0

i have problem in this script below.

the login box and the registration form was unable to connect to the database:

after entering my username and password the respond from my login.php is:

SELECT * FROM members WHERE email = '' AND password = ''Query failed

below is my login-exec.php script

2
Contributors
3
Replies
14
Views
4 Years
Discussion Span
Last Post by cereal
0
<?php
    //Start session
    session_start();

    //Include database connection details
    require_once('config.php');

    //Array to store validation errors
    $errmsg_arr = array();

    //Validation error flag
    $errflag = false;

    //Connect to mysql server
    $link = mysql_connect('localhost','flasycom',"alorasealord101");
    if(!$link) {
        die('Failed to connect to server: ' . mysql_error());
    }

    //Select database
    $db = mysql_select_db(flasycom_flashysky, $link);
    if(!$db) {
        die("Unable to select database");
    }

    //Function to sanitize values received from the form. Prevents SQL injection
    function clean($str) {
        $str = @trim($str);
        if(get_magic_quotes_gpc()) {
            $str = stripslashes($str);
        }
        return mysql_real_escape_string($str);
    }

    //Sanitize the POST values
    $login = clean($_POST['login']);
    $password = clean($_POST['password']);

    //Input Validations
    if($login == '') {
        $errmsg_arr[] = 'Login ID missing';
        $errflag = true;
    }
    if($password == '') {
        $errmsg_arr[] = 'Password missing';
        $errflag = true;
    }

    //If there are input validations, redirect back to the login form
    if($errflag) {
        $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
        session_write_close();
        header("location: index.php");
        exit();
    }

    //Create query
    $qry="SELECT * FROM members WHERE UserName='$login' AND Password='$password'";
    $result=mysql_query($qry);

    //Check whether the query was successful or not
    if($result) {
        if(mysql_num_rows($result) > 0) {
            //Login Successful
            session_regenerate_id();
            $member = mysql_fetch_assoc($result);
            $_SESSION['SESS_MEMBER_ID'] = $member['member_id'];
            $_SESSION['SESS_FIRST_NAME'] = $member['FirstName'];
            $_SESSION['SESS_LAST_NAME'] = $member['profImage'];
            //$_SESSION['SESS_PRO_PIC'] = $member['profImage'];
            session_write_close();
            header("location: lol.php");
            exit();
        }else {
            //Login failed
            header("location: login-failed.php");
            exit();
        }
    }else {
        die("Query failed");
    }
?>
0

config.php

<?php
    //#################################################################
    //Only edit the following 4 varibles
    $SQLhost = /* SQL Host */ 'localhost';
    $SQLuser = /* SQL Username */ 'flasycom';
    $SQLpass = /* SQL Password */ 'alorasealord101';
    $SQLdb = /* SQL Database */ 'flasycom_flashysky';
    //#################################################################
    // DO NOT EDIT - editing this can/will break the connection string.
    $con = mysql_connect("$SQLhost","$SQLuser","$SQLpass") or die (mysql_error());
    mysql_select_db("$SQLdb") or die (mysql_error());
    //#################################################################
    ?>

register-exec.php

<?php
    //Start session
    session_start();

    //Include database connection details
    require_once('config.php');

    //Array to store validation errors
    $errmsg_arr = array();

    //Validation error flag
    $errflag = false;

    //Connect to mysql server
    $link = mysql_connect('localhost','flasycom',"alorasealord101");
    if(!$link) {
        die('Failed to connect to server: ' . mysql_error());
    }

    //Select database
    $db = mysql_select_db(flasycom_flashysky, $link);
    if(!$db) {
        die("Unable to select database");
    }

    //Function to sanitize values received from the form. Prevents SQL injection
    function clean($str) {
        $str = @trim($str);
        if(get_magic_quotes_gpc()) {
            $str = stripslashes($str);
        }
        return mysql_real_escape_string($str);
    }

    //Sanitize the POST values
    $fname = clean($_POST['fname']);
    $lname = clean($_POST['lname']);
    $login = clean($_POST['login']);
    $password = clean($_POST['password']);
    $cpassword = clean($_POST['cpassword']);
    $address = clean($_POST['address']);
    $cnumber = clean($_POST['cnumber']);
    $email = clean($_POST['email']);
    $gender = clean($_POST['gender']);
    //$bdate = clean($_POST['bdate']);

