DB connect...

dokko · 6 Dec 2009 at 20:29

Having problems making this work, please help:

****************************************************

Login.php:

<?php
session_start();

require_once('dbcon.php');

try
{
$db = getConnection();

// Define $username and $password
$username=$_POST['username'];
$password=$_POST['password'];

$sql=("SELECT name, password FROM subscriber WHERE name='$username' and password='$password'");

$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $username and $password, table row must be 1 row
echo "$count" . "$username" . " " . "$password";
if($count==1){
// Register $username, $password and redirect to file "login_success.php"
session_register("username");
session_register("password");
echo "<META HTTP-EQUIV='Refresh' CONTENT='0; URL=login_success.php'>";
header("location:login_success.php");
}

//else {
//echo "Wrong Username or Password";
//}
}
catch( PDOException $e ) {
echo $e->getMessage();
}
?>

****************************************************

dbcon.php:

<?php
//connect to the database
function getConnection(){
$username = 'xxxxxxxxxx';
$password = 'xxxxxxxxx';
$dbname = 'xxxxxxxxxx';
$db = new PDO( "mysql:host=localhost;dbname=$dbname", $username, $password );
$db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
return $db;
}

?>

****************************************************

Error i'm getting: SQLSTATE[HY000] [2003] Can't connect to MySQL server on 'localhost' (10061)

Please please help!

dokko · 6 Dec 2009 at 21:07

slight change:

<?php
session_start();

require_once('dbcon.php');

try
{
$db = getConnection();

// Define $username and $password
$username=$_POST['username'];
$password=$_POST['password'];

$sql=("SELECT name, password FROM subscriber WHERE name='$username' and password='$password'");

//$result=mysql_query($sql);
$result = $db->$query

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
//If result matched $username and $password, table row must be 1 row
echo "$count" . "$username" . " " . "$password";

if($count==1){
// Register $username, $password and redirect to file "login_success.php"
session_register("username");
session_register("password");
echo "<META HTTP-EQUIV='Refresh' CONTENT='0; URL=login_success.php'>";
header("location:login_success.php");
}

//else {
//echo "Wrong Username or Password";
//}
}
catch( PDOException $e ) {
echo $e->getMessage();
}
?>

seems like its having problems with that in bold

suarve · 6 Dec 2009 at 21:31

What's in dbcon.php?

Seems like you're using a mix of mysql and pdo to query your database.

If you're using PDO you row count code would look something like:

PHP:

$delete = $dbh->prepare("DELETE FROM users WHERE banned='1'");
$delete->execute();
$count = $delete->rowCount();

You don't need both of these lines, just one, as they are doing the same thing for in essence.

PHP:

echo "<META HTTP-EQUIV='Refresh' CONTENT='0; URL=login_success.php'>";
        header("location:login_success.php");

EDIT: actually suspect it's going to be at the $db = getConnection(); as seems an odd way of connecting to me.

If you're doing $result = $db->$query I imagine you'd need to pass your query function an sql statement (assuming you're using some sort of database class) E.g. the variable you called $sql - get rid of the brackets too, can't see why you'd need them. I imagine you'd end up with $result = $db->$query($sql)

Also, is there any particular reason you're using session_register, as opposed to the $_SESSION array? The php manual discourages this: http://php.net/manual/en/function.session-register.php

dokko · 6 Dec 2009 at 22:17

dbcon.php

<?php
//connect to the database
function getConnection(){
$username = 'xxx';
$password = 'xxx';
$dbname = 'xxx';
$db = new PDO( "mysql:host=localhost;dbname=$dbname", $username, $password );
$db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
return $db;
}

?>

so $result = $db->$query($sql); instead of $result = $db->$query;

$_SESSION array ("username"); instead of session_register("username");

Sorry but which brackets to get rid of?

suarve · 7 Dec 2009 at 09:46

If you're using PDO, you may aswell make use of all it's features (this isn;t tested btw, so may be some typos):

PHP:

//put this line at the very top of your script
session_start():


try {

 $db = new PDO( "mysql:host=localhost;dbname=$dbname", $username,  $password );
      $db->setAttribute( PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION );
 $st = $db->prepare('SELECT name, pass FROM subs
    WHERE name < :myname AND pass = :mypass');

 $st->execute(array(':myname' => $name, ':mypass' => $pass));

$row = $st->fetch(PDO::FETCH_ASSOC);
$user = $row[0];
$pass = $row[1];

 $count = $st->rowCount();

 if ($count == '1') {
  //do session stuff
  $_SESSION['username'] = $user; 
  $_SESSION['pass'] = $pass; 
} else {
  die('Incorrect user/pass entered!')
 }

catch( PDOException $e ) {
      echo $e->getMessage();
}

There's a really good pdo wrapper class (I know wrapping a class in another class is an abomination) i found a while ago, that's makes working with pdo slightly less tedious - I'll try and big it out.

dokko · 7 Dec 2009 at 21:48

Thanks for your help bud i got it sorted.

Combo of things you put up there and bit of trial and error

Inquisitor · 7 Dec 2009 at 22:21

For future reference,

Code:

 tags (or even better: [PHP] tags) make reading your code snippets much easier!