7 {{ upvoteCount | shortNum }}
7 {{ upvoteCount | shortNum }}

PHP Login script help.

by fabeledlabel
6 replies
Hi all,

I'm a bit stuck with my login script right now. I'm trying to move most of what (was) a working script into a class function. Here we go.

Esentially, user enters in name and password via form. Then it is checked below

PHP Code:
if(isset($_POST['submit'])){

$user=$_POST['user']; 
$password=$_POST['password'];


//To ensure that none of the fields are blank when submitting the form if
if(isset($_POST['user']) && isset($_POST['password'])) 
    {    
    
    
$user stripslashes($user);
$password stripslashes($password); //<<For some protection use of the slashes
$db1=new dbmember();
$db1->openDB();           
$result=$db1->logcon($user$password);


if($result[0]==1)
{
    session_start();
    $_SESSION['user'] = $user;
    $_SESSION['password'] = $password;
    $_SESSION['loggedin'] = "true";
    header("location:index.php");
}
        else
        {
            print ('<div id="error">Acess denied, wrong username or password?</div>');
        }
        }
        else
            {
             print ('<div id="error">Enter something!</div>');
        }


Obviously, minus the form. Here's the function.

Code:
function logcon($user, $password )
{
    
   $esc_user = mysqli_real_escape_string($this->conn, $user);
   $esc_password = mysqli_real_escape_string($this->conn,$password);  
$sql = "SELECT ALL from USERS WHERE username  ='{$user}' AND password='{$password}'";
 $result = mysqli_query($this->conn, $sql);
 

              $login = mysqli_fetch_array($result); //<< Warning: mysqli_fetch_array() expects parameter 1 to be mysqli_result, boolean given
            return $login;
            }
So my question is, why would mysqli_query($this->conn, $sql); be resulting in a boolean, not a number? Any pointerss on setting this straight?
#login #php #script
  • Profile picture of the author dad2four
    If you go here....

    PHP: mysqli::query - Manual

    You will see....

    Returns FALSE on failure. For successful SELECT, SHOW, DESCRIBE or EXPLAIN queries mysqli_query() will return a mysqli_result object. For other successful queries mysqli_query() will return TRUE.

    So it can return a boolean.
    Signature
    {{ DiscussionBoard.errors[8354275].message }}
  • Profile picture of the author dad2four
    Also, you should never get back a number(I'm guessing you mean Integer). You should get back either a "mysqli_result object" or you should get a boolean.
    Signature
    {{ DiscussionBoard.errors[8354279].message }}
    • Profile picture of the author fabeledlabel
      Hi got it, seems my problem was with my SQL query. It was messing up causing an error to be moved down the code where I was focusing all my attention.

      So now I've cleared the error, but the login script is not accepting correct login credentials (wrong username) could I get a second opinion on why that might be happening?

      Thanks
      {{ DiscussionBoard.errors[8354398].message }}
      • Profile picture of the author dad2four
        SELECT ALL from USERS WHERE

        Should this be Select * from USERS WHERE......
        Signature
        {{ DiscussionBoard.errors[8354879].message }}
      • Profile picture of the author dad2four
        to go a step further, once you echo out your SQL you can run it directly on the DB and see what you get.

        The DB will provide you a better error message typically.

        It could be that your username is not populated because of your form and/or your get of the value from the form. Or it could be that "all" that's throwing an error.
        Signature
        {{ DiscussionBoard.errors[8354891].message }}
  • Profile picture of the author dad2four
    Echo out your $sql right before that call so you can see what you are actually running.
    Signature
    {{ DiscussionBoard.errors[8354733].message }}

Trending Topics