[RESOLVED] Echo skills from a database

Sacreed

Ok,well this is what am trying to do:

I have a few skills I want to echo there levels. But It doesn't seem to be working for me.

Here is my database(note: I did show you some ways I tried,also the user works fine):

<?php 
session_start(); 
// store session data 
$_SESSION['user'] = $_POST['user'];
$_SESSION['hp'] = $hp;
$_SESSION['coins'] = $results2;
$_SESSION['tokens'] = $results2;
$_SESSION['attack'] = $results2;
$_SESSION['strength'] = $results2;
$_SESSION['defense'] = $results2;
$_SESSION['range'] = $results2;
$_SESSION['magic'] = $results2;
$_SESSION['level'] = $results2;
?>
<html>
<head>
<title>Authenticated</title>
</head>
<body bgcolor="grey">
</body>
</html>
<?php
$username="";
$password="";
$database="";

$username=$_POST['user'];
$password=$_POST['pass'];
$hp=$results2;

$con = mysql_connect("","","");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("", $con);

$result = mysql_query("SELECT * FROM `userslogin` WHERE `namesofusers` = '" . $username . "' AND `password`= '" . $password . "'");
$results = mysql_query("SELECT * FROM `ban` WHERE` ipban` = '" . $username . "' AND `ban`= '" . $username . "'");
$results2 = mysql_query("SELECT * FROM `userslogin` WHERE `hplevel `= '" . $hp . "' AND `cblevel `= '" . $level . "' AND `coins `= '" . $coins . "' AND `tokens `= '" . $tokens . "' AND `attacklevel `= '" . $attack . "' AND `strengthlevel `= '" . $strength . "' AND `defenselevel `= '" . $defense . "' AND `rangelevel `= '" . $range . "' AND `magiclevel `= '" . $magic . "'");
$num_rows = mysql_num_rows($result);
$num_rows2 = mysql_num_rows($results);
$num_rows3 = mysql_num_rows($results2);

if ($num_rows != 1 ) 
{
echo "We do not have that information in our database";
}
if ($num_rows2 != 0 ) 
{
echo "You are either ip banned or banned. If you are banned you will be unbanned within the next 5 days,but if you are ip banned you will need to email Sacred.";
}
else
{
while($row = mysql_fetch_array($result)) 
{
     header('Location: town.php');    

    }
} 
mysql_close($con);
?>

Here is my page that the information is suppose to echo the skills to:


<body bgcolor="#808080" ondblclick="showdb_alert()">
<table border="1" align="center">
<tr>
<th><a href="town.php">Town</a></th>
<th><a href="forum.php">Forums</a></th>
<th><a href="chatbox.php">Chat</a></th>
<th><a href="logout.php">Logout</a></th>
<?php include("session.php"); ?>
</tr>
</table>
<table border="1" align="right">
<tr>
<th>Character</th>
</tr>
<tr>
<td><?php echo "Name: ". $_SESSION['user'];?></th>
</tr>
<tr>
<td><?php echo "Coins: ". $_SESSION['coins'];?></th>
</tr>
<tr>
<td><?php echo "Tokens: ". $_SESSION['tokens'];?></th>
</tr>
<tr>
<th>Skills</th>
</tr>
<tr>
<td><?php echo "Level: ". $_SESSION['level'];?></th>
</tr>
<tr>
<td><?php echo "Hp: ". $_SESSION['hp'];?></th>
</tr>
<tr>
<td><?php echo "Attack: ". $_SESSION['attack'];?></th>
</tr>
<tr>
<td><?php echo "Strength: ". $_SESSION['strength'];?></th>
</tr>
<tr>
<td><?php echo "Defense: ". $_SESSION['defense'];?></th>
</tr>
<tr>
<td><?php echo "Range: ". $_SESSION['range'];?></th>
</tr>
<tr>
<td><?php echo "Magic: ". $_SESSION['magic'];?></th>
</tr>
</table>
<script type="text/javascript">
function showdb_alert()
{
alert("Sacred says: You may only click once");
}
</script>
<script type="text/javascript">
function popupbox() {

alert("This is a bot check.");
}

setTimeout("popupbox()", 50000);
</script>
</table>

More information:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Login</title>
</head>
<body>
<div class="leftmenu">
<?php include("links.php"); ?>
<?php include("session.php"); ?>
</div>
<center>
<form action="check.php" method="post">
<font color="#FFFFFF">Username:</font><br><input type="text" name="user"><br>
<font color="#FFFFFF">Password:</font><br><input type="password" name="pass"><br>
<br>
<input type="submit" value="Login">
</form>
<p><font color="#0000FF">Please note that this game is still in beta testing! Beta means that it is not 100% yet. If you have any issues tell a staff member.</font></p>
</center>
</body>
</html>

Thanks,Sacreed!

