I managed to get to phpMyAdmin and created a table .Then, I created the users with their username & password. Note that phpMyAdmin is running from a free website hosting area. It looks like it's done but I get this error message:
Access denied for user 'apache'#'localhost' (using password: NO)
<?php
#session_start();
include(".login.php");
print_r($conf);
$con = mysql_connect($conf['db_hostname'], $conf['$username'], $conf['1000']) or die (mysql_error());
mysql_select_db("usersA", $con);
$prof = '000';
//$prof = $_GET['profile'];
$result = "SELECT * FROM usersA WHERE id = '$user_id'";
$q = mysql_query($result, $con);
?>
try naming file properly..
include("login.php"); instead of include(".login.php");
what is
print_r($conf);
use
$con=mysql_connect("ip(like http://1.1.1.1)","user_name","password");
Related
I have a problem connecting to sql database:
<?php
$servername = "localhost";
$username = "";
$password = "";
$myDB = "udemy";
// Create connection
$link = mysqli_connect($servername, $username, $password, $myDB );
if (mysqli_connect_error()){
die ("There was an error connecting to the database");
}
$query = "SELECT * FROM users";
if (mysqli_query($link, $query)){
echo "Query was successfull"
}
?>
Error is showing when I try to connect database named "udemy"...
Set username and password or add a new user in your mysql server and try with those user details.
To create new user :-
To create user in MySQL/MariaDB 5.7.6 and higher, use CREATE USER syntax:
CREATE USER 'new_user'#'localhost' IDENTIFIED BY 'new_password';
then to grant all access to the database (e.g. my_db), use GRANT Syntax, e.g.
GRANT ALL ON my_db.* TO 'new_user'#'localhost';
Where ALL (priv_type) can be replaced with specific privilege such as
SELECT, INSERT, UPDATE, ALTER etc
Then to reload newly assigned permissions run:
FLUSH PRIVILEGES;
Now set newly created username and password in your code.
Hope it helped.
I want to check if the 'desig' (designation) of a user stored in user_info database, is 'gm' (G.M.) or not.
Currently, I have two users, one with 'desig' as 'gm' and the other as 'mgr', no matter who logs in, the 'gm.html' page always loads.
The correct working should be that if the desig is gm then only it should redirect to gm.html page. (members is a table in user_info db)
<?php
session_start();
if((isset($_SESSION['login']) && $_SESSION['login'] ==true)) {echo "";}
else{
header("location:login.html");}
$mysql_hostname = 'localhost';
$mysql_usrnm = 'root';
$mysql_pass = '';
$mysql_db = 'user_info';
$con = mysqli_connect($mysql_hostname, $mysql_usrnm, $mysql_pass, $mysql_db) or die('Cant connect to database');
mysqli_select_db($con,$mysql_db);
$result = mysqli_query($con, "SELECT desig FROM members WHERE desig='gm'");
if (!$result) {
printf("Error: %s\n", mysqli_error($con));
exit();
}
$desig = mysqli_fetch_array($result) or die("error");
if($desig!="gm")
{
$mysql_db1='customer';
$con1=mysqli_connect($mysql_hostname, $mysql_usrnm, $mysql_pass, $mysql_db1) or die("Connection died for your sins.");
echo "Connected";}
else
header("location:gm.html");
?>
Your code seems to be hard-coded to only return a GM?
$result = mysqli_query($con, "SELECT desig FROM members WHERE desig='gm'");
I am pretty sure that this is supposed to be picked up based on the user and not simply running a "find me a GM user" for anyone.
If I understand your question correctly, shouldn't there be somewhere in betwen the start and end of this snipped that uses the login information to verify what level a user is it?
if((isset($_SESSION['login']) && $_SESSION['login'] ==true))
{
echo "";
// Shouldn't you run a query here to see who your user is?
// For example to get their ID?
}
else
{
header("location:login.html");
}
$mysql_hostname = 'localhost';
$mysql_usrnm = 'root';
$mysql_pass = '';
$mysql_db = 'user_info';
$con = mysqli_connect($mysql_hostname, $mysql_usrnm, $mysql_pass, $mysql_db) or die('Cant connect to database');
mysqli_select_db($con,$mysql_db);
$result = mysqli_query($con, "SELECT desig FROM members WHERE desig='gm'");
// Then here, instead of running this, convert it to something similar to:
$result = mysqli_query($con, "SELECT desig FROM members WHERE userid=$id");
Edit:
Storing the variable is easy - but you have to GET it from somewhere.
You can do this by popping a column in your users table - where you verify the username and password to begin with. I would suggest you look into a basic table like this to store user information. (I would also recommend you store hashes of passwords and the like, but that seems a conversation for another time).
user table:
userID username password userLevel
1 someUser somePass Grunt
2 someUser1 somePass1 MGR
3 someUser2 somePass2 MGR
4 someUser3 somePass3 GM
Armed with this, you can fire off a quick query to the database, verify the username and password, and get their userLevel quite easily.
Once you have the level, you can store it in a session variable if you like and have your code apply logic depending on what is stored in there.
I fixed the problem. There were some logical errors in my code.
if((isset($_SESSION['login']) && $_SESSION['login'] ==true)) {
//Selecting the whole row to compare and display different variables
$sql = "SELECT * FROM members WHERE username = '".$_SESSION['username']."'";
if(!$sql)
echo mysql_error();
$result = mysqli_query($con,$sql);
$row = mysqli_fetch_array($result, MYSQLI_ASSOC);
//Using $row variable to fetch and compare the value stored in 'desig' with 'gm'
if($row["desig"]=='gm')
header("location:gm.php"); //Opens up different page for gm aka Gen. Mgr.
