Mysql query

pushprocess

Ok this is wierd...

Table:
1- idx
2- password

  

$sql = "SELECT * FROM users WHERE 'idx' = '$usr'";
$result = mysql_query($sql) or die(mysql_error());
$result = mysql_fetch_array($result) or die(mysql_error());

Then i test if password match (if it doesn't work I redirect)

If i use a valid idx and password it works fine
If i use a valid idx but no password
If i use a none valid idx...
boom nothing shows up on the webpage...

Anyone have idea?

need more info?

Help will be appreciated 🙂

tserbis

$sql = " SELECT * FROM users WHERE idx = '$usr' ";

pushprocess

already tried without single quote 🙁

_____

try to echo $usr before executing the query for all cases

may be it has a value that u didn't excepct because
something wrong with ur code before the query

can u post the code if it is short?

pushprocess

 

<?PHP

$dbh = mysql_connect ("localhost", "user", "pass") or 
die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ("push_telus"); 
// Variables

if( !$_GET['userid'] ) 
{ 
	header("Location: [url]http://www.domain.com[/url]"); 
}

$usr = $_GET['userid'];
$pass = $_GET['password'];


$sql = "SELECT * FROM users WHERE idx= '$usr'";
$result = mysql_query($sql) or die(mysql_error());
$result = mysql_fetch_array($result) or die(mysql_error());

if ( $result[1] != $pass)
{
	header("Location: [url]http://www.domain.com[/url]"); 
}

?>
<HTML>
<HEAD>
<TITLE>E-Punch</TITLE>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">

<LINK HREF="stylesheet.css" REL="stylesheet" TYPE="text/css">
</HEAD>

<BODY>
<TABLE WIDTH="100%" HEIGHT="100%" BORDER="0">
  <TR>
    <TD ALIGN="center" VALIGN="middle">
    <TABLE WIDTH="800" BORDER="0">
  <TR>
          <TD WIDTH="250"><IMG SRC="images/logo.gif" WIDTH="250" HEIGHT="250"></TD>
    <TD WIDTH="540"><DIV>

          <TABLE WIDTH="320" BORDER="0">
            <TR> 
              <TD COLSPAN="2">Hi <?PHP echo "$result[2] $result[3]"; ?> !</TD>
            </TR>
            <TR> 
              <TD COLSPAN="2">What would you like to do?</TD>
            </TR>
            <TR> 
              <TD ALIGN="center"><FORM ACTION="login.php?mode=1" METHOD="get" NAME="login" TARGET="_self">
    <INPUT NAME="InDay" TYPE="submit"  SIZE="20" CLASS="button" VALUE="Start your day">
  </FORM></TD>
              <TD ALIGN="center"><FORM ACTION="index2.php?mode=2" METHOD="get" NAME="login" TARGET="_self">
    <INPUT NAME="OutDay" TYPE="submit" CLASS="button" VALUE="End of your day">
  </FORM></TD>
            </TR>
            <TR> 
              <TD>&nbsp;</TD>
              <TD>&nbsp;</TD>
            </TR>
            <TR> 
              <TD ALIGN="center"><FORM ACTION="index2.php?mode=3" METHOD="get" NAME="login" TARGET="_self"><INPUT NAME="InBreak" TYPE="submit" CLASS="button" VALUE="Go in break"></FORM></TD>
              <TD ALIGN="center"><FORM ACTION="index2.php?mode=4" METHOD="get" NAME="login" TARGET="_self"><INPUT NAME="OutBreak" TYPE="submit" CLASS="button" VALUE="Back from break"></FORM></TD>
            </TR>
          </TABLE>
        </DIV></TD>
  </TR>
</TABLE>


</TD>
  </TR>
</TABLE>



</BODY>
</HTML>

Hope the code is not too long 😉

laserlight

You're not using the header() correctly.

Try something like:
heade("Location: http://www.domain.com");

pushprocess

Ok i'll change the syntaxe for the header but this is not the part that gives the blank page... it's in the sql query when a userid is not found...

because the header does work...

Thank you for the advice 🙂

_____

it is logical my friend

u said it is only ok when user + pass are correct

and only when 1 of them is worng shows nothing

that what ur code is asking for 🙂

The only thing that when 1 of them is wrong, u will use header()
to direct them to domain.com
So, if u did it correctly as laserlight said, i think all thinks will work fine 🙂

pushprocess

if the user dont enter a valid username it gives a blank page and not redirect to domian.com... but if I enter a valid username wrong pass it does...

_____

why u check for user first then pass
u can check if there is a result from the query for both like

    $usr = $_GET['userid']; 
    $pass = $_GET['password']; 


$sql = "SELECT * FROM users WHERE idx= '$usr' and password = '$pass'"; 
$result = mysql_query($sql) or die(mysql_error()); 

if ( $result = mysql_fetch_array($result)) 
{ 
//do the page
} else{
    header("Location: http://www.domain.com"); 
}

pushprocess

haha thank you!!

man i'm dumb i really should think a littl emore before coding things 😉 thanx again!! 🙂

_____

u r welcome fiend

and the probelm with ur code i think it was with this

if( !$GET['userid'] )

{

header("Location: <a href="http://www.domain.com" target="blank">http://www.domain.com</a>");
}

by the above code u just check if $_GET['userid'] is not set
even if it has a wrong userid

pushprocess

yes tht's because before I had problem with no userid or wrong userid ... it was a patch to remove half of th eproblem 😉