Krik

$_SESSION['coins'] = $results2;
$_SESSION['tokens'] = $results2;
$_SESSION['attack'] = $results2;
$_SESSION['strength'] = $results2;
$_SESSION['defense'] = $results2;
$_SESSION['range'] = $results2;
$_SESSION['magic'] = $results2;
$_SESSION['level'] = $results2;

I can't imagine that is anywhere near to be corect, "$results2" is a query result that is half way down the page. So at the point you call "$results2" it is undefined. And even if you move those to after $results2 your still not going to get any value that can be used.

Now in light of that I would make the suggestion of setting your [man]error_reporting[/man] to E_ALL, while in development, so you can catch those kinds of errors.

Sacreed

What would you suggest to do? Btw thanks, I will see what I can do with E_ALL

dagon

Sacreed;10962383 wrote:
What would you suggest to do? Btw thanks, I will see what I can do with E_ALL

start by learning what he function mysql_query() returns

Sacreed

Thanks very much 😃 See what I can do. 🙂

Krik

Well I started to just fix the one thing and I found I had to make a change that then required another change and then another. So basically I redid your entire block of code. Some of the changes were not necessary but as I was doing it I thought do it right and maybe you'll get something out of it.

<?php
error_reporting(E_ALL);
session_start();

if(isset($_POST['user']) {

$username=$_POST['user'];
$password=$_POST['pass'];

$con = mysql_connect("","","") or $message = 'Could not connect: ' . mysql_error();
mysql_select_db("", $con);

$ban_res = mysql_query("SELECT * FROM `ban` WHERE `ipban` = '" . $_SERVER['REMOTE_ADDR'] . "' AND `ban` = '" . $username . "'") or $message = 'Server Error: ' . mysql_error();

if(mysql_num_rows($ban_res) != 0) {
	$message = "You are either ip banned or banned. If you are banned you will be unbanned within the next 5 days, but if you are ip banned you will need to email Sacred.";
}
else {
	$user_res = mysql_query("SELECT * FROM `userslogin` WHERE `namesofusers` = '" . $username . "' AND `password` = '" . $password . "' LIMIT 1") or $error = 'Server Error: ' . mysql_error();

	if (mysql_num_rows($user_res) == 0 ) {
		$message = "We do not have that information in our database";
	}
	else {
		$row = mysql_fetch_array($user_res)

		// store session data 
		$_SESSION['user'] = $row['namesofusers'];
		$_SESSION['hp'] = $row['hplevel'];
		$_SESSION['coins'] = $row['coins'];
		$_SESSION['tokens'] = $row['tokens'];
		$_SESSION['attack'] = $row['attacklevel'];
		$_SESSION['strength'] = $row['strengthlevel'];
		$_SESSION['defense'] = $row['defenselevel'];
		$_SESSION['range'] = $row['rangelevel'];
		$_SESSION['magic'] = $row['magiclevel'];
		$_SESSION['level'] = $row['cblevel'];

		header('Location: town.php');
	}
}
}
?>

First you will notice I set the error reporting for you. Leave it there till you're ready to put the site live then remove it. Or change "E_ALL" to "0" so the users do not see any error messages from the server.

Second, note that the above code does not echo any messages. I instead stored the messages in the "$message" variable that you can then echo where you need it in your HTML.

I removed one of the queries as there is no reason to query the same table twice like you had.

Also made the code check for banned ips and usernames before I runs the query on the "userlogin" table. No reason to run that query if the user is not allowed to access the data.

Hopefully you find that all to be a thought provoking rework.

Lastly I need to point out what looks to be another major error on your part

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Login</title>
</head>
<body>
<div class="leftmenu">
<?php include("links.php"); ?>
<?php include("session.php"); ?>
<!-- ect-->

and

<body bgcolor="#808080" ondblclick="showdb_alert()">
<table border="1" align="center">
<tr>
<th><a href="town.php">Town</a></th>
<th><a href="forum.php">Forums</a></th>
<th><a href="chatbox.php">Chat</a></th>
<th><a href="logout.php">Logout</a></th>
<?php include("session.php"); ?>

I assume that "session.php" has the [man]session_start[/man]. As such including it where you have in both those blocks of HTML is an absolute can not do. Read the manual on [man]session_start[/man] and you will find out you can not even output a single blank space before you call [man]session_start[/man] or it will fail. In your case you have a whole lot of html before [mansession_start[/man]. So get that "<?php include("session.php"); ?>" in line 1, before <!DOCTYPE>, and put absolutely nothing in front of it.

Sacreed

I appreciate all your help, and I tested it, and my check screen is white. I looked for some error in the coding and found none. I know there is something I can do to make it show the errors and not a white screen but forgot how. Thanks again, sacreed.

Sacreed

W00t fixed it,took some time though :rolleyes: 🙂 Thank you guys soo much for all your help. I owe you guys some how 😃