}
else
header("location:login.html"); //Redirects to this page if no user is logged in.
I am trying to connect to a mysql database having the name "_query".
It gives me the error "No database selected" when I run the following code:
mysql_select_db("_query", $con);
$sql = "SELECT * from mdl_sms_msg";
$result = mysql_query($sql) or die(mysql_error());
I have spent a lot of time on trying to fix this, please help.
Basically, I have a login panel where users can login and what I am trying to do is when they login I want to find out their Authentication ID that has been set in the MSSQL database.
And I want to be able to get the 'AuthID' of the user and make it 'die' (die $result) so that the result is shown in the browser.
At the moment I have this code and with it I am able to get the AuthID but it doesn't get the specific user that is logging in. It gets every single AuthID in the database.
<?php
$dbhandle = mssql_connect($myServer, $myUser, $myPass)
or die("Couldn't connect to SQL Server on $myServer");
$selected = mssql_select_db($myDB, $dbhandle)
or die("Couldn't open database $myDB");
$query = "SELECT nAuthID FROM tAccounts";
$result = mssql_query($query)
or die('A error occured: ' . mysql_error());
while ( $record = mssql_fetch_array($result) )
{
die ($record ['nAuthID']);
}
mssql_free_result($result);
mssql_close($dbhandle);
?>
Thanks.
If you want an user to be able to login to your site and stay logged in you have to save the information as which user he is logged in in some way -> SESSIONS / COOKIES
For login specific data you should use SESSION since their data is stored on the server.
Put session_start()at the beginning of every file you want to access any user information.
Then if the user logs in you should save the nEMID or even the nAuthID via $_SEESION['nID'] = ...your id...;
On any other site you can check if the user is logged in using if (isset($_SEESION['nID'])). Then you can query user-information using your "SELECT * FROM tAccounts WHERE nEMID=" . $_SEESION['nID']
Does this helps u a bit?
In your code, after connecting to the database, you are directly executing a query "SELECT nAuthID FROM tAccounts" which will fetch all the available nAuthID's from the table.
Your query should authenticate the user after entering the login details in your login form.
So your query in your code should be some thing like below...
<?php
$myServer = "Your-PC\SQLExpress";
$myUser = "user";
$myPass = "pass";
$myDB = "Account";
$dbhandle = mssql_connect($myServer, $myUser, $myPass)
or die("Couldn't connect to SQL Server on $myServer");
$selected = mssql_select_db($myDB, $dbhandle)
or die("Couldn't open database $myDB");
// $query = "SELECT nAuthID FROM tAccounts";
//Your Query Should be something like this
$query = "SELECT nAuthID FROM tAccounts WHERE sUsername='username' AND sUserpass= 'yourpassword' ";
$result = mssql_query($query)
or die('A error occured: ' . mysql_error());
/*while ( $record = mssql_fetch_array($result) )
{
die ($record ['nAuthID']);
} */
if(mssql_num_rows($result)>0){
$record = mssql_fetch_array($result);
$nAuthID = $record ['nAuthID'];
session_start();
$_SESSION['nAuthID'] = $nAuthID;
}else{
echo 'Login Failed';
}
mssql_free_result($result);
mssql_close($dbhandle);
?>
Please make sure that you will be passing the dynamic values to the query. and make a note that you can use the session variable $_SESSION['nAuthID'] to get nAuthID whereever you want to display.
By doing so, you will be getting nAuthID of a particular user who have logged in successfully. Also, you can use else loop if the authentication failed and redirect the user back to login screen.
Hope this clarify your doubt??
I am trying to connect to my database and when I run the code, I get an error. Can anybody tell me what is wrong also any errors in my PHP code? Thanks.
Error: No database selected
PHP Code:
include('.conf.php');
$prof = $_GET['profile'];
$prof = addslashes(htmlentities($prof));
$query = "SELECT * FROM aTable where id = '".mysql_real_escape_string($prof)."'";
$info_array = mysql_query($query, $con) or die (mysql_error()).;
while($row = mysql_fetch_array( $info_array ))
{
echo $row['num1'];
echo "</br>";
echo $row['num2'];
echo "</br>";
echo $row['num3'];
echo "</br>";
echo $row['num4'];
};
mysql_close($con);
.conf.php file:
<?php
$conf['db_hostname'] = "xxx";
$conf['db_username'] = "xxx";
$conf['db_password'] = "xxx";
$conf['db_name'] = "xxx";
$conf['db_type'] = "mysql";
$con = mysql_connect('xxx', 'xxx', 'xxx') or die (mysql_error());
$db = mysql_select_db("aTable", $con);
?>
I had that problem and solved it with prefixing the table name with the database name, so
select * from database.table
Unless you have the password incorrect and need to fix it, run a GRANT statement to grant access to your database user:
GRANT ALL PRIVILEGES ON aTable.* TO xxx#localhost IDENTIFIED BY 'password_for_xxx';
The above grants all privileges. It's often better to restrict to only what's needed. For example, if you only intend to SELECT, but not modify data,
GRANT SELECT ON aTable.* TO xxx#localhost IDENTIFIED BY 'password_for_xxx';
Update
Since you have identified the database name as dedbmysql, change your mysql_select_db() call to:
$db = mysql_select_db("dedbmysql", $con);
Following this, the GRANT statements above are probably unnecessary, as your host may have already worked out the correct database permissions.