php/sql troubles

Show off new creations, get help, or just chat about all aspects of web development and design.

php/sql troubles

Postby Mikey on Sun Feb 10, 2008 4:08 pm

I figured since ive been lurking around interlopers once again from time to time i might aswell mark my return by showing how immensly retarted i can get at times if i just try hard enough..

Right, so i've staring at this same php file for the last 5+ hours trying to fix all the bugs and work out some errors, but this still eludes me. The part of the script which wont work is the part where i check if the results from my database searches match the entered username/ip of the user who is trying to register, the rest works fine as far as i can tell. It should block anyone who's ip/username has allready been used, but it doesn't.

It's probably a logical mistake by me im guessing, but i don't believe staring at the file longer will help me find it, it's literally driving me insane as i've been laughing quietly at myself for the last 2 hours.

Code: Select all

$password1 = $_POST['password1'];
$password2 = $_POST['password2'];
$username = $_POST['username'];
$ip = $_SERVER['REMOTE_ADDR'];
include('safe.php');
if(!empty($password1) && !empty($username))
   {

$opendb = mysql_connect($server, $dbuser,"") or die(mysql_error());
$selectdb = mysql_select_db($db);
$excuser = mysql_query("SELECT username FROM $table1 WHERE username = $username");
$excip = mysql_query("SELECT ip FROM $table1 WHERE ip = $ip");

if($password1 != $password2)
   {
   header("Location: register.php?error=1");
   }
else if($excuser == $username)
   {
   header("Location: register.php?error=2");
   }
else if($excip == $ip)
   {
   header("Location: register.php?error=3");
   }
else
   {
   $excuser = mysql_query("INSERT INTO $table1(username, password, ip) VALUES('$username', '$hash', '$ip') ") or die(mysql_error());
   $closedb = mysql_close($opendb);
   header("Location: register.php?error=5");
   }
   
   }
else
   {
   header("Location: register.php?error=4");
   }

Notes:
excuser/excip stands for 'exclusive ip/username'

error 5 = successful entry if anyone wonders why it's called that, i just figured there's no point in creating a seperate variable and if statement for a successful entry.

safe.php includes a bunch of variables and the encryption of passwords along with other things which need safekeeping, and that i dont want to have to do each time i acces a database/access a function which requires passwords to be encrypted(registration/log in/etc)

I will be adding protection against sql injections at some point, blah

:smt006
Shr3d wrote:Ninjas don't have guns. American rednecks that live in Kmart do.
User avatar
Mikey
1337 p0st3r
1337 p0st3r
 
Joined: Wed Jul 20, 2005 7:43 am
Location: Southampton

Re: php/sql troubles

Postby RobQ on Sun Feb 10, 2008 4:34 pm

I don't do php or SQL even, but wouldn't mysql_query return some kind of array? Try putting some debugging code after the final mysql_query (before the comparisons) that prints the state of all the variables in question.
"You can never know that this statement is true"
RobQ
1337 p0st3r
1337 p0st3r
 
Joined: Mon Jul 02, 2007 2:13 am
Location: USA

Re: php/sql troubles

Postby zombie@computer on Sun Feb 10, 2008 4:56 pm

the first two queries will error no matter what. mysql_error them to find out why
(tip: get a local mysql server and use its cmd box to test any queries you dont feel the need to cover with mysql_error in your scripts)

not to mention mysql_query returns a resource handle, NOT a result. use mysql_fetch_x (assoc, row, object) to get the results

Better reread some php mysql examples on php.net... :wink:
When you are up to your neck in shit, keep your head up high
User avatar
zombie@computer
Forum Goer Elite™
Forum Goer Elite™
 
Joined: Fri Dec 31, 2004 5:58 pm
Location: Lent, Netherlands

Re: php/sql troubles

Postby Mikey on Sun Feb 10, 2008 6:12 pm

i was going to use mysql_fetch_array or something similar since that was what i have used before, ive never written this type of script before and felt unsure about wether or not it was needed, since in my mind it felt logical the mysql_query command should return a result, silly me :P

Our webdesign teacher at school is terrible, so those of us who want to learn more advanced scripting have to do so on their own, resulting in poor assumptions like this one.. It's really bad... :roll:
Those of us who know ANYTHING about php spend most lessons helping everyone else, if you're interested in a job you could allways come teach in sweden z@c :P
Shr3d wrote:Ninjas don't have guns. American rednecks that live in Kmart do.
User avatar
Mikey
1337 p0st3r
1337 p0st3r
 
Joined: Wed Jul 20, 2005 7:43 am
Location: Southampton

Re: php/sql troubles

Postby zombie@computer on Sun Feb 10, 2008 6:51 pm

Mikey wrote:i was going to use mysql_fetch_array or something similar since that was what i have used before, ive never written this type of script before and felt unsure about wether or not it was needed, since in my mind it felt logical the mysql_query command should return a result, silly me :P

Our webdesign teacher at school is terrible, so those of us who want to learn more advanced scripting have to do so on their own, resulting in poor assumptions like this one.. It's really bad... :roll:
Those of us who know ANYTHING about php spend most lessons helping everyone else, if you're interested in a job you could allways come teach in sweden z@c :P

When i had computer class we were still on dos, not having the internetz, and the few nerdy hackers in our class were able to fire up windows 3.11 (teh futurez!). In short, whatever you want to learn, you can learn by yourself.
When you are up to your neck in shit, keep your head up high
User avatar
zombie@computer
Forum Goer Elite™
Forum Goer Elite™
 
Joined: Fri Dec 31, 2004 5:58 pm
Location: Lent, Netherlands

Re: php/sql troubles

Postby Mikey on Sun Feb 10, 2008 7:13 pm

luls
would mysql_result work?
edit: looks like it will, meh, might use mysql_fetch_assoc since its closer to what ive done before

edit2:
redid the entire code today, got it working perfectly... the ammount of retardation that went in to the previous version was immense. so many errors and glitches and above all 'logical errors' not sure if thats what you call them in english.
Shr3d wrote:Ninjas don't have guns. American rednecks that live in Kmart do.
User avatar
Mikey
1337 p0st3r
1337 p0st3r
 
Joined: Wed Jul 20, 2005 7:43 am
Location: Southampton

Return to Web Design & Development

Who is online

Users browsing this forum: No registered users