Not writing to mySQL database

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts
  • tbronson7
    Corporal

    • Feb 2011
    • 10

    Not writing to mySQL database

    Im trying to set up a register page on my website, i have setup a mySQL DB and user, I have completed the code, however, when the form is submitted i get these two errors


    Warning: mysql_connect() [function.mysql-connect]: Access denied for user '*****bid_admin'@'127.0.0.1' (using password: YES) in /home/*****bid/public_html/register.php on line 110


    Warning: mysql_select_db(): supplied argument is not a valid MySQL-Link resource in /home/*****bid/public_html/register.php on line 111

    line 110 and 111 are

    $db_handle = mysql_connect($server, $user_name, $pass_word);
    $db_found = mysql_select_db($database, $db_handle);

    the rest of the code is below(DB PW replaced with *********)


    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
    <html>
    <head>
    <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
    <title>*****Bidz.com</title>
    <meta http-equiv="Page-Enter" content="blendTrans(Duration=1)">
    <meta name="GENERATOR" content="Created by BlueVoda">
    <style type="text/css">
    div#container
    {
    position: absolute;
    left: 50%;
    top: 50%;
    width: 1385px;
    height: 716px;
    margin-top: -358px;
    margin-left: -692px;
    }
    </style>
    <?PHP
    //session_start();
    //if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) {
    //header ("Location: account.php");
    //}

    //set the session variable to 1, if the user signs up. That way, they can use the site straight away
    //do you want to send the user a confirmation email?
    //does the user need to validate an email address, before they can use the site?
    //do you want to display a message for the user that a particular username is already taken?
    //test to see if the u and p are long enough
    //you might also want to test if the users is already logged in. That way, they can't sign up repeatedly without closing down the browser
    //other login methods - set a cookie, and read that back for every page
    //collect other information: date and time of login, ip address, etc
    //don't store passwords without encrypting them

    $uname = "";
    $pword = "";
    $cpword = "";
    $email = "";
    $fname = "";
    $lname = "";
    $errorMessage = "";
    $num_rows = 0;

    function quote_smart($value, $handle) {

    if (get_magic_quotes_gpc()) {
    $value = stripslashes($value);
    }

    if (!is_numeric($value)) {
    $value = "'" . mysql_real_escape_string($value, $handle) . "'";
    }
    return $value;
    }

    if ($_SERVER['REQUEST_METHOD'] == 'POST'){

    //================================================== ==================
    // GET THE CHOSEN U AND P, AND CHECK IT FOR DANGEROUS CHARCTERS
    //================================================== ==================
    $uname = $_POST['username'];
    $pword = $_POST['password'];
    $cpword = $_POST['cpassword'];
    $email = $_POST['email'];
    $fname = $_POST['firstname'];
    $lname = $_POST['lastname'];

    $uname = htmlspecialchars($uname);
    $pword = htmlspecialchars($pword);

    //================================================== ==================
    // CHECK TO SEE IF U AND P ARE OF THE CORRECT LENGTH
    // A MALICIOUS USER MIGHT TRY TO PASS A STRING THAT IS TOO LONG
    // if no errors occur, then $errorMessage will be blank
    //================================================== ==================

    $uLength = strlen($uname);
    $pLength = strlen($pword);

    if ($uLength >= 10 && $uLength <= 20) {
    $errorMessage = "";
    }
    else {
    $errorMessage = $errorMessage . "Username must be between 10 and 20 characters" . "<BR>";
    }

    if ($pLength >= 8 && $pLength <= 16) {$errorMessage = "";}
    else {$errorMessage = $errorMessage . "Password must be between 8 and 16 characters" . "<BR>";
    }

    if ($pword == $cpword){$errorMessage = "";}
    else {$errorMessage = $errorMessage . "Your passwords do not match" . "<BR>";}


    //test to see if $errorMessage is blank
    //if it is, then we can go ahead with the rest of the code
    //if it's not, we can display the error

    //================================================== ==================
    // Write to the database
    //================================================== ==================
    if ($errorMessage == "") {

    $user_name = "*****bid_admin";
    $pass_word = "*********";
    $database = "*****bid_usersdb";
    $server = "127.0.0.1";

    $db_handle = mysql_connect($server, $user_name, $pass_word);
    $db_found = mysql_select_db($database, $db_handle);

    if ($db_found) {

    $uname = quote_smart($uname, $db_handle);
    $pword = quote_smart($pword, $db_handle);
    $email = quote_smart($email, $db_handle);
    $fname = quote_smart($fname, $db_handle);
    $lname = quote_smart($lname, $db_handle);


    //================================================== ==================
    // CHECK THAT THE USERNAME IS NOT TAKEN
    //================================================== ==================

    $SQL = "SELECT * FROM usersdb WHERE UN = $uname";
    $result = mysql_query($SQL);
    $num_rows = mysql_num_rows($result);

    if ($num_rows > 0) {
    $errorMessage = "Username already taken";
    }

    else {

    $SQL = "INSERT INTO usersdb (UN, PW, EM, FN, LN) VALUES ($uname, md5($pword), $email, $fname, $lname)";

