i have problem in this script below.
the login box and the registration form was unable to connect to the database:
after entering my username and password the respond from my login.php is:
SELECT * FROM members WHERE email = '' AND password = ''Query failed
below is my login-exec.php script
<?php
//Start session
session_start();
//Include database connection details
require_once('config.php');
//Array to store validation errors
$errmsg_arr = array();
//Validation error flag
$errflag = false;
//Connect to mysql server
$link = mysql_connect('localhost','flasycom',"alorasealord101");
if(!$link) {
die('Failed to connect to server: ' . mysql_error());
}
//Select database
$db = mysql_select_db(flasycom_flashysky, $link);
if(!$db) {
die("Unable to select database");
}
//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
//Sanitize the POST values
$login = clean($_POST['login']);
$password = clean($_POST['password']);
//Input Validations
if($login == '') {
$errmsg_arr[] = 'Login ID missing';
$errflag = true;
}
if($password == '') {
$errmsg_arr[] = 'Password missing';
$errflag = true;
}
//If there are input validations, redirect back to the login form
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: index.php");
exit();
}
//Create query
$qry="SELECT * FROM members WHERE UserName='$login' AND Password='$password'";
$result=mysql_query($qry);
//Check whether the query was successful or not
if($result) {
if(mysql_num_rows($result) > 0) {
//Login Successful
session_regenerate_id();
$member = mysql_fetch_assoc($result);
$_SESSION['SESS_MEMBER_ID'] = $member['member_id'];
$_SESSION['SESS_FIRST_NAME'] = $member['FirstName'];
$_SESSION['SESS_LAST_NAME'] = $member['profImage'];
//$_SESSION['SESS_PRO_PIC'] = $member['profImage'];
session_write_close();
header("location: lol.php");
exit();
}else {
//Login failed
header("location: login-failed.php");
exit();
}
}else {
die("Query failed");
}
?>
config.php
<?php
//#################################################################
//Only edit the following 4 varibles
$SQLhost = /* SQL Host */ 'localhost';
$SQLuser = /* SQL Username */ 'flasycom';
$SQLpass = /* SQL Password */ 'alorasealord101';
$SQLdb = /* SQL Database */ 'flasycom_flashysky';
//#################################################################
// DO NOT EDIT - editing this can/will break the connection string.
$con = mysql_connect("$SQLhost","$SQLuser","$SQLpass") or die (mysql_error());
mysql_select_db("$SQLdb") or die (mysql_error());
//#################################################################
?>
register-exec.php
<?php
//Start session
session_start();
//Include database connection details
require_once('config.php');
//Array to store validation errors
$errmsg_arr = array();
//Validation error flag
$errflag = false;
//Connect to mysql server
$link = mysql_connect('localhost','flasycom',"alorasealord101");
if(!$link) {
die('Failed to connect to server: ' . mysql_error());
}
//Select database
$db = mysql_select_db(flasycom_flashysky, $link);
if(!$db) {
die("Unable to select database");
}
//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
//Sanitize the POST values
$fname = clean($_POST['fname']);
$lname = clean($_POST['lname']);
$login = clean($_POST['login']);
$password = clean($_POST['password']);
$cpassword = clean($_POST['cpassword']);
$address = clean($_POST['address']);
$cnumber = clean($_POST['cnumber']);
$email = clean($_POST['email']);
$gender = clean($_POST['gender']);
//$bdate = clean($_POST['bdate']);
$propic = clean($_POST['propic']);
$bday=$_POST['month'] . "/" . $_POST['day'] . "/" . $_POST['year'];
$month=$_POST['month'];
$day=$_POST['day'];
$year=$_POST['year'];
//Input Validations
/*if($bdate == '') {
$errmsg_arr[] = 'birthdate field is missing';
$errflag = true;
}*/
if($month == '') {
$errmsg_arr[] = 'month field is missing';
$errflag = true;
}
if($day == '') {
$errmsg_arr[] = 'day field is missing';
$errflag = true;
}
if($year == '') {
$errmsg_arr[] = 'year field is missing';
$errflag = true;
}
if($gender == '') {
$errmsg_arr[] = 'gender field is missing';
$errflag = true;
}
if($email == '') {
$errmsg_arr[] = 'email field is missing';
$errflag = true;
}
if($cnumber == '') {
$errmsg_arr[] = 'contactnumber field is missing';
$errflag = true;
}
if($address == '') {
$errmsg_arr[] = 'address field is missing';
$errflag = true;
}
if($fname == '') {
$errmsg_arr[] = 'First name missing';
$errflag = true;
