1,105,229 Community Members

problem somewhere in query

Member Avatar
welkam
Newbie Poster
8 posts since May 2010
Reputation Points: 0 [?]
Q&As Helped to Solve: 1 [?]
Skill Endorsements: 0 [?]
 
0
 

I am beginner and this is my first project (happy face). I am trying to make log in systen to learn php and mySQL. At first everything was working so and then i decided to rewrite everything in Object oriented code and then it is not working. Since it is not syntax error it is hard to find for me, but i know that problem is in mySQL query, because it is empty.

Problem: It doesn't work and it doesn't set $errorLevel and there is no mysql_error() report

here is the class

<?php
class login
{
		private $userName;
		private $password;
		private $queryResults;  // will be used for checking user name and password
		private $errorLevel;
		
		
	/*return
	 *  1 if user is sucessfuly loged in
	 * -1 if user name is not in db
	 * -2 if cannot connect to db
	 */
	public function try_log_in($user_name, $password)
	{
		$this->setup_parameters($user_name, $password);
		if($this->is_userName_in_db() && $this->is_password_correct())
		{
			$_SESSION["user"]=$this->userName;
			return 1;
		}
		else
			return $this->errorLevel;
	}
	
	//-------------------------Under the hud-----------------------//
		
	function __construct()
	{
		
	}
	//escapes all inputs and sets object`s parameters
	private function setup_parameters($user_name, $password)
	{
		$this->userName = mysql_real_escape_string ($user_name);
		$this->password = mysql_real_escape_string ($password);
		$query = "
			SELECT * 
			FROM users
			WHERE userName = '$this->userName'  ";
		$this->queryResults = mysql_query($query);		
	}
	
	
	/*Checks if given user name is db
	 *  returns:
	 *  1 if it is in db
	 * -1 if it is not in db
	 * -2 if cannot connect to db
	 */	
	private function is_userName_in_db()
	{
		if(!$this->queryResults)
			$this->errorLevel = -2;
		if(mysql_num_rows( $this->queryResults) == 0)
			$this->errorLevel = -1;
		else
			return 1;
			
		return $this->errorLevel;
		
	}

	/*returns
	 *  1 if entered password matches with one in db
	 *  0 if it doesn match
	 * -2 if could not nonnect to db;
	 */	
	private function is_password_correct()
	{
		if($this->errorLevel == -2)//this should never happen
			return $this->errorLevel;
		$row = mysql_fetch_assoc($this->queryResults);// puts query results in array
		$salt = substr ($row['password'], 0, strlen($row['password'])/2); //takes salt from query result
		$hash = hash("sha256", $salt . $this->password);
		$saltAndPassword = $salt . $hash;
		if($saltAndPassword == $row['password'])
			return 1;
		else
			return 0;
	}
}
?>
Member Avatar
pritaeas
mod_pritaeas
11,289 posts since Jul 2006
Reputation Points: 1,420 [?]
Q&As Helped to Solve: 1,832 [?]
Skill Endorsements: 154 [?]
Moderator
Featured
Sponsor
 
0
 

Where do you connect to the database ?

Member Avatar
welkam
Newbie Poster
8 posts since May 2010
Reputation Points: 0 [?]
Q&As Helped to Solve: 1 [?]
Skill Endorsements: 0 [?]
 
0
 

this is login.php

<?php
/*
Template Name: login
*/

// Inialize session
session_start();
// Include database connection settings
include('config.php');
//Include login class
include('ClassLogin.php');
//host information
$host  = $_SERVER['HTTP_HOST'];
$uri   = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');

$login = new login();
$login->try_log_in($_POST[userName], $_POST[password]);
switch ($result)
{
	case 1:
		header("Location: http://$host$uri/");
		break;
	case -1:
		header("Location: http://$host$uri/?error=1");
		break;
	case -2:
		header("Location: http://$host$uri/?error=2");
		break;
}
?>

and this is config.php where i connect to DB

<?php

$hostname = 'localhost';        // Your MySQL hostname. Usualy named as 'localhost', so you're NOT necessary to change this even this script has already online on the internet.
$dbname   = 'I am';        // Your database name.
$username = 'not that';             // Your database username.
$password = 'stupid :D ';                 // Your database password. If your database has no password, leave it empty.

// Let's connect to host
mysql_connect($hostname, $username, $password) or DIE('Connection to host is failed, perhaps the service is down!');
// Select the database
mysql_select_db($dbname) or DIE('Database name is not available!');

?>

EDIT: I forgot to write what have i done to search for problem.
I checked and saw that my code failed to log in and doesnt provide an error.
Then i checked if with correct user name and password it would set session variable. No it didint.
Then i find out that it also didint change $errorLevel.
Then i checked all variables and find out that $quearyResults is empty, but mysql_error() was also empty. So it connects to db but query is empty

Member Avatar
pritaeas
mod_pritaeas
11,289 posts since Jul 2006
Reputation Points: 1,420 [?]
Q&As Helped to Solve: 1,832 [?]
Skill Endorsements: 154 [?]
Moderator
Featured
Sponsor
 
0
 

I suggest you start adding echo's in your functions, so you can find out exactly what is happening.

Member Avatar
Fest3er
Posting Whiz in Training
242 posts since Aug 2007
Reputation Points: 39 [?]
Q&As Helped to Solve: 35 [?]
Skill Endorsements: 0 [?]
 
0
 

One thing popped out at me, but it's been a while since I've written PHP code, and my memory is a little hazy. Is this line correct?

$login->try_log_in($_POST[userName], $_POST[password]);

That is, does it actually pass the username and password into your class functions?

Member Avatar
welkam
Newbie Poster
8 posts since May 2010
Reputation Points: 0 [?]
Q&As Helped to Solve: 1 [?]
Skill Endorsements: 0 [?]
 
0
 

One thing popped out at me, but it's been a while since I've written PHP code, and my memory is a little hazy. Is this line correct?

$login->try_log_in($_POST[userName], $_POST[password]);

That is, does it actually pass the username and password into your class functions?

Yes it does.

Problem was that i created table of ints to store characters. These kind of problems is hard to find and i was looking for mine over a day. Thx everyone for help :)

Question Answered as of 2 Years Ago by pritaeas and Fest3er
You
This question has already been solved: Start a new discussion instead
Post:
Start New Discussion
View similar articles that have also been tagged: