I have a problem with my script: i believe mysql_num_rows won't find anything from my database even though i know there is something in there (two records actually).... Anyone help?
<?php
$con = mysql_connect("localhost","root","root") or die(mysql_error());
$db = mysql_select_db("usersData", $con) or die(mysql_error());
$username = mysql_real_escape_string($username, $con) or die(mysql_error());
$query = "SELECT * FROM `usersInfo` WHERE `Username`='$username'";
$result = mysql_query($con, $query) or die(mysql_error());
$num_rows = mysql_num_rows($result) or die(mysql_error());
if($num_rows == 0)
{
//header('Location: login.php');
echo "meow";
}
?>
i hope this is a better piece of code now. However, when i run it it now gives me a white page?
Check these two lines:
$username = mysql_real_escape_string($username);
$query = "SELECT * FROM `usersInfo` WHERE `Username`='$Username'";
variable $username is different than $Username
Variables in php are case sensitive so it is like you are using two different variables here.
Fix your query so it uses the same lower case $username variable you are setting above:
$query = "SELECT * FROM `usersInfo` WHERE `Username`='$username'";
Related
Im new to programming and I'm trying to create a login form using php/mysql and I have faced some problems. I cannot understand why my sql code cannot being executed, Im using localhost. Could you guys help me?
Thanks
Here is the code that i wrote
<?php
$host = "localhost";
$user = "root";
$pass = "";
$db = "login";
mysql_connect($host, $user, $pass);
mysql_select_db($db);
if (isset($_POST['username'])){
$username = $_POST['username'];
$password = $_POST['password'];
$sql = "SELECT * FROM users WHERE username'".$username."' AND password='".$password."' LIMIT 1";
$res = mysql_query($sql);
if (mysql_num_rows($res) == 1){
echo "You have successfully logged in.";
exit();
}else{
echo "Invalid password information.";
exit();
}
}
?>
I think you forgot =
$sql = "SELECT * FROM users WHERE username='".$username."' AND password='".$password."' LIMIT 1";
Simple Typo:
Change:
$sql = "SELECT * FROM users WHERE username'".$username."' AND password='".$password."' LIMIT 1";
To:
$sql = "SELECT * FROM users WHERE username = '".$username."' AND password='".$password."' LIMIT 1";
Another thing, you don't need to fetch all fields from database table if you don't need them.
This slows down speed of page load.
You can fetch only id field.
You are fetching number of rows, so, your query should be:
SELECT id FROM users WHERE username ...
I am new to php.
I am doing login for user, then I would like to compare the username and password of the person when he/she login to every rows in my database table.
For this case, assume user= michael, pssword =1234
I got this:
$username= "michael";
$password= "1234";
include("includes/connect.php");
$mobile_user = "select * from mobileuser" ;
$query = mysqli_query ($conn, $mobile_user);
while($results = mysqli_fetch_array ($query)){
$user_name = $results['mobile_user_name'];
$pass = $results['mobile_user_pass'];
}
However, this only compare to the last row of data in my database table.
For example, if username=michael n password=1234 is located in the last row of my database table, then login success, if it does not located at the last row, login failed.
Anyone can help?
You should modify your code as:
$username= "michael";
$password= "1234";
include("includes/connect.php");
$mobile_user = "SELECT * FROM mobileuser WHERE mobile_user_name='$username' AND mobile_user_pass='$password' LIMIT 0,1";
$query = mysqli_query ($conn, $mobile_user);
$result = mysqli_fetch_array ($query);
$user_name = $result['mobile_user_name'];
$pass = $result['mobile_user_pass'];
This should work like a charm. However a better version of this would be:
$username= "michael";
$password= "1234";
include("includes/connect.php");
$mobile_user = "SELECT count(*) as count FROM mobileuser WHERE mobile_user_name='$username' AND mobile_user_pass='$password'";
$query = mysqli_query ($conn, $mobile_user);
$result = mysqli_fetch_array ($query);
if($result['count'] > 0){
echo "Match Found.";
}
If you want to check if a user's credential are valid, you should count the number of rows where they match ; if this is less than one, the credentials provided are invalid. SQL query :
SELECT COUNT(*) AS number, mobile_user_name, mobile_user_pass FROM mobileuser WHERE mobile_user_name = 'someusername' AND mobile_user_pass = 'somepass'
Note that you should prevent your code from SQL injections, and you may want to store hashed passwords in your database to avoid stocking them in cleartext.
give this a go:
require_once ('con.php');
$q = "SELECT `password` FROM `tbl_where_user_is` WHERE `tbl_row_username` = '$username'";
$r = mysqli_query($db_connnect, $q);
$row = mysqli_fetch_array($r);
$r = mysqli_query ($db_connnect, $q);
if(mysqli_num_rows($r)==1)
{
echo $username;
}else{
echo "user not found";
}
I want to count the rows in the users table with specific name and pwd which should be 1 if existed.
but the result always return null(not 0),no matter whether the user existed or not.
I even change the query simple to "SELECT * FROM users", and it ended with the same result.
And I am pretty sure that the name of the DATABASE and TABLE are true,and the table is not empty!