    $propic = clean($_POST['propic']);
    $bday=$_POST['month'] . "/" . $_POST['day'] . "/" . $_POST['year'];
    $month=$_POST['month'];
    $day=$_POST['day'];
    $year=$_POST['year'];
    //Input Validations

    /*if($bdate == '') {
        $errmsg_arr[] = 'birthdate field is  missing';
        $errflag = true;
    }*/
    if($month == '') {
        $errmsg_arr[] = 'month field is  missing';
        $errflag = true;
    }
    if($day == '') {
        $errmsg_arr[] = 'day field is  missing';
        $errflag = true;
    }
    if($year == '') {
        $errmsg_arr[] = 'year field is  missing';
        $errflag = true;
    }
    if($gender == '') {
        $errmsg_arr[] = 'gender field is  missing';
        $errflag = true;
    }
    if($email == '') {
        $errmsg_arr[] = 'email field is  missing';
        $errflag = true;
    }
    if($cnumber == '') {
        $errmsg_arr[] = 'contactnumber field is  missing';
        $errflag = true;
    }
    if($address == '') {
        $errmsg_arr[] = 'address field is  missing';
        $errflag = true;
    }
    if($fname == '') {
        $errmsg_arr[] = 'First name missing';
        $errflag = true;
    }
    if($lname == '') {
        $errmsg_arr[] = 'Last name missing';
        $errflag = true;
    }
    if($login == '') {
        $errmsg_arr[] = 'Login ID missing';
        $errflag = true;
    }
    if($password == '') {
        $errmsg_arr[] = 'Password missing';
        $errflag = true;
    }
    if($cpassword == '') {
        $errmsg_arr[] = 'Confirm password missing';
        $errflag = true;
    }
    if( strcmp($password, $cpassword) != 0 ) {
        $errmsg_arr[] = 'Passwords do not match';
        $errflag = true;
    }

    //Check for duplicate login ID
    if($login != '') {
        $qry = "SELECT * FROM members WHERE UserName='$login'";
        $result = mysql_query($qry);
        if($result) {
            if(mysql_num_rows($result) > 0) {
                $errmsg_arr[] = 'UserName already in use';
                $errflag = true;
            }
            @mysql_free_result($result);
        }
        else {
            die("Query failed");
        }
    }

    //If there are input validations, redirect back to the registration form
    if($errflag) {
        $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
        session_write_close();
        header("location: index.php");
        exit();
    }

    //Create INSERT query
    $qry = "INSERT INTO members(`UserName`,`Password`,`FirstName`,`LastName`,`Address`,`ContactNo`,`Url`,`Birthdate`,`Gender`,`profImage`,`curcity`, `month`,`day`,`year`) VALUES('$login','$password','$fname','$lname','$address','$cnumber','$email','$bday','$gender','$propic','$address','$month','$day','$year','$login','$password','$fname','$lname','$address','$cnumber')";
    $result = @mysql_query($qry);

    //Check whether the query was successful or not
    if($result) {
    $errmsg_arr[] = 'Success You can now log-in to FlashySky';
        $errflag = true;
        if($errflag) {
        $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
        session_write_close();
        header("location: lol.php");
        exit();
    }

        session_regenerate_id();
            $member = mysql_fetch_assoc($result);
            $_SESSION['SESS_MEMBER_ID'] = $member['member_id'];
            $_SESSION['SESS_FIRST_NAME'] = $member['FirstName'];
            $_SESSION['SESS_LAST_NAME'] = $member['profImage'];
            //$_SESSION['SESS_PRO_PIC'] = $member['profImage'];
            session_write_close();

        header("location: index.php");
        exit();
    }else {
        die("Query failed");
    }
?>

index.php

<?php
    //Start session
    session_start();

    //Unset the variables stored in session
    unset($_SESSION['SESS_MEMBER_ID']);
    unset($_SESSION['SESS_FIRST_NAME']);
    unset($_SESSION['SESS_LAST_NAME']);
?>

<?php
include("SQLConfig.php");


