Brian Welter wrote:
I have the following code and it doesn't behave properly but I can't find my
error. The code is designed to validate user login. When I pass in an
invalid email name to the checkLogin function it returns a result, not FALSE
as the documentation describes. I can SELECT * from the table being used and
read out all of the data so I know that the DB connection is valid and that
I can compose a valid query. I have looked and looked at this code and can
find no error, does anyone see an error here. When the check if (!$result)
fails i.e. even thought the email/password are not in the db a none zero
result is returned, the calls to mysql_fetch_assoc () return empty strings.
The only clue I may have is that when I call mysql_free_result($result) I
get a warning saying that $result is not a valid resource. I sure I'm doing
something stupid but I just can't see it. Any help would be great!
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd";>
<html xmlns="http://www.w3.org/1999/xhtml";>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<?php
global $db;
$db = mysql_connect('localhost', 'xxxx', 'xxxx', 'xxxx');
if (!$db) {
die("Unable to connect to database: ".
mysql_connect_error());
}
$selected = mysql_select_db("xxxx", $db) or die( "Unable to
select database");
if (checkLogin(sam@xxxxxxx', '1')) {
echo "Success";
} else {
echo "Failure";
}
if(checkLogin('duck', '2') )) {
echo "Success";
} else {
echo "Failure";
}
function checkLogin($e, $p) {
$ans = 0;
$emailcheck = $e;
$passwdcheck = $p;
$result = 0;
$query = "SELECT * FROM maillist WHERE
email='$emailcheck' AND passwd='$passcheck'";
$result = mysql_query($query);
Idon't think it's your problem, but you have two different
variable--$passwdcheck and $passcheck.
After getting the results, you can check how many valid users are in the
result, as follows:
$n = mysql_num_rows($result);
if($n < 1)
etc.
Janet
if (!$result) {
echo "<h4>UserName is FALSE name is:
$e<h4>";
echo "<h4>Password is FALSE name is:
$p<h4>";
$ans = 0;
} else {
$row = mysql_fetch_assoc($result);
$em = $row['email'];
$pw = $row['passwd'];
echo "<p>Accepted ";
echo "User $em ";
echo "Password $pw</p>";
$ans = 1;
}
return($ans);
} //checkLogin
mysql_free_result($result);
mysql_close($db);
?>
</body>
</html>
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
