PHP Login Troubles Using PDO |
PHP Login Troubles Using PDO |
SBH |
Aug 15 2015, 12:34 AM
Post
#21
|
Member Group: Members Posts: 82 Joined: 6-February 15 Member No.: 22,158 |
Am sure that I don't need to say this, but the for security & privacy reasons, the values XXXXX, YYYYY & ZZZZZ for sql-username, sql-password & dbname are the real, original names.
|
CharlesEF |
Aug 15 2015, 01:56 AM
Post
#22
|
Programming Fanatic Group: Members Posts: 1,981 Joined: 27-April 13 From: Edinburg, Texas Member No.: 19,088 |
As for @CharlesEF, I've replaced the 'funny quotes' with normal double quotes. What more can I do? There is nothing more to do. If you have changed the original code then you should be able to log in now. I know it works, I tested it. I even posted the PHP error message regarding the smart quotes problem. It showed that PHP was making the smart quotes part of the variable value and that is why you were not able to log in. Now, if you changed the new code masonh928 posted, and I see you have made some changes, then you have other problems to worry about. I will only point out the 1 error you need to fix in order to log in. This line of code needs to be changed: CODE $stmt->bindValue(':passwrd', $passwrd, PDO::PARAM_STR, 40); To this:CODE $stmt->bindValue(':passwrd', $passwrd, PDO::PARAM_STR); You should now be able to log in. |
SBH |
Aug 15 2015, 05:40 AM
Post
#23
|
Member Group: Members Posts: 82 Joined: 6-February 15 Member No.: 22,158 |
There is nothing more to do. If you have changed the original code then you should be able to log in now. I know it works, I tested it. I even posted the PHP error message regarding the smart quotes problem. It showed that PHP was making the smart quotes part of the variable value and that is why you were not able to log in. Now, if you changed the new code masonh928 posted, and I see you have made some changes, then you have other problems to worry about. I will only point out the 1 error you need to fix in order to log in. This line of code needs to be changed: CODE $stmt->bindValue(':passwrd', $passwrd, PDO::PARAM_STR, 40); To this:CODE $stmt->bindValue(':passwrd', $passwrd, PDO::PARAM_STR); You should now be able to log in.Thanks @CharlesEF. When you say you have tested & it works, do you get the message "You have Logged in", when you echo $message? Thanks. |
CharlesEF |
Aug 15 2015, 09:35 AM
Post
#24
|
Programming Fanatic Group: Members Posts: 1,981 Joined: 27-April 13 From: Edinburg, Texas Member No.: 19,088 |
Your current code displays several messages and 1 of them is the "You have Logged in" message.
|
masonh928 |
Aug 15 2015, 11:36 AM
Post
#25
|
Serious Coder Group: Members Posts: 253 Joined: 17-August 13 From: Indiana Member No.: 19,570 |
This merits much change in my perspective will post more later.
|
masonh928 |
Aug 15 2015, 11:38 AM
Post
#26
|
Serious Coder Group: Members Posts: 253 Joined: 17-August 13 From: Indiana Member No.: 19,570 |
All I did was add bindValue();
I never edited CODE PDO::PARAM_STR, 40 |
masonh928 |
Aug 15 2015, 11:40 AM
Post
#27
|
Serious Coder Group: Members Posts: 253 Joined: 17-August 13 From: Indiana Member No.: 19,570 |
Charles are you saying my code was causing issues or the code he edited of mine was problematic?
|
CharlesEF |
Aug 15 2015, 11:44 AM
Post
#28
|
Programming Fanatic Group: Members Posts: 1,981 Joined: 27-April 13 From: Edinburg, Texas Member No.: 19,088 |
|
CharlesEF |
Aug 15 2015, 11:45 AM
Post
#29
|
Programming Fanatic Group: Members Posts: 1,981 Joined: 27-April 13 From: Edinburg, Texas Member No.: 19,088 |
|
masonh928 |
Aug 15 2015, 11:46 AM
Post
#30
|
Serious Coder Group: Members Posts: 253 Joined: 17-August 13 From: Indiana Member No.: 19,570 |
|
masonh928 |
Aug 15 2015, 11:48 AM
Post
#31
|
Serious Coder Group: Members Posts: 253 Joined: 17-August 13 From: Indiana Member No.: 19,570 |
That's why I prefer bindValue() better…
|
masonh928 |
Aug 15 2015, 11:56 AM
Post
#32
|
Serious Coder Group: Members Posts: 253 Joined: 17-August 13 From: Indiana Member No.: 19,570 |
This will be last post hopefully, just create a class exclusively for logging in. It will be a heck of a lot more simpler and faster.
|
masonh928 |
Aug 15 2015, 12:05 PM
Post
#33
|
Serious Coder Group: Members Posts: 253 Joined: 17-August 13 From: Indiana Member No.: 19,570 |
@Charles - I never even really payed much heed to them, they looked odd, I just thought it was the forum messing with them or something. To avoid this, I prefer double-quotes. I believe those weird quotes might have been the main error in his original code.
