password .  "<br>"); echo ("account = " . $account 
.

"<br>"); echo ("self = " . $self . "<br>");

/* VALIDATE FOR BLANK INPUT FIELD */
if( ( !$userid ) or ( !$password ) or (!$account) ) { header(
"Location:$referer" ); exit(); } /*CONNECT TO MYSQL  */
[EMAIL PROTECTED]( "localhost", "paul", "enter" )
  or die( "Could not connect" );
/* CONNECT TO DATABASE */
$rs = @mysql_select_db( "test_db", $conn )
 or die( "Could not select database" );

$rs = @mysql_select_db( "test_db", $conn ) or die( "Could not select
database" );

$sql = "SELECT access_code
       FROM authorised_users
       user_id = '$userid' AND
       user_password = '$password' AND
       account = '$account'";

$rs = mysql_query( $sql, $conn )  or die( "Could not execute query" );

$num = mysql_numrows( $rs );

if( $num != 0 )
{ $access_code = access_code;
  echo ("testcheckpoint - Welcome - your log-in succeeded!" . "<br>");
  echo ("testcheckpoint - accesscode = " . access_code . "<BR>");
  echo ('testcheckpoint - $accesscode = ' . $access_code . "<BR>"); } else
{ echo (" test checkpoint statement 55 " . "<br>");
  header( "Location:$referer" );
  exit(); }

===========================================
this is what is returned from the test

user id = Nancy
password = qwerty
account = 48572998
self = /tp_orth.php
conn = Resource id #2
sql = SELECT access_code FROM authorised_users WHERE user_id = 'Nancy' AND
user_password = 'qwerty' AND account = '48572998'
access = 0
Welcome - your log-in succeeded!
testcheckpoint - accesscode = access_code testcheckpoint - $accesscode =
access_code

I am trying to get the Access_code and cannot see what I am doing wrong

P






_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk

NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com

Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php

_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk

NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com

Show Your Participation in New York PHP

http://www.nyphp.org/show_participation.php 

<?PHP session_start(); ob_start(); PHP?>
<HTML><HEAD><TITLE>VALIDATE USER</TITLE></HEAD>
<FORM action="tp_orth.php" id="primary" method="post">
<BODY>
<CENTER>
                <H3>USER VALIDATION</H3></CENTER>
                <HR>
<CENTER><TABLE><TBODY>
               <TR><TD>USER NAME:</TD><TD align=left>
                   <INPUT maxLength=45 size=50 name="user"></TD></TR>
               <TR><TD>PASSWORD:</TD><TD align=left>
                   <INPUT maxLength=50 size=50 name="passcode"></TD></TR>
               <TR><TD>ACCOUNT NUMBER: </TD><TD align=left>
                   <INPUT maxLength=50 size=50 name="account"></TD></TR>
</TABLE></CENTER>
<CENTER><input value="LOG ME IN" type="submit"></CENTER>
<BR><BR><HR>
<CENTER><B>PAUL CHEUNG</B></CENTER>
</FORM></BODY></HTML>



<?PHP session_start(); ob_start(); PHP?>
<HTML><HEAD><TITLE>auth</TITLE></HEAD>
<FORM action="X.php" id="primary" method="post">
<BODY>
<CENTER>
               <H1>FROM INNER GUARD</H1>
                <H2>CANDIDATE</H2>
                <H3>USER VALIDATION</H3></CENTER>
                <HR>
<?PHP
$userid   = $_POST['user'];
$password = $_POST['passcode'];
$account  = $_POST['account'];
$self     = $_SERVER['PHP_SELF'];
$referer  = $_SERVER['HTTP_REFERER'];
$access_code = $access_code - $access_code;

echo ("user id = " . $userid . "<br>");
echo ("password = " . $password .  "<br>");
echo ("account = " . $account . "<br>");
echo ("self = " . $self . "<br>");

# if any form field is empty return to the log-in page
if( ( !$userid ) or ( !$password ) or (!$account) )
{ header( "Location:$referer" ); exit(); }

#connect to MySQL
[EMAIL PROTECTED]( "localhost", "paul", "enter" )
                 or die( "Could not connect" );
/* select the specified database  */
$rs = @mysql_select_db( "test_db", $conn )
                or die( "Could not select database" );

#create the query
$sql = "SELECT access_code

       FROM authorised_users 
       WHERE user_id = '$userid'

       AND user_password = '$password'
       AND account = '$account'";

       
echo ("conn = " . $conn . "<br>");

echo ("sql = " . $sql . "<br>");

/*execute the query */

$rs = mysql_query( $sql, $conn ) 
		or die( "Could not execute query" );


#get number of rows that match username and password
$num = mysql_num_rows( $rs );

#if there is a match the log-in is authenticated

if( $num != 0 )
{
echo ( "Welcome - your log-in succeeded!" . "<br>");
$access_code = $rs['access_code'];
echo ('access_code = ' . $rs['access_code'] . "<BR>");

echo ('$access_code = ' . $access_code . "<BR>");
}
else
{
 echo (" statement 63 " . "<br>");
header( "Location:$referer" ); exit();
}
?>
 </body>
</html>

_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk

NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com

Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php





















					Reply via email to