pritaeas
Posting Expert
Moderator
5,483 posts since Jul 2006
Reputation Points: 653
Solved Threads: 875
Have something to say? Contribute New Article Reply to this Article
problem somewhere in query
I am beginner and this is my first project (happy face). I am trying to make log in systen to learn php and mySQL. At first everything was working so and then i decided to rewrite everything in Object oriented code and then it is not working. Since it is not syntax error it is hard to find for me, but i know that problem is in mySQL query, because it is empty.
Problem: It doesn't work and it doesn't set $errorLevel and there is no mysql_error() report
here is the class
<?php
class login
{
private $userName;
private $password;
private $queryResults; // will be used for checking user name and password
private $errorLevel;
/*return
* 1 if user is sucessfuly loged in
* -1 if user name is not in db
* -2 if cannot connect to db
*/
public function try_log_in($user_name, $password)
{
$this->setup_parameters($user_name, $password);
if($this->is_userName_in_db() && $this->is_password_correct())
{
$_SESSION["user"]=$this->userName;
return 1;
}
else
return $this->errorLevel;
}
//-------------------------Under the hud-----------------------//
function __construct()
{
}
//escapes all inputs and sets object`s parameters
private function setup_parameters($user_name, $password)
{
$this->userName = mysql_real_escape_string ($user_name);
$this->password = mysql_real_escape_string ($password);
$query = "
SELECT *
FROM users
WHERE userName = '$this->userName' ";
$this->queryResults = mysql_query($query);
}
/*Checks if given user name is db
* returns:
* 1 if it is in db
* -1 if it is not in db
* -2 if cannot connect to db
*/
private function is_userName_in_db()
{
if(!$this->queryResults)
$this->errorLevel = -2;
if(mysql_num_rows( $this->queryResults) == 0)
$this->errorLevel = -1;
else
return 1;
return $this->errorLevel;
}
/*returns
* 1 if entered password matches with one in db
* 0 if it doesn match
* -2 if could not nonnect to db;
*/
private function is_password_correct()
{
if($this->errorLevel == -2)//this should never happen
return $this->errorLevel;
$row = mysql_fetch_assoc($this->queryResults);// puts query results in array
$salt = substr ($row['password'], 0, strlen($row['password'])/2); //takes salt from query result
$hash = hash("sha256", $salt . $this->password);
$saltAndPassword = $salt . $hash;
if($saltAndPassword == $row['password'])
return 1;
else
return 0;
}
}
?>this is login.php
<?php
/*
Template Name: login
*/
// Inialize session
session_start();
// Include database connection settings
include('config.php');
//Include login class
include('ClassLogin.php');
//host information
$host = $_SERVER['HTTP_HOST'];
$uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
$login = new login();
$login->try_log_in($_POST[userName], $_POST[password]);
switch ($result)
{
case 1:
header("Location: http://$host$uri/");
break;
case -1:
header("Location: http://$host$uri/?error=1");
break;
case -2:
header("Location: http://$host$uri/?error=2");
break;
}
?>
and this is config.php where i connect to DB
<?php
$hostname = 'localhost'; // Your MySQL hostname. Usualy named as 'localhost', so you're NOT necessary to change this even this script has already online on the internet.
$dbname = 'I am'; // Your database name.
$username = 'not that'; // Your database username.
$password = 'stupid :D '; // Your database password. If your database has no password, leave it empty.
// Let's connect to host
mysql_connect($hostname, $username, $password) or DIE('Connection to host is failed, perhaps the service is down!');
// Select the database
mysql_select_db($dbname) or DIE('Database name is not available!');
?>
EDIT: I forgot to write what have i done to search for problem.
I checked and saw that my code failed to log in and doesnt provide an error.
Then i checked if with correct user name and password it would set session variable. No it didint.
Then i find out that it also didint change $errorLevel.
Then i checked all variables and find out that $quearyResults is empty, but mysql_error() was also empty. So it connects to db but query is empty
I suggest you start adding echo's in your functions, so you can find out exactly what is happening.
pritaeas
Posting Expert
Moderator
5,483 posts since Jul 2006
Reputation Points: 653
Solved Threads: 875
One thing popped out at me, but it's been a while since I've written PHP code, and my memory is a little hazy. Is this line correct?
$login->try_log_in($_POST[userName], $_POST[password]);That is, does it actually pass the username and password into your class functions?
One thing popped out at me, but it's been a while since I've written PHP code, and my memory is a little hazy. Is this line correct?
$login->try_log_in($_POST[userName], $_POST[password]);That is, does it actually pass the username and password into your class functions?
Yes it does.
Problem was that i created table of ints to store characters. These kind of problems is hard to find and i was looking for mine over a day. Thx everyone for help :)
This question has already been solved
You
© 2012 DaniWeb® LLC