    $result = mysql_query($SQL);

    mysql_close($db_handle);

    //================================================== ===============================
    // START THE SESSION AND PUT SOMETHING INTO THE SESSION VARIABLE CALLED login
    // SEND USER TO A DIFFERENT PAGE AFTER SIGN UP
    //================================================== ===============================

    session_start();
    $_SESSION['login'] = "1";

    header ("Location: account.php");

    }

    }
    else {
    $errorMessage = "Database Not Found";
    }




    }

    }


    ?>
    <style type="text/css">
    img { behavior: url("pngfix.***"); }
    </style>
    </head>
    <body bgcolor="#D5DEFD" text="#000000" <?PHP print $errorMessage;?>>
    <div id="container">
    <div id="bv_Shape2" style="position:absolute;left:253px;top:206px;widt h:886px;height:2542px;z-index:0;" align="center">
    <img src="images/bv01041.gif" id="Shape2" align="top" alt="" title="" border="0" width="886" height="2542"></div>
    <img src="images/bv01003.png" align="top" alt="" border="0" width="383" height="158" style="position:absolute;left:502px;top:14px;width :383px;height:158px;z-index:1">
    <div id="bv_Html1" style="position:absolute;left:557px;top:289px;widt h:271px;height:309px;z-index:2;" align="left">
    <FORM NAME ="register" METHOD ="POST" ACTION ="register.php">

    First Name: <INPUT TYPE = 'TEXT' Name ='firstname' value="<?PHP print $fname;?>"> <br><br>
    Last Name: <INPUT TYPE = 'TEXT' Name ='lastname' value="<?PHP print $lname;?>" ><br><br>
    Email: &nbsp &nbsp &nbsp&nbsp&nbsp <INPUT TYPE = 'TEXT' Name ='email' value="" ><br><br>
    Username (20 Characters max): <INPUT TYPE = 'TEXT' Name ='username' value="" maxlength="20"><br><br>
    Password (16 Characters max): <INPUT TYPE = 'TEXT' Name ='password' value="" maxlength="16"><br><br>
    Confirm Password: <INPUT TYPE = 'TEXT' Name ='cpassword' value="" maxlength="16"><br><br>

    <P>
    <INPUT TYPE = "Submit" Name = "Submit1" VALUE = "Register">
    <input type="reset" id="regclear" name="regclear" value="Clear"
    <?PHP print $errorMessage;?>


    </FORM></div>
    </div>
    </body>
    </html>
  • navaldesign
    General & Forum Moderator

    • Oct 2005
    • 12080

    #2
    Re: Not writing to mySQL database

    Host should be "localhost" and not 127...........
    Navaldesign
    Logger Lite: Low Cost, Customizable, multifeatured Login script
    Instant Download Cart: a Powerfull, Customized, in site, DB driven, e-products Cart
    DBTechnosystems.com Forms, Databases, Shopping Carts, Instant Download Carts, Loggin Systems and more....
    Advanced BlueVoda Form Processor : No coding form processor! Just install and use! Now with built in CAPTCHA!

    Comment

    • tbronson7
      Corporal

      • Feb 2011
      • 10

      #3
      Re: Not writing to mySQL database

      alright thank you, i changed that, now im not getting any errors but its still not writing to the mySQl database, is there any reason this code isnt working?

      <?PHP
      //session_start();if (!(isset($_SESSION['login']) && $_SESSION['login'] != '')) {header ("Location: account.php");}

      //set the session variable to 1, if the user signs up. That way, they can use the site straight away
      //do you want to send the user a confirmation email?
      //does the user need to validate an email address, before they can use the site?
      //do you want to display a message for the user that a particular username is already taken?
      //test to see if the u and p are long enough
      //you might also want to test if the users is already logged in. That way, they can't sign up repeatedly without closing down the browser
      //other login methods - set a cookie, and read that back for every page
      //collect other information: date and time of login, ip address, etc
      //don't store passwords without encrypting them

      $uname = "";
      $pword = "";
      $cpword = "";
      $email = "";
      $fname = "";
      $lname = "";
      $errorMessage = "";
      $num_rows = 0;

      //function quote_smart($value, $handle) {

      // if (get_magic_quotes_gpc()) {
      // $value = stripslashes($value);
      //}

      //if (!is_numeric($value)) {
      // $value = "'" . mysql_real_escape_string($value, $handle) . "'";
      //}
      //return $value;
      //}

      if ($_SERVER['REQUEST_METHOD'] == 'POST'){

      //================================================== ==================
      // GET THE CHOSEN U AND P, AND CHECK IT FOR DANGEROUS CHARCTERS
      //================================================== ==================
      $uname = $_POST['username'];
      $pword = $_POST['password'];
      $cpword = $_POST['cpassword'];
      $email = $_POST['email'];
      $fname = $_POST['firstname'];
      $lname = $_POST['lastname'];

