Jump to content
xisto Community
Sign in to follow this  
AlternativeNick

Script Not Working :s mysql errors

Recommended Posts

process_login.php: Process the login.<?$host = "localhost";// the host that u are connecting$username = "root";// user name  $password = "";   // passworld  $basedatos = "forum"; //Dont change this1. $db = mysql_connect($host, $username, $password);mysql_select_db($basedatos, $db);  $user= $_REQUEST['username'];$pass= md5($_REQUEST['password']);$query1= "SELECT * FROM smf_members WHERE memberName='$user'";$mkquery= mysql_query($query1,$db);$row1= mysql_fetch_assoc($mkquery);if ($row1['memberName'] == $user) {if ($row1['passwd'] == $pass) {/* I seted them to 1 hour duration of login. If you want you can change it. */setcookie("altuser",$user,time()+3600);setcookie("altpass",$pass,time()+3600);?><script language="javascript">alert("Login correct, redirecting to main page.")location.href= "URL OF MAIN PAGE";</script><?}else {echo "The password is incorrect.";}}else {echo "The user doesnt exist.";}compare_us.php: This page MUST be included in the pages that u want to check access...<?$host = "localhost";// the host that u are connecting$username = "root";// user name  $password = "";   // passworld  $basedatos = "forum"; //Dont change this1. $db = mysql_connect($host, $username, $password);require_once("dbconnect.php");mysql_select_db($basedatos, $db);  if(isset($HTTP_COOKIE_VARS['altuser']) && isset($HTTP_COOKIE_VARS['altpass'])) {$user= $HTTP_COOKIE_VARS['altuser'];$pass= $HTTP_COOKIE_VARS['altpass'];$query1= "SELECT * FROM smf_members WHERE memberName='$user'";$mkquery= mysql_query($query1,$db);$row1= mysql_fetch_assoc($mkquery);if ($row1['memberName'] == $user) {if ($row1['passwd'] == $pass){$loginok= true;}else {$loginok= false;echo "The password is bad. Login again please.";}}else {$loginok= false;echo "Something is wrong... The user doesnt exist?...";}}?>Finally... This finishes... To see if the user is loged in you only need to do:<?require_once("compare_us.php");if ($loginok == true) {?>HTML HERE<?}else {echo "You must login to do that...";}?>

Thats the code up there ^^ a friend wrote it for me, and weve tried multiple ways of accomplishing this, but it just doesnt work.

This is the error im getting :

Warning: mysql_fetch_assoc(): supplied argument is not a valid MySQL result resource in /home/altscr/public_html/scriptdev/process_login.php on line 12

Share this post


Link to post
Share on other sites

Yes it could be that there are no rows but at the php manual it ays it will just return a false value if there are no more rows. i assume this is true if there are no rows atall also.

I would do some error checking to make sure that the query is going through perfectly, i see no reason why not but its good just to make sure that the error is definately coming from the right place
Just add

or die (mysql_error(););

after performing the query and selecting the DB just to make sure that valid parameters are being used by fetch_assoc. Another way to do this would be using the mysql_fetch_array(); function. They both do the same thing but ive never had problems with fetch_array so i personally find it easier to use, but you might not, its just an idea.

If there are no other errors in the code then im not sure what to say but you can always search the php manual online (just google the function youre after and youll get the website within the first 3 or 4 results normally). And good luck! Its tedious when things like this happen!

Share this post


Link to post
Share on other sites

If you are using a MySQL version less than 5, this is the problem:

$query1= "SELECT * FROM smf_members WHERE memberName='$user'";

 

In MySQL < 5 you need to enclose the table name in ` like this:

$query1= "SELECT * FROM `smf_members` WHERE memberName='$user'";

 

If that isn't the problem you could just try to bypass the mysql_fetch_assoc comparison by using a number comparison instead I.E.:

 

...$userexist = @mysql_num_rows($query)if ($userexist == 1){$query = @mysql_query("SELECT passwd FROM `smf_members` WHERE memberName='$user'")or die('Could not complete query: ' . mysql_error());$passcheck = @mysql_num_rows($query)if ($passcheck > 0){...

Share this post


Link to post
Share on other sites

If you are using a MySQL version less than 5, this is the problem:

$query1= "SELECT * FROM smf_members WHERE memberName='$user'";

 

In MySQL < 5 you need to enclose the table name in ` like this:

$query1= "SELECT * FROM `smf_members` WHERE memberName='$user'";

 


You don't need to do that in any version of MySQL - although you can, and it may be considered more 'correct' by some, there is absolutely no requirement to enclose table names in `.

 

The error just means that the query returned no values, as has been suggested. Simply add an conditional check, and it should work fine, such as:

 

if( $mkquery && @mysql_num_rows($mkquery) > 0 )

Also, you are not sanitizing the user input at all, allowing for the possibility of injection - eg. putting ' OR 1=1 in the username field.

Share this post


Link to post
Share on other sites

Kind of an old topic, but if anyone else has this error, i'll explain what it means. It basicly means it cannot find the table. So login to phpmyadmin and actualy check if the table is there. And if the table isn't there you will need to create it, but that is a whole different story so I won't go into it. If it does exist, well I don't know in that situation. :P

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.