$result = mysql_query("SELECT * FROM profile ORDER BY RAND()
");
if(isset($_SESSION["logid"]))
{
    header("Location: lol.php");
}
$i=0;
while($row = mysql_fetch_array($result))
  {
$img[$i] = $row["image"];
$uid[$i] = $row["userid"];
$i++;
  }


?>
<script language="javascript">

 function reg()
{
        ml = document.registration.email.value;
        pos1 = ml.indexOf("@")
        pos = ml.indexOf(" ")
        pos2 = (pos1+1)
        server = ml.substring(pos2);
        server_pos = server.lastIndexOf(".")
        reqtype = server.substring(server_pos+1)
        type_end = reqtype.substring(reqtype.length-1)

    if(document.registration.fname.value=="")
    {
        alert("Please enter first name");
        document.registration.fname.focus();
        document.registration.fname.select();
        return false;
    }
    else if(document.registration.lname.value=="")
    {
        alert("Please enter last name");
        document.registration.lname.focus();
        document.registration.lname.select();
        return false;
    }
    else if(ml == "")
    {
        document.registration.email.focus();
        document.registration.email.select();
        alert("Email cannot be blank");
        return false;                
    }


        else if(ml.indexOf("@")==-1)
        {
            document.registration.email.focus();
            document.registration.email.select();
            alert("The Email Address must contain '@' sign");
            return false;  
        }
        else if(pos1<1)
        {
            document.registration.email.focus();
            document.registration.email.select();
            alert("Email address cannot start with '@' sign");
            return false;  
        }  
        else if(ml.indexOf(".")==-1)
        {
            document.registration.email.focus();
            document.registration.email.select();
            alert("The Email Address must contain '.' sign");
            return false;  
        }
        else if(pos!=-1)
        {
            document.registration.email.focus();
            document.registration.email.select();
            alert("The Email Address cannot contain spaces");
            return false;  
        }
        else if(server.indexOf("@")!=-1)
        {
            document.registration.email.focus();
            document.registration.email.select();
            alert("A valid Email must contain only one '@' sign");
            return false;  
        } 
        else if(server.indexOf(".")==0)
        {
            document.registration.email.focus();
            document.registration.email.select();
            alert("There should some text between '@' and '.' sign");
            return false;  
        } 
        else if(reqtype=="")
        {  
            document.registration.email.focus();
            document.registration.email.select();
            alert("Email Id should end with character(like .com,.net,.org)");
            return false;  
        }
        else if(type_end.toUpperCase()<"A" || type_end.toUpperCase()>"Z")
        {
            document.registration.email.focus();
            document.registration.email.select();
            alert("Email Id should not end with number or symbol");
            return false;  
        }
    else if(document.registration.login.value=="")
    {
        alert("Please enter Username");
        document.registration.login.focus();
        document.registration.login.select();
        return false;
    }

    else if(document.registration.password.value=="")
    {
        alert("Please enter password");
        document.registration.password.focus();
        document.registration.password.select();
        return false;
    }
    else if(document.registration.password.value.length<8)
    {
        alert("The minimum length of the password is 8 characters...");
        document.registration.pass.focus();
        document.registration.pass.select();
        return false;
    }
    else if(document.registration.password.value != document.registration.cpassword.value)
    {
        alert("Password and confirm password is not matching");
        document.registration.cpassword.value="";
        document.registration.cpassword.focus();
        document.registration.password.select();
        return false;
    }
    else if(document.registration.Date.value=="DD")
        {
            alert("Please select Date");
        document.registration.Date.focus();
        return false;
        }
        else if(document.registration.month.value=="Month")
        {
            alert("Please select Month");
        document.registration.month.focus();
        return false;
        }
        else if(document.registration.Year.value=="Year")
        {
            alert("Please select Year");
        document.registration.Year.focus();
        return false;
        }

    else
        {
        return true;
        }   
}
    </script>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<link rel="icon" href="images/FlashySky_icon.gif" type="image" />
<link rel="shortcut icon" href="images/FlashySky_icon.gif" type="image" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="Keywords" content="">
<meta name="Description" content="">
<title>Welcome to FlashySky: ...we connect you to the world</title>
<style type="text/css">
<!--
body {
    background-image: url(images/bg.jpg);
    background-repeat: repeat-x;
    background-color: #FFFFCC;
}
#Layer1 {
    position:absolute;
    width:200px;
    height:115px;
    z-index:1;
}
-->
</style>
<link href="just many.css" rel="stylesheet" type="text/css">
<style type="text/css">
<!--
.style1 {
    font-size: 16px;
    font-weight: bold;
    font-style: italic;
    color: #FFFFFF;
}
-->
</style>
</head>