      $uname = htmlspecialchars($uname);
      $pword = htmlspecialchars($pword);

      //================================================== ==================
      // CHECK TO SEE IF U AND P ARE OF THE CORRECT LENGTH
      // A MALICIOUS USER MIGHT TRY TO PASS A STRING THAT IS TOO LONG
      // if no errors occur, then $errorMessage will be blank
      //================================================== ==================

      $uLength = strlen($uname);
      $pLength = strlen($pword);

      if ($uLength >= 10 && $uLength <= 20) {
      $errorMessage = "";
      }
      else {
      $errorMessage = $errorMessage . "Username must be between 10 and 20 characters" . "<BR>";
      }

      if ($pLength >= 8 && $pLength <= 16) {$errorMessage = "";}
      else {$errorMessage = $errorMessage . "Password must be between 8 and 16 characters" . "<BR>";
      }

      if ($pword == $cpword){$errorMessage = "";}
      else {$errorMessage = $errorMessage . "Your passwords do not match" . "<BR>";}


      //test to see if $errorMessage is blank
      //if it is, then we can go ahead with the rest of the code
      //if it's not, we can display the error

      //================================================== ==================
      // Write to the database
      //================================================== ==================
      if ($errorMessage == "") {

      $user_name = "*****bid_admin";
      $pass_word = "!7HardCore!7";
      $database = "*****bid_usersdb";
      $server = "localhost";

      $db_handle = mysql_connect($server, $user_name, $pass_word) OR die (mysql_error());
      $db_found = mysql_select_db($database, $db_handle);

      if ($db_found) {

      //$uname = quote_smart($uname, $db_handle);
      //$pword = quote_smart($pword, $db_handle);
      //$email = quote_smart($email, $db_handle);
      //$fname = quote_smart($fname, $db_handle);
      //$lname = quote_smart($lname, $db_handle);


      //================================================== ==================
      // CHECK THAT THE USERNAME IS NOT TAKEN
      //================================================== ==================

      //$SQL = "SELECT * FROM users WHERE UN = $uname";
      //$result = mysql_query($SQL);
      //$num_rows = mysql_num_rows($result);

      $SQL = "SELECT COUNT(UN) AS UN$uname FROM users WHERE UN=$uname";
      $result = mysql_query($SQL);

      if ($result > 0) {
      $errorMessage = "Username already taken";
      }

      else {



      $SQL = "INSERT INTO users (UN, PW, EM, FN, LN) VALUES ($uname, md5($pword), $email, $fname, $lname)";

      $result = mysql_query($SQL);

      mysql_close($db_handle);
      print "User Successfully Created!";

      //================================================== ===============================
      // START THE SESSION AND PUT SOMETHING INTO THE SESSION VARIABLE CALLED login
      // SEND USER TO A DIFFERENT PAGE AFTER SIGN UP
      //================================================== ===============================

      //session_start();
      //$_SESSION['login'] = "1";

      //header ("Location: account.php");

      }

      }
      else {
      $errorMessage = "Database Not Found";
      }




      }

      }


      ?>

      Comment

      • navaldesign
        General & Forum Moderator

        • Oct 2005
        • 12080

        #4
        Re: Not writing to mySQL database

        As you understand I can't analyze all your code to see where you might be wrong.

        Add this line

        error_reporting(E_ALL);

        just as second line, after <?PHP

        so PHP will report any errors and you might find out is wrong.
        After you fix it, remove (or comment with //) this line before going live.
        Navaldesign
        Logger Lite: Low Cost, Customizable, multifeatured Login script
        Instant Download Cart: a Powerfull, Customized, in site, DB driven, e-products Cart
        DBTechnosystems.com Forms, Databases, Shopping Carts, Instant Download Carts, Loggin Systems and more....
        Advanced BlueVoda Form Processor : No coding form processor! Just install and use! Now with built in CAPTCHA!

        Comment

        • tbronson7
          Corporal

          • Feb 2011
          • 10

          #5
          Re: Not writing to mySQL database

          of course i understand, added the line, still not writing to the database and not reporting any errors

          Comment

          • tbronson7
            Corporal

            • Feb 2011
            • 10

            #6
            Re: Not writing to mySQL database

            belay my last, it is reporting 6135 as an error

            Comment

            • navaldesign
              General & Forum Moderator

              • Oct 2005
              • 12080

              #7
              Re: Not writing to mySQL database

              MySql should report an error in text . If it doesn't I'm afraid there is not much I can do to help you.

              You would need to modify your queries to report the MySQL error.
              Navaldesign
              Logger Lite: Low Cost, Customizable, multifeatured Login script
              Instant Download Cart: a Powerfull, Customized, in site, DB driven, e-products Cart
              DBTechnosystems.com Forms, Databases, Shopping Carts, Instant Download Carts, Loggin Systems and more....
              Advanced BlueVoda Form Processor : No coding form processor! Just install and use! Now with built in CAPTCHA!

              Comment

              Working...
              X