Interlopers.net - Half-Life 2 News & Tutorials

[Mikey]

I figured since ive been lurking around interlopers once again from time to time i might aswell mark my return by showing how immensly retarted i can get at times if i just try hard enough..

Right, so i've staring at this same php file for the last 5+ hours trying to fix all the bugs and work out some errors, but this still eludes me. The part of the script which wont work is the part where i check if the results from my database searches match the entered username/ip of the user who is trying to register, the rest works fine as far as i can tell. It should block anyone who's ip/username has allready been used, but it doesn't.

It's probably a logical mistake by me im guessing, but i don't believe staring at the file longer will help me find it, it's literally driving me insane as i've been laughing quietly at myself for the last 2 hours.

Code: Select all


$password1 = $_POST['password1'];
$password2 = $_POST['password2'];
$username = $_POST['username'];
$ip = $_SERVER['REMOTE_ADDR'];
include('safe.php');
if(!empty($password1) && !empty($username))
   {

$opendb = mysql_connect($server, $dbuser,"") or die(mysql_error());
$selectdb = mysql_select_db($db);
$excuser = mysql_query("SELECT username FROM $table1 WHERE username = $username");
$excip = mysql_query("SELECT ip FROM $table1 WHERE ip = $ip");

if($password1 != $password2)
   {
   header("Location: register.php?error=1");
   }
else if($excuser == $username)
   {
   header("Location: register.php?error=2");
   }
else if($excip == $ip)
   {
   header("Location: register.php?error=3");
   }
else
   {
   $excuser = mysql_query("INSERT INTO $table1(username, password, ip) VALUES('$username', '$hash', '$ip') ") or die(mysql_error());
   $closedb = mysql_close($opendb);
   header("Location: register.php?error=5");
   }
   
   }
else
   {
   header("Location: register.php?error=4");
   }


Notes:
excuser/excip stands for 'exclusive ip/username'

error 5 = successful entry if anyone wonders why it's called that, i just figured there's no point in creating a seperate variable and if statement for a successful entry.

safe.php includes a bunch of variables and the encryption of passwords along with other things which need safekeeping, and that i dont want to have to do each time i acces a database/access a function which requires passwords to be encrypted(registration/log in/etc)

I will be adding protection against sql injections at some point, blah

[RobQ]

I don't do php or SQL even, but wouldn't mysql_query return some kind of array? Try putting some debugging code after the final mysql_query (before the comparisons) that prints the state of all the variables in question.

[zombie@computer]

the first two queries will error no matter what. mysql_error them to find out why
(tip: get a local mysql server and use its cmd box to test any queries you dont feel the need to cover with mysql_error in your scripts)

not to mention mysql_query returns a resource handle, NOT a result. use mysql_fetch_x (assoc, row, object) to get the results

Better reread some php mysql examples on php.net...

[Mikey]

i was going to use mysql_fetch_array or something similar since that was what i have used before, ive never written this type of script before and felt unsure about wether or not it was needed, since in my mind it felt logical the mysql_query command should return a result, silly me

Our webdesign teacher at school is terrible, so those of us who want to learn more advanced scripting have to do so on their own, resulting in poor assumptions like this one.. It's really bad...
Those of us who know ANYTHING about php spend most lessons helping everyone else, if you're interested in a job you could allways come teach in sweden z@c

[zombie@computer]

i was going to use mysql_fetch_array or something similar since that was what i have used before, ive never written this type of script before and felt unsure about wether or not it was needed, since in my mind it felt logical the mysql_query command should return a result, silly me

Our webdesign teacher at school is terrible, so those of us who want to learn more advanced scripting have to do so on their own, resulting in poor assumptions like this one.. It's really bad...
Those of us who know ANYTHING about php spend most lessons helping everyone else, if you're interested in a job you could allways come teach in sweden z@c

When i had computer class we were still on dos, not having the internetz, and the few nerdy hackers in our class were able to fire up windows 3.11 (teh futurez!). In short, whatever you want to learn, you can learn by yourself.

[Mikey]

luls
would mysql_result work?
edit: looks like it will, meh, might use mysql_fetch_assoc since its closer to what ive done before

edit2:
redid the entire code today, got it working perfectly... the ammount of retardation that went in to the previous version was immense. so many errors and glitches and above all 'logical errors' not sure if thats what you call them in english.