<body>
<div class="longpic">
  <div align="center"><img name="" src="images/main.png" width="245" height="474" alt="">
  </div>
  <div class="signup">Register</div>
    <div class="form2">
      <table width="298" border="0" cellpadding="5" cellspacing="0" bordercolor="#FFFF99" bgcolor="#FFFF99">
        <form id="registration" name="registration" method="post" action="regester.php" onSubmit="return reg()">
          <tr>
            <td width="74" height="44">First Name:</td>
            <td width="204"><input name="fname" type="text" id="fname" value="" size="30"></td>
          </tr>
          <tr>
            <td height="42">Last Name:</td>
            <td><input name="lname" type="text" id="lname" value="" size="30"></td>
          </tr>
          <tr>
            <td height="45">Username:</td>
            <td><input name="login" type="text" id="login" value="" size="30"></td>
          </tr>
          <tr>
            <td height="45">Mobile:</td>
            <td><input name="cnumber" type="text" id="cnumber" value="" size="30"></td>
          </tr>
          <tr>
            <td height="45">Address:</td>
            <td><input name="address" type="text" id="address" value="" size="30"></td>
          </tr>
          <tr>
            <td height="45">Email:</td>
            <td><input name="email" type="text" id="email" value="" size="30"></td>
          </tr>
          <tr>
            <td height="47">Password:</td>
            <td><input name="password" type="Password" id="password" size="30"></td>
          </tr>
          <tr>
            <td height="48">Confirm:</td>
            <td><input name="cpassword" type="Password" id="cpassword" size="30"></td>
          </tr>
          <tr>
            <td height="32">I am:</td>
            <td><label>
              <input name="gen" type="radio"  value="Male" checked="checked" />
              Male</label>
                <input type="radio" name="gen"  value="Female" />
              Female</td>
          </tr>
          <tr>
            <td height="66" colspan="2">Date of Birth: &nbsp;&nbsp;&nbsp;
                <select name="Date" >
                  <option>DD</option>
                  <?php
for($i=1; $i<= 31; $i++)
{
echo "<option value='$i'>$i</option>";
}
?>
                </select>
                <select name="month">
                  <option>Month</option>
                  <option value="01">Jan</option>
                  <option value="02">Feb</option>
                  <option value="03">Mar</option>
                  <option value="04">Apr</option>
                  <option value="05">May</option>
                  <option value="06">Jun</option>
                  <option value="07">Jul</option>
                  <option value="08">Aug</option>
                  <option value="09">Sep</option>
                  <option value="10">Oct</option>
                  <option value="11">Nov</option>
                  <option value="12">Dec</option>
                </select>
                <select name="Year">
                  <option value="Year">Year</option>
                  <?php
for($i=1935; $i< 2014; $i++)
{
echo "<option value='$i'>$i</option>";
}
?>
              </select></td>
          </tr>
          <tr>
            <td height="66" colspan="2" valign="top"><label>
              <input name="agreed" type="checkbox" id="agreed" value="agreed" checked>
            I have agreed the terms and condition of FlashySky.com </label></td>
          </tr>
          <tr>
            <td><input class=button type="submit" name="button2" value="Register"></td>
          </tr>
        </form>
      </table>
    </div>
</div>
<div class="headcontainer">
  <div class="leftlogo"><img name="" src="images/logo.gif" width="229" height="81" alt=""><br>
    ...we connect you to the world </div>
  <div class="smallform">
    <table border="0" align="right" cellpadding="5" cellspacing="0">
      <form name="loginform" method=post action="login.php">
        <tr>
          <td>Username</td>
          <td><input name="email" type="text" id="email" value="" size="13"></td>
        </tr>
        <tr>
          <td>Password</td>
          <td><input type="Password" name="password" size="13"></td>
        </tr>
        <tr>
          <td><input class=button type="submit" name="Submit" value="Log In"></td>
        </tr>
      </form>
    </table>
  </div>
  <br>
    <br>
    <br>
    <br>
    <br>
    <br>
</div>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<div class="share"><img name="" src="images/pic.png" width="518" height="137" alt=""></div>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<div class="member">
  <div class="titlehead">&nbsp;&nbsp;Meet New Friends </div>
  <br>
<br>

