Results 1 to 2 of 2
  1. #1
    Join Date
    Apr 2003
    Location
    Belgium
    Posts
    23

    Unhappy Unanswered: problem with error-displaying

    I have the following problem:

    My login page works ok, but when I give a wrong password or username, it just displays "U", but I said it has to give "User name or password not recognised. I really don't know what I'm doing wrong, so can somebody help me please.

    Thanks!!

    Login page:

    Code:
    <?php include("../include/intranet_admin.php"); ?>
    <?php
    function check_login($formdata)
    { $dbhost = "xxx.xxx.xxx.xxx";
      $dbuser = "xxx"; 
      $dbpassword = "xxx";
      $db = "xxx";
      
      $form_data = trim_data($formdata);
      $user = $form_data['username'];
      $password = $form_data['password'];
      
      $mysql = mysql_connect($dbhost, $dbuser, $dbpassword);
      if(!$mysql)
      { $error = "Cannot connect to Database Host";
        return($error);
      }
      
      $mysqldb = mysql_select_db($db);
      if(!$mysqldb)
      { $error = "Cannot open Database";
        return($error);
      }
      
      $myquery = "SELECT * FROM login WHERE username = '" . $user;
      $myquery .= "' AND password = '" . crypt($password,"xxx") . "'";
      
       
    
     $result = mysql_query($myquery);
     if (!$result)
      { $error = "Cannot run query";
        return($error);
      }
     
      $numRows = mysql_num_rows($result);
      if ($numRows < 1)
      { $error = "User name or password not recognised";
        return($error);
      }
      
      $userRecord = mysql_fetch_array($result);
      return($userRecord);
    }
    ?>
    <?php 
    if($HTTP_POST_VARS['Submit']=="Login")
    { session_start();
      $row = check_login($HTTP_POST_VARS);
      $statusCheck = $row["status"];
      if ($statusCheck == "Admin" || $statusCheck == "Staff")
      { session_register("statusCheck");
        header("Location: menu.php");
      }
      $companyCheck = $row["company"];
      if($companyCheck == "Acros")
      { session_register("companyCheck");
      }
    }
    ?>
    <html>
    <head>
    <title>Fisher Intranet</title>
    <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
    </head>
    
    <body>
    <h1 align="center"><font color="#003366" size="3" face="Arial, Helvetica, sans-serif">Login 
      to the Fisher intranet</font></h1>
    <h1 align="center"><font color="#003366" size="5" face="Verdana, Arial, Helvetica, sans-serif"><img src="../../images/imagesform/logo.gif" width="259" height="57"></font></h1>
    <h2 align="center"><font color="#003366" size="3" face="Arial, Helvetica, sans-serif">Enter 
      your user name and password:</font></h2>
    <p align="center"><?php echo $statusCheck; ?></p>
    <p>&nbsp;</p><form name="form1" method="post" action="<?php echo($PHP_SELF) ?>">
      <table width="50%" border="0" align="center" cellpadding="5" cellspacing="0" bgcolor="#999966">
        <tr> 
          <td width="29%"><font color="#FFFFFF" size="2" face="Arial, Helvetica, sans-serif"><strong>user 
            name :</strong></font></td>
          <td width="71%"><input name="username" type="text" id="username" maxlength="20"></td>
        </tr>
        <tr> 
          <td><font color="#FFFFFF" size="2" face="Arial, Helvetica, sans-serif"><strong>password 
            :</strong></font></td>
          <td><input name="password" type="password" id="password" maxlength="20"></td>
        </tr>
        <tr> 
          <td colspan="2"><div align="center"> 
              <p> 
                <input type="submit" name="Submit" value="Login">
                <font color="#003366" size="2" face="Arial, Helvetica, sans-serif"><font color="#003366" size="2" face="Arial, Helvetica, sans-serif"></font></font> 
              </p>
            </div></td>
        </tr>
      </table>
      