}
if($lname == '') {
$errmsg_arr[] = 'Last name missing';
$errflag = true;
}
if($login == '') {
$errmsg_arr[] = 'Login ID missing';
$errflag = true;
}
if($password == '') {
$errmsg_arr[] = 'Password missing';
$errflag = true;
}
if($cpassword == '') {
$errmsg_arr[] = 'Confirm password missing';
$errflag = true;
}
if( strcmp($password, $cpassword) != 0 ) {
$errmsg_arr[] = 'Passwords do not match';
$errflag = true;
}
//Check for duplicate login ID
if($login != '') {
$qry = "SELECT * FROM members WHERE UserName='$login'";
$result = mysql_query($qry);
if($result) {
if(mysql_num_rows($result) > 0) {
$errmsg_arr[] = 'UserName already in use';
$errflag = true;
}
@mysql_free_result($result);
}
else {
die("Query failed");
}
}
//If there are input validations, redirect back to the registration form
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: index.php");
exit();
}
//Create INSERT query
$qry = "INSERT INTO members(`UserName`,`Password`,`FirstName`,`LastName`,`Address`,`ContactNo`,`Url`,`Birthdate`,`Gender`,`profImage`,`curcity`, `month`,`day`,`year`) VALUES('$login','$password','$fname','$lname','$address','$cnumber','$email','$bday','$gender','$propic','$address','$month','$day','$year','$login','$password','$fname','$lname','$address','$cnumber')";
$result = @mysql_query($qry);
//Check whether the query was successful or not
if($result) {
$errmsg_arr[] = 'Success You can now log-in to FlashySky';
$errflag = true;
if($errflag) {
$_SESSION['ERRMSG_ARR'] = $errmsg_arr;
session_write_close();
header("location: lol.php");
exit();
}
session_regenerate_id();
$member = mysql_fetch_assoc($result);
$_SESSION['SESS_MEMBER_ID'] = $member['member_id'];
$_SESSION['SESS_FIRST_NAME'] = $member['FirstName'];
$_SESSION['SESS_LAST_NAME'] = $member['profImage'];
//$_SESSION['SESS_PRO_PIC'] = $member['profImage'];
session_write_close();
header("location: index.php");
exit();
}else {
die("Query failed");
}
?>
index.php
<?php
//Start session
session_start();
//Unset the variables stored in session
unset($_SESSION['SESS_MEMBER_ID']);
unset($_SESSION['SESS_FIRST_NAME']);
unset($_SESSION['SESS_LAST_NAME']);
?>
<?php
include("SQLConfig.php");
$result = mysql_query("SELECT * FROM profile ORDER BY RAND()
");
if(isset($_SESSION["logid"]))
{
header("Location: lol.php");
}
$i=0;
while($row = mysql_fetch_array($result))
{
$img[$i] = $row["image"];
$uid[$i] = $row["userid"];
$i++;
}
?>
<script language="javascript">
function reg()
{
ml = document.registration.email.value;
pos1 = ml.indexOf("@")
pos = ml.indexOf(" ")
pos2 = (pos1+1)
server = ml.substring(pos2);
server_pos = server.lastIndexOf(".")
reqtype = server.substring(server_pos+1)
type_end = reqtype.substring(reqtype.length-1)
if(document.registration.fname.value=="")
{
alert("Please enter first name");
document.registration.fname.focus();
document.registration.fname.select();
return false;
}
else if(document.registration.lname.value=="")
{
alert("Please enter last name");
document.registration.lname.focus();
document.registration.lname.select();
return false;
}
else if(ml == "")
{
document.registration.email.focus();
document.registration.email.select();
alert("Email cannot be blank");
return false;
}
else if(ml.indexOf("@")==-1)
{
document.registration.email.focus();
document.registration.email.select();
alert("The Email Address must contain '@' sign");
return false;
}
else if(pos1<1)
{
document.registration.email.focus();
document.registration.email.select();
alert("Email address cannot start with '@' sign");
return false;
}
else if(ml.indexOf(".")==-1)
{
document.registration.email.focus();
document.registration.email.select();
alert("The Email Address must contain '.' sign");
return false;
}
else if(pos!=-1)
{
document.registration.email.focus();
document.registration.email.select();
alert("The Email Address cannot contain spaces");
return false;
}
else if(server.indexOf("@")!=-1)
{
document.registration.email.focus();
document.registration.email.select();
alert("A valid Email must contain only one '@' sign");
return false;
}
else if(server.indexOf(".")==0)
{
document.registration.email.focus();
document.registration.email.select();
alert("There should some text between '@' and '.' sign");
return false;
}
else if(reqtype=="")
{
document.registration.email.focus();
document.registration.email.select();
alert("Email Id should end with character(like .com,.net,.org)");
return false;
}
else if(type_end.toUpperCase()<"A" || type_end.toUpperCase()>"Z")
{
document.registration.email.focus();
document.registration.email.select();
alert("Email Id should not end with number or symbol");
return false;
}
else if(document.registration.login.value=="")
{
alert("Please enter Username");
document.registration.login.focus();
document.registration.login.select();
return false;
}
else if(document.registration.password.value=="")
{
alert("Please enter password");
document.registration.password.focus();
document.registration.password.select();
return false;
}
else if(document.registration.password.value.length<8)
{
alert("The minimum length of the password is 8 characters...");
document.registration.pass.focus();
document.registration.pass.select();
return false;
}
else if(document.registration.password.value != document.registration.cpassword.value)
{
alert("Password and confirm password is not matching");
document.registration.cpassword.value="";
document.registration.cpassword.focus();
document.registration.password.select();
return false;
}
else if(document.registration.Date.value=="DD")
{
alert("Please select Date");
document.registration.Date.focus();
return false;
}
else if(document.registration.month.value=="Month")
{
alert("Please select Month");
document.registration.month.focus();
return false;
}
else if(document.registration.Year.value=="Year")
{
alert("Please select Year");
document.registration.Year.focus();
return false;
}
else
{
return true;
}
}
</script>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<link rel="icon" href="images/FlashySky_icon.gif" type="image" />
<link rel="shortcut icon" href="images/FlashySky_icon.gif" type="image" />
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="Keywords" content="">
<meta name="Description" content="">
<title>Welcome to FlashySky: ...we connect you to the world</title>
<style type="text/css">
<!--
body {
background-image: url(images/bg.jpg);
background-repeat: repeat-x;
background-color: #FFFFCC;
}
#Layer1 {
position:absolute;
width:200px;
height:115px;
z-index:1;
}
-->
</style>
<link href="just many.css" rel="stylesheet" type="text/css">
<style type="text/css">
<!--
.style1 {
font-size: 16px;
font-weight: bold;
font-style: italic;
color: #FFFFFF;
}
-->
</style>
</head>
<body>
<div class="longpic">
<div align="center"><img name="" src="images/main.png" width="245" height="474" alt="">
</div>
<div class="signup">Register</div>
<div class="form2">
<table width="298" border="0" cellpadding="5" cellspacing="0" bordercolor="#FFFF99" bgcolor="#FFFF99">
<form id="registration" name="registration" method="post" action="regester.php" onSubmit="return reg()">
<tr>
<td width="74" height="44">First Name:</td>
<td width="204"><input name="fname" type="text" id="fname" value="" size="30"></td>
</tr>
<tr>
<td height="42">Last Name:</td>
<td><input name="lname" type="text" id="lname" value="" size="30"></td>
</tr>
<tr>
<td height="45">Username:</td>
<td><input name="login" type="text" id="login" value="" size="30"></td>
</tr>
<tr>
<td height="45">Mobile:</td>
<td><input name="cnumber" type="text" id="cnumber" value="" size="30"></td>
</tr>
<tr>
<td height="45">Address:</td>
<td><input name="address" type="text" id="address" value="" size="30"></td>
</tr>
<tr>
<td height="45">Email:</td>
<td><input name="email" type="text" id="email" value="" size="30"></td>
</tr>
<tr>
<td height="47">Password:</td>
<td><input name="password" type="Password" id="password" size="30"></td>
</tr>
<tr>
<td height="48">Confirm:</td>
<td><input name="cpassword" type="Password" id="cpassword" size="30"></td>
</tr>
<tr>
<td height="32">I am:</td>
<td><label>
<input name="gen" type="radio" value="Male" checked="checked" />
Male</label>
<input type="radio" name="gen" value="Female" />
Female</td>
</tr>
<tr>
<td height="66" colspan="2">Date of Birth:
<select name="Date" >
<option>DD</option>
<?php
for($i=1; $i<= 31; $i++)
{
echo "<option value='$i'>$i</option>";
}
?>
</select>
<select name="month">
<option>Month</option>
<option value="01">Jan</option>
<option value="02">Feb</option>
<option value="03">Mar</option>
<option value="04">Apr</option>
<option value="05">May</option>
<option value="06">Jun</option>
<option value="07">Jul</option>
<option value="08">Aug</option>
<option value="09">Sep</option>
<option value="10">Oct</option>
<option value="11">Nov</option>
<option value="12">Dec</option>
</select>
<select name="Year">
<option value="Year">Year</option>
<?php
for($i=1935; $i< 2014; $i++)
{
echo "<option value='$i'>$i</option>";
}
?>
</select></td>
</tr>
<tr>
<td height="66" colspan="2" valign="top"><label>
<input name="agreed" type="checkbox" id="agreed" value="agreed" checked>
I have agreed the terms and condition of FlashySky.com </label></td>
</tr>
<tr>
<td><input class=button type="submit" name="button2" value="Register"></td>
</tr>
</form>
</table>
</div>
</div>
<div class="headcontainer">
<div class="leftlogo"><img name="" src="images/logo.gif" width="229" height="81" alt=""><br>
...we connect you to the world </div>
<div class="smallform">
<table border="0" align="right" cellpadding="5" cellspacing="0">
<form name="loginform" method=post action="login.php">
<tr>
<td>Username</td>
<td><input name="email" type="text" id="email" value="" size="13"></td>
</tr>
<tr>
<td>Password</td>
<td><input type="Password" name="password" size="13"></td>
</tr>
<tr>
<td><input class=button type="submit" name="Submit" value="Log In"></td>
</tr>
</form>
</table>
</div>
<br>
<br>
<br>
<br>
<br>
<br>
</div>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<div class="share"><img name="" src="images/pic.png" width="518" height="137" alt=""></div>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<div class="member">
<div class="titlehead"> Meet New Friends </div>
<br>
<br>
<div class="pic">
<div align="center"><img name="" src="images/user4.jpg" width="100" height="150" alt=""><br>
Mary Bella
<br>
Age: 19
<br>
USA<br>
</div>
</div>
<div class="user">
<div align="center"><img name="" src="images/yinka 4.jpg" width="120" height="148" alt="">Esther Olayinka <br>
Age: 21 <br>
Nigeria</div>
</div>
<div class="user">
<div align="center"><img name="" src="images/user3.jpg" width="100" height="150" alt=""><br>
Linda Sexy
<br>
Age: 20
New York </div>
</div>
<div class="user">
<div align="center"><img src="images/user2.jpg" width="100" height="150" alt=""><br>
Adam Nike
Age: 28
New York<br>
<br>
</div>
</div>
<p><br>
<br>
<br>
<br>
<br>
</p>
<p><br>
<br>
<br>
<br>
<br>
</p>
</div>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<div class="member">
<div class="titlehead"> Ads</div>
<br><br>
<div class="firstbanner">
<div class="level">
<style>
.messagestyle{
font-family:Arial;
font-size:9px;
color:white;
text-align:center;
position:absolute;
bottom:0px;
vertical-align:middle;
margin:0px;
line-height:15px;
height:30px;
}
</style>
<script>
// CREDITS:
// Slideshow with with lamellar effect
// by Peter Gehrig
// Copyright (c) 2010 Peter Gehrig. All rights reserved.
// Permission given to use the script provided that this notice remains as is.
// Additional scripts can be found at http://www.fabulant.com
// 03/01/2010
// IMPORTANT:
// If you add this script to a script-library or script-archive
// you have to add a link to http://www.fabulant.com on the webpage
// where this script will be running.
// CONFIGURATION:
// Go to http://www.fabulant.com and get the original code
// with step-by-step instructions and copy-and-paste installation.
// your pictures. Add as many pictures a you like. In this case the pictures are in the same directory as the HTML-file.
var pictures = [
{ src : 'images/yellowrise.jpg',
msg : ' ',
url : '#'
},
{ src : 'images/lotto.png',
msg : '',
url : '#'
},
{ src : 'images/egoyield.jpg',
msg : '',
url : ''
}
];
// target of the picture-links ("_blank", "_top", "_self", "_parent" or "nameOfYourFrame")
var target_url="_self"
// number of lamellas.
var x_slices=5
// width of slideshow
var slideshow_width=200
// height of slideshow
var slideshow_height=100
// height of messagebox
var message_height=50
// pause beween the pictures (seconds)
var pause=10
// - End of JavaScript - -->
</script>
<script src="js/slideshow-lamellar.js"></script></div>
<div class="level"><img name="" src="images/ads.png" width="200" height="150" alt=""></div>
</div>
<div class="firstbanner"></div>
</div>
<p><br>
<br>
<br>
<br>
<br>
<br>
<br>
<br>
<br><br>
<br>
<br><br>
<br>
<br>
<br><br>
<br>
<br>
<br><br>
<?php include("footer.php"); ?>
</body>
</html>
thanks, your support is appreciated.
Hi,
on line 59 change this:
$result=mysql_query($qry);
to:
$result=mysql_query($qry) or die(mysql_error());
This will display the details of the error, check if it helps to solve the problem, bye!
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.