By the way,why I have to use "#" symbol before "mysqli_query" in order to get rid of error?
thx!
enter code here
<?php
#$mysql_db_hostname = "localhost";
$mysql_db_hostname = "127.0.0.1";
$mysql_db_user = "root";
$mysql_db_password = "";
$mysql_db_database = "smartFSUsers";
$con = mysqli_connect($mysql_db_hostname, $mysql_db_user, $mysql_db_password,$mysql_db_database);
if (!$con) {
trigger_error('Could not connect to MySQL: ' . mysqli_connect_error());
}
$name = $_GET["name"];
$password = $_GET["password"];
$query = "SELECT * FROM users WHERE name='$name' AND password='$password'";
$result =#mysqli_query($query,$con);
echo($result);
$row=#mysqli_num_rows($result);
echo"the row num is $row \n";
?>
RTM: http://php.net/mysqli_query
$result =#mysqli_query($query,$con);
You've got your parameters reversed. $con MUST come first:
$result = mysqli_query($con, $query) or die(mysqli_error());
If you had bothered adding error correction to your code, you'd have been told about this. But nope, you opted for # to hide all those error messages.
I am trying to create a logging in system for my website. this is what i have.
include('MYSQL_connect_userdata.php');
$query = "SELECT * FROM userinfo WHERE username = '$username' AND password = '$password' ";
$result = mysql_query($query) or die("cant find table");
$count2 = mysql_num_rows($result);
$resultarray = mysql_fetch_array($result);
echo "SELECT * FROM userinfo WHERE username = '$username' AND password = '$password' ";
MYSQL_connect_userdata.php connects to the mysql server and selects the database.
When I paste the output of the
echo "SELECT * FROM userinfo WHERE username = '$username' AND password = '$password' ";
phpmyadmin returns the row that i am looking for. (contains a username and password")
for some reason mysql_num_rows($result) is returning 0 even when the inputs are the correct values. the inputs are taken using $_POST like this at the top of the php file
$username = $_POST['username'];
$password = $_POST['password'];
If I change the query to exclude the "AND password = '$password' "; part then the page works as intended and mysql_num_rows returns 1.
any ideas whats going on? im rlly new to php so extra explaination would be appreciated. Thanks.
$con = mysql_connect("localhost", "peter", "abc123");
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
$db_selected = mysql_select_db("test_db",$con);
$sql = "SELECT * FROM person";
//Your missing the connection , store in a variable
$result = mysql_query($sql,$con);
echo mysql_num_rows($result);
mysql_close($con);
I have read multiple question in the internet including this stackoverflow question but none of them working for me. Here is my code:
<?php
$conn1 = mysql_connect("localhost","root","passw0rd") or die(mysql_error());
$conn2 = mysql_connect("localhost","root","passw0rd") or die(mysql_error());
mysql_select_db("asteriskcdrdb",$conn1);
mysql_select_db("pj8v2",$conn2);
$query = "SELECT * FROM cdr";
$result = mysql_query($query,$conn1);
var_dump($result);
$query2 = "SELECT * FROM tb_did_avalaible";
$result2 = mysql_query($query2,$conn2);
var_dump($result2);
?>
When i var_dump the result, it return false. What is the problem here? Thank you.
You dont need two connections, if both databases are located on the same mysql-server and you access them both as unique user.
You also don't need to select a DB.
Just use the database-name as prefix when specifying the tables:
<?php
mysql_connect("localhost","root","pass") or die(mysql_error());
$query = "SELECT * FROM asteriskcdrdb.cdr";
$result = mysql_query($query)or die(mysql_error());
var_dump($result);
$query2 = "SELECT * FROM pj8v2.tb_did_avalaible";
$result2 = mysql_query($query2)or die(mysql_error());
var_dump($result2);
?>
The real problem in your code is: there can only be one active DB, it should work this way:
<?php
$conn1 = mysql_connect("localhost","root","passw0rd") or die(mysql_error());
$conn2 = mysql_connect("localhost","root","passw0rd",true) or die(mysql_error());
mysql_select_db("asteriskcdrdb",$conn1);
$query = "SELECT * FROM cdr";
$result = mysql_query($query,$conn1);
var_dump($result);
mysql_select_db("pj8v2",$conn2);
$query2 = "SELECT * FROM tb_did_avalaible";
$result2 = mysql_query($query2,$conn2);
var_dump($result2);
?>
Altough there's no need for 2 connections, you can select both DB's using the same connection.
Sorry i just figure out the problem. If using same connection parameter, must add true in the connect parameter
$conn1 = mysql_connect("localhost","root","passw0rd") or die(mysql_error());
$conn2 = mysql_connect("localhost","root","passw0rd",true) or die(mysql_error());
Don't use mysql connector, use mysqli. It is more secure compared to mysql.
the code would be.
$conn1 = new mysqli("localhost","user","password","db1");
$conn2 = new mysqli("localhost","user","password","db2");
$query1 = "select * from table1";
$query2 = "select * from table2";
echo $query1 . "<br />";
echo $query2 . "<br />";
$rs1 = $conn1->query($query1);
$rs2 = $conn2->query($query1);
Also check if the the query is correct. Most of the times the error is in the query and not the syntax.