    </form>
    <p align="center"> <font color="#003366" size="2" face="Arial, Helvetica, sans-serif">
    <div align="center">&copy; Copyright Fisher Scientific Europe <br>
      <font color="#003366" size="2" face="Arial, Helvetica, sans-serif"></font></div>
    </font>
    <p align="center"></p>
    <div align="center"><font color="#003366" size="2" face="Arial, Helvetica, sans-serif">
      <script language=Javascript1.2>
    // verander hieronder de kleur font en grootte van het klokje 
    var tags_before_clock = "<font face='Arial, Helvetica, sans-serif' size='1' color='#003366'> "
    var tags_middle_clock = ""
    if(navigator.appName == "Netscape") {
    document.write('<layer id="clock"></layer><br>');
    }
    if (navigator.appVersion.indexOf("MSIE") != -1){
    document.write('<span id="clock"></span>');
    }
    function upclock(){
    var dte = new Date();
    var hrs = dte.getHours();
    var min = dte.getMinutes();
    var sec = dte.getSeconds();
    var col = ":";
    var spc = " ";
    var com = "";
    if (hrs == 0) hrs=12;
    if (min<=9) min="0"+min;
    if (sec<=9) sec="0"+sec;
    if(navigator.appName == "Netscape") {
    document.clock.document.write(tags_before_clock+hrs+col+min+col+sec+tags_middle_clock+day+com+spc);
    document.clock.document.close();
    }
    if (navigator.appVersion.indexOf("MSIE") != -1){
    clock.innerHTML = tags_before_clock+hrs+col+min+col+sec+tags_middle_clock+com+com+spc;
    }
    }
    setInterval("upclock()",200);
    </script>
      </font></p> </div>
    </body>
    </html>

    include-page:

    Code:
    <?php 
    function trim_data($formdata)
    { foreach($formdata as $key => $value)
      { $key = trim($key);
        $value = trim($value);
      }
      return $formdata;
    }
    ?>
    <?php
    function check_form($formdata)
    { foreach ($formdata as $key => $value)
      { if (!isset($key) || $value == "")
        return false;
      }
      return true;
    }
    ?>
    <?php
    function check_password_length($formdata, $password, $minlen)
    { if (strlen($formdata[$password]) < $minlen)
        return false;
      else
        return true;
    }
    ?>
    <?php
    function confirm_password($formdata, $password1, $password2)
    { if ($formdata[$password1] == $formdata[$password2])
        return true;
      else
        return false;
    }
    ?>
    <?php
    function check_unique($formvalue, $db, $dbhost, $dbuser, $dbpassword, $table, $field)
    {  //$formvalue;
       //$db = xxx;
       //$dbhost = xxx.xxx.xxx.xxx;
       //$dbuser = xxx;
       //$dbpassword = xxx;
       //$table = Users;
       //$field = ;
       
       
       
      $error = "";
      $mysql = mysql_connect($dbhost, $dbuser, $dbpassword);
      if(!$mysql)
      { $error = "Cannot connect to Database";
        return($error);
      }
      
      $mysqldb = mysql_select_db($db);
      if(!$mysqldb)
      { $error = "Cannot open Database";
        return($error);
      }
      
      $myquery = "SELECT * FROM $table WHERE $field = '$formvalue' ";
      $result = mysql_query($myquery);
      if (!$result)
      { $error = "Cannot run query";
        return($error);
      }
      
      $unique = mysql_num_rows($result);
      if ($unique > 0)
      { $error = $formvalue. " already in use";
        return($error);
      }
      return ("true");
    }
    ?>
    You help me, and I'll try to help you

  2. #2
    Join Date
    Feb 2003
    Location
    Germany
    Posts
    20
    The problem is that you are returning the error as string. If the login is ok everything work as expected, because an array is returned. In case of an error a string (not an array) is returned. Then using $statusCheck = $row["status"]; returns the first character of the string as "status" is expanded by PHP to 0 and $var[0] of a strings returns the first character (as in C).

    put a line
    error_reporting(E_ALL);

    at the beginning of your script, so PHP warns you on such pitfalls.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •