I have a simple login module wherein I enter login info to a database. After that, I use another file, loginauth.php which validates the login info. However, I am getting the else statement executed. Can somebody point out what's wrong.

<?php
session_start();

if (isset($_POST['userid']) && isset($_POST['password']))
{
$userid = trim($_POST['userid']);
$password = trim($_POST['password']);
$con = new mysqli("internal-db.s110820.gridserver.com","db110820","Solved!2$$");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }



$query = "SELECT * from Login WHERE trim(email) = '$userid' and trim(password) = '$password'";

$result = $con->query($query);
if ($result->num_rows)
{
$_SESSION['valid_user']=$userid;
}
$con->close();
}
?>

<html>
<body>
<h1>Home Page<h2>
<?php
if (isset($_SESSION['valid_user']))
{
echo 'You are logged in as : '.$_SESSION['valid_user'].' <br/>';
echo '<a href = "logout.php">Log out</a><br>';
}
else 
{
if (isset($userid))
{
echo 'Could not log you in . <br/>';
}
}


?>

</body>
</html>
Member Avatar for diafol

I don't know the specifics of your 'mysql' object, but this may need a look:

$result->num_rows

Does it need to be?

$result->num_rows > 0

I can't see that it would be wrong, but ...

I don't know the specifics of your 'mysql' object, but this may need a look:

$result->num_rows

Does it need to be?

$result->num_rows > 0

I can't see that it would be wrong, but ...

Sorry, but this did not work. I have ut the following debugging code in my script. When I execute that I get the following error

$info = mysql_fetch_array( $result );
echo "Print".$info."Print";

the error it generates is Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in

I am now doubting if my SQL query is right. Can you pls take a second look at my sql query?
Thanks
Raghu

Member Avatar for diafol

$info = mysql_fetch_array( $result );
echo "Print".$info."Print";

You can't this, as it's not a string. You need to access the individual field, e.g. $info or $info.

$info = mysql_fetch_array( $result );
echo "Print".$info."Print";

You can't this, as it's not a string. You need to access the individual field, e.g. $info or $info.

either way, the error remains the same. I am not getting any output.

either way, the error remains the same. I am not getting any output.

I changed the following piece of code

$result = $con->query($query);

to

$result = $con->query($query)or die(mysql_error());

Now the error warning is gone, but still it does not appear to go into the if loop and display "u r logged in " message.

Member Avatar for diafol

Looks like OOP-style mysqli - I must have missed that in the first post. Sorry, can't help you, I have no experience of it (nor wish to I'm afraid). Anybody else?

Looks like OOP-style mysqli - I must have missed that in the first post. Sorry, can't help you, I have no experience of it (nor wish to I'm afraid). Anybody else?

I will try and change it to the procedural way. let me see how it goes.

Looks like OOP-style mysqli - I must have missed that in the first post. Sorry, can't help you, I have no experience of it (nor wish to I'm afraid). Anybody else?

I changed the code from OOP style to procedural style. Now everthing is fine.
My final code looks as follows

<?php
session_start();
if (isset($_POST['userid']) && isset($_POST['password']))
{
$userid = trim($_POST['userid']);
$password = trim($_POST['password']);
}
$con = mysql_connect("internal-db.s110820.gridserver.com","db110820","Solved!2$$");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("db110820_AppCreator", $con);

$query = "SELECT * from Login WHERE trim(email) = '$userid' and trim(password) = '$password'";

$result = mysql_query($query);
while($info = mysql_fetch_array($result))
   { 
echo $info['email'];
    echo $info['password'];
}  

$num_rows = mysql_num_rows($result);



echo $num_rows;


if($num_rows >0)
{

$_SESSION['valid_user']=$userid;

}
mysql_close($con)

?>

<html>
<body>
<h1>Home Page<h2>
<?php
if (isset($_SESSION['valid_user']))
{
echo 'You are logged in as : '.$_SESSION['valid_user'].' <br/>';
echo '<a href = "logout.php">Log out</a><br>';
}
else 
{
if (isset($userid))
{
echo 'Could not log you in . <br/>';
}
}


?>

</body>
</html>

Thanks ardav for all your help

if i may add in, a couple of points. (refering to ur original code)
1-

$con = new mysqli("internal-db.s110820.gridserver.com","db110820","Solved!2$$"); //is only the connetion. the database needs to be selected
$con->select_db("dbname");

2- the way u've coded mysqli_stmt::num_rows wont work i think. u first need to store the result if u wanna use num_rows. otherwise num_rows will return 0 always. eg usage:

$qry = "select * from login where trim(email)='{$email}' and password = '{$pass}'";
$result = $con->prepare($qry);
$result->execute();
$result->store_result();
if($result->num_rows){
 .
 .
//as ardav suggested id also suggest to use num_rows>0 or num_rows==1 
}

u could also use the code u r using, but instead of num_rows, use affected_rows
i.d

if($con->affected_rows ==0){
//do task
//BUT still u needa select the db. 
}

hope this helps.

if i may add in, a couple of points. (refering to ur original code)
1-

$con = new mysqli("internal-db.s110820.gridserver.com","db110820","Solved!2$$"); //is only the connetion. the database needs to be selected
$con->select_db("dbname");

2- the way u've coded mysqli_stmt::num_rows wont work i think. u first need to store the result if u wanna use num_rows. otherwise num_rows will return 0 always. eg usage:

$qry = "select * from login where trim(email)='{$email}' and password = '{$pass}'";
$result = $con->prepare($qry);
$result->execute();
$result->store_result();
if($result->num_rows){
 .
 .
//as ardav suggested id also suggest to use num_rows>0 or num_rows==1 
}

u could also use the code u r using, but instead of num_rows, use affected_rows
i.d

if($con->affected_rows ==0){
//do task
//BUT still u needa select the db. 
}

hope this helps.

Thanks. Your points noted. Yes, I was not selecting the DB, but I am doing so in the procedural way. Procedural to OOP is daunting.

Member Avatar for diafol

Sorry, just to clarify, you started using mysqli - which I've never used. MySQL OOP is not something I'd want to discourage anybody from using. Sorry if I gave that impression.

Sorry, just to clarify, you started using mysqli - which I've never used. MySQL OOP is not something I'd want to discourage anybody from using. Sorry if I gave that impression.

No problem. I also did not mean that OOP style was the problem. OOP in PHP is new and so difficult to troubleshoot.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.