|
SBH |
Aug 15 2015, 12:07 PM
Post
#34
|
Member Group: Members Posts: 82 Joined: 6-February 15 Member No.: 22,158 |
That's why I prefer bindValue() better… Ok there, I posted the larger code as that was the one that I obtained from a website. As for this bind Param Vs Value debate, I modified it to the latter. Now the question I have is if you can help me in the original code. I am really struggling in going from the login page to the main page, which I need to work on a lot. To @CharlesEF's comment that there are a lot of messages, some were already coded when I obtained them. Some I have put to test the flow of the program. In particular, seems that the control does not go beyond password_hash (that I put in place of sha1). So in short, you can say that I need a comprehensive help in actually compiling a login script & "move" to a new web page. Can you please help? If possible, by giving me a code that'd help. Thanks. |
masonh928 |
Aug 15 2015, 12:11 PM
Post
#35
|
Serious Coder Group: Members Posts: 253 Joined: 17-August 13 From: Indiana Member No.: 19,570 |
If you are referring to redirecting to main page after successful login, it is quite simple:
CODE … //other code… header("Location: link.php?Link=This+is+where+User+is+Redirected"); … The session that you gave the value of user_id will be accessible anywhere on the server where you use session_start();' You need to include session_start() on the top of page, everywhere you use sessions, including registration page. This post has been edited by masonh928: Aug 15 2015, 12:11 PM |
SBH |
Aug 15 2015, 12:17 PM
Post
#36
|
Member Group: Members Posts: 82 Joined: 6-February 15 Member No.: 22,158 |
@masonh928 - Ok lemme try again. Used the header redirection command once, but was unable to get there. I am sure there's something very basic that I keep botching up.
I know this might be a trouble, but can you give me the code you modified & tested that I can copy-paste as is. |
CharlesEF |
Aug 15 2015, 12:18 PM
Post
#37
|
Programming Fanatic Group: Members Posts: 1,981 Joined: 27-April 13 From: Edinburg, Texas Member No.: 19,088 |
That's why I prefer bindValue() better… Ok there, I posted the larger code as that was the one that I obtained from a website. As for this bind Param Vs Value debate, I modified it to the latter. Now the question I have is if you can help me in the original code. I am really struggling in going from the login page to the main page, which I need to work on a lot. To @CharlesEF's comment that there are a lot of messages, some were already coded when I obtained them. Some I have put to test the flow of the program. In particular, seems that the control does not go beyond password_hash (that I put in place of sha1). So in short, you can say that I need a comprehensive help in actually compiling a login script & "move" to a new web page. Can you please help? If possible, by giving me a code that'd help. Thanks. password_hash() requires PHP v5.5 or higher. If you don't have that version then I would recommend you using the phpass found here. Don't you look at your php error log? This error will show up there. |
masonh928 |
Aug 15 2015, 12:20 PM
Post
#38
|
Serious Coder Group: Members Posts: 253 Joined: 17-August 13 From: Indiana Member No.: 19,570 |
You are correct Charles was going to say exactly what you said Charles. lol
|
masonh928 |
Aug 15 2015, 12:23 PM
Post
#39
|
Serious Coder Group: Members Posts: 253 Joined: 17-August 13 From: Indiana Member No.: 19,570 |
this was it before you showed the whole code, minor changes…
CODE $usrname = filter_var($_POST['usrname'], FILTER_SANITIZE_STRING); $passwrd = filter_var($_POST['passwrd'], FILTER_SANITIZE_STRING); /*** now we can encrypt the password ***/ $passwrd = password_hash($passwrd, PASSWORD_DEFAULT); /*** connect to database ***/ /*** mysql hostname ***/ $mysql_hostname = 'localhost'; /*** mysql username ***/ $mysql_username = "XXXXX"; /*** mysql password ***/ $mysql_password = "YYYYY"; /*** database name ***/ $mysql_dbname = ‘ZZZZZ’; try { $dbh = new PDO("mysql:host=$mysql_hostname;dbname=$mysql_dbname", $mysql_username, $mysql_password); /*** $message = a message saying we have connected ***/ /*** set the error mode to excptions ***/ $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); /*** prepare the select statement ***/ $stmt = $dbh->prepare("SELECT * FROM U_Authentications WHERE username = :usrname AND password = :passwrd"); /*** bind the parameters ***/ $stmt->bindValue(":usrname", $usrname); $stmt->bindValue(":passwrd", $passwrd); /*** execute the prepared statement ***/ $stmt->execute(); /*** check for a result ***/ $user_id = $stmt->fetchAll(); /*** if we have no result then fail boat ***/ if(count($user_id) < 1){ $message = 'Login Failed'; } else{ /*** set the session user_id variable ***/ $_SESSION['user_id'] = $user_id; /*** tell the user we are logged in ***/ $message = 'You are now logged in'; } } catch(Exception $e){ /*** if we are here, something has gone wrong with the database ***/ $message = 'We are unable to process your request. Please try again later<br>'; $message .= $e->getMessage(); } |
masonh928 |
Aug 15 2015, 12:24 PM
Post
#40
|
Serious Coder Group: Members Posts: 253 Joined: 17-August 13 From: Indiana Member No.: 19,570 |
Or just turn on error_reporting(E_ALL);
haha |
Lo-Fi Version | Time is now: 27th April 2024 - 09:49 AM |