    <div class="pic">
      <div align="center"><img name="" src="images/user4.jpg" width="100" height="150" alt=""><br>
        Mary Bella
        <br>
        Age: 19
        <br>
        USA<br>

      </div>
  </div>
  <div class="user">
    <div align="center"><img name="" src="images/yinka 4.jpg" width="120" height="148" alt="">Esther Olayinka    <br>
      Age: 21 <br>
    Nigeria</div>
  </div>
    <div class="user">
      <div align="center"><img name="" src="images/user3.jpg" width="100" height="150" alt=""><br>
      Linda Sexy
        <br>
   Age: 20
New York    </div>
  </div>

    <div class="user">
      <div align="center"><img src="images/user2.jpg" width="100" height="150" alt=""><br>
        Adam Nike
        Age: 28
        New York<br>
        <br>
      </div>
    </div>
    <p><br>  
        <br>  
      <br>  
      <br>  
      <br>
    </p>
    <p><br>
        <br>
        <br>
      <br>  
      <br>
  </p>
</div>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<div class="member">
  <div class="titlehead">&nbsp;&nbsp;Ads</div>
  <br><br>
  <div class="firstbanner">
    <div class="level">
    <style>
.messagestyle{
    font-family:Arial;
    font-size:9px;
    color:white;
    text-align:center;
    position:absolute;
    bottom:0px;
    vertical-align:middle;
    margin:0px;
    line-height:15px;
    height:30px;
}

</style>
      <script>
// CREDITS:
// Slideshow with with lamellar effect
// by Peter Gehrig
// Copyright (c) 2010 Peter Gehrig. All rights reserved.
// Permission given to use the script provided that this notice remains as is.
// Additional scripts can be found at http://www.fabulant.com
// 03/01/2010

// IMPORTANT:
// If you add this script to a script-library or script-archive
// you have to add a link to http://www.fabulant.com on the webpage
// where this script will be running.

// CONFIGURATION:
// Go to http://www.fabulant.com and get the original code
// with step-by-step instructions and copy-and-paste installation.

// your pictures. Add as many pictures a you like. In this case the pictures are in the same directory as the HTML-file.

var pictures = [
    { src : 'images/yellowrise.jpg',
      msg : ' ',
      url : '#'
    },
    { src : 'images/lotto.png',
        msg : '',
        url : '#'
    },
    { src : 'images/egoyield.jpg',
        msg : '',
        url : ''
    }
];

// target of the picture-links ("_blank", "_top", "_self", "_parent" or "nameOfYourFrame")
var target_url="_self"

// number of lamellas.
var x_slices=5

// width of slideshow
var slideshow_width=200

// height of slideshow
var slideshow_height=100

// height of messagebox
var message_height=50

// pause beween the pictures (seconds)
var pause=10
// - End of JavaScript - -->
</script>
    <script src="js/slideshow-lamellar.js"></script></div>
    <div class="level"><img name="" src="images/ads.png" width="200" height="150" alt=""></div>
  </div>
  <div class="firstbanner"></div>
</div>
<p><br>
  <br>
  <br>
  <br>
  <br>
  <br>
  <br>
  <br>
  <br><br>
  <br>
<br><br>
<br>
<br>
<br><br>
<br>
<br>
<br><br>
 <?php include("footer.php"); ?>
</body>
</html>

thanks, your support is appreciated.

0

Hi,

on line 59 change this:

$result=mysql_query($qry);

to:

$result=mysql_query($qry) or die(mysql_error());

This will display the details of the error, check if it helps to solve the problem, bye!

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.