Ch18 Php Version?

[bigwater]

I have been having difficulties with the user registration examples. I tried uploading the code to my server so I didn't have to set up the email server. At first I couldn't get the code to connect the database at all but after awhile I removed this line

define ('MYSQL', 'http://billy-thekid-sports.com/other/mysqli_connect.php');

from the config file and used

require ('./mysqli_connect.php'); instead of

require(MYSQL); and that seemed to work. My hosted server runs php version 5.3 my local machine runs 5.4 does that have anything to do with the use of constants in the require? Because now I've gotten everything working up to the log in. Email activation link clears the 'active' field in the db but all I get is the 'please try again error message. Is there anthying in this file that may not work in v5.3

Thanks in advance, Mike.

[rob]

The PHP versions are not a factor, get used to checking the online PHP documentation http://php.net/manua...ion.require.php

 

What debugging steps did you take? Did you: check the path to the mysqli_connect.php file? Check that you'd entered the path in require correctly? Get any sort of error message? Have error reporting on?

 

What query were you trying to run? Did you print or log the query so you could check it was what you're expecting it to be? Have you checked the database table structure is correct? Did you check this query directly on the database (via either the command line or an application like PHPMyAdmin).

 

It really sounds like you need re-read chapter 8 in the book, specifically SQL and MySQL debugging techniques.

[bigwater]

I dropped echo statements in different locations of the files to see if I could find out where it was failing. The connect_mysqli.php file is their when It's meant to be. When I run the registration I get the email and the Database is updated (I built the db with the sql file included) When I click the link the activate field is set to null but when I go to log in I get the error message

~"Either the email address and password entered do not match those on file or you have not yet activated your account."

 

I tried an echo statement here to see how far I was getting

 

// Query the database:

$q = "SELECT user_id, first_name, user_level FROM users WHERE (email='$e' AND pass=SHA1('$p')) AND active IS NULL";

$r = mysqli_query ($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));

echo "$q";

if (mysqli_num_rows($r) == 1) {

 

which prints this on the page just above the error message

 

SELECT user_id, first_name, user_level FROM users WHERE (email='my email' AND pass=SHA1('mypassword')) AND active IS NULL

 

the email and password that populate the variable positions in the query are correct which is whats really confusing me because I know its connecting (I have pass or fail statements in mysqli_connect.php) the info is correct and the active field is NULL. What am I missing. If I run the query in php my admin "substituting pass=SHA1('mypassword')" for pass='32charpass' " I get the row but I am stumped. The only error messages I get are the ones I printed above. What direction am I supposed to go from here?

 

 

I should add that I did get the require(MYSQL); to work I was trying use an absolute url in the config file like shown above which I never got to work, why exactly I don't know but copying and pasting values between the two files testing I ended up with require('MYSQL'); with the quotes it didn't work. I was also confused because the files were on different directory levels a user at php manual put it like this "Remember that if file A includes file B, and B includes file C; the include path in B should take into account that A, not B, is the active working directory." so ./etc worked but not ../etc like I would have thought it should be.

[HartleySan]

Try echoing the following out to the screen before the if statement:

 

echo mysqli_num_rows($r);

 

Is 1 output, or another number?

[bigwater]

I get 0. I forced an error in the script and it still gives me

[connect_errno] => 0 and I can see the values in my database so I know I'm entering the right password

I just can't figure why everything else works but this.

I tried deleting cookies etc. ?

 

I'm using code copied pretty much right out of the support files now, everything but the connections are the same.

Thanks much for all the help

[HartleySan]

Well, if mysqli_num_rows is returning 0 on a SELECT statement, then that means that there are no records in the DB that match the conditions you are specifying.

I've had similar issues in the past when dealing with Japanese and the connection between the PHP script and the DB not sending the data with the proper encoding.

 

If you're using UTF-8, try adding the following line right below the call to the mysqli_connect function:

 

mysqli_set_charset($dbc, 'utf8'); // I'm assuming your DB connection handler is stored in the $dbc variable.

 

While I can't see your actual code, I can guarantee you this: If the query works directly from phpMyAdmin but not from your PHP script, then there is an issue with the DB connection.

[bigwater]

I'm using the code right out of ch18 in mysqli_connect.php I have this under the DEFINE statements;

 

$dbc = mysqli_connect (DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);

if (!$dbc) {echo "this is the connection page failing";

trigger_error ('Could not connect to MySQL: ' . mysqli_connect_error() );

} else {echo "this is the connection page";

mysqli_set_charset($dbc, 'utf8');

}

 

I added the echo statements to see if I was getting the page and connecting.

 

In the login.php file I've added the - printf("Error - SQLSTATE %s.\n", mysqli_sqlstate($dbc)); statement which returns, Error - SQLSTATE 00000. and echo mysqli_num_rows($r); which of course returns 0.

 

// Query the database:

$q = "SELECT user_id, first_name, user_level FROM users WHERE (email='$e' AND pass=SHA1('$p')) AND active IS NULL";

$r = mysqli_query($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));

printf("Error - SQLSTATE %s.\n", mysqli_sqlstate($dbc));

echo mysqli_num_rows($r);

if (@mysqli_num_rows($r) == 1) {

 

Now when I try to log in I get

 

this is the connection pageError - SQLSTATE 00000. 0

Either the email address and password entered do not match those on file or you have not yet activated your account.

 

 

I know I'm thinking to myself it's the wrong password in fact it works if I remove- AND pass=SHA1('$p') -from the query but I know it is the right password because I can see it in the database. I even registered with multiple emails addresses with the same password and I can see they are all given the same values in the database.

~beyond hair pulling

Thanks for the ideas so far

[rob]

If I run the query in php my admin "substituting pass=SHA1('mypassword')" for pass='32charpass' " I get the row but I am stumped.

 

Hash the password and echo this out before the SELECT query and manually check this against what is stored in the database.

 

I can guarantee you this: If the query works directly from phpMyAdmin but not from your PHP script, then there is an issue with the DB connection.

 

I would have said that since he's getting the script message "Either the email address and password entered do not match those on file or you have not yet activated your account." the db connection is fine but the problem could be the information stored is different to that being used in the SELECT query.

 

I agree though, that checking the character encoding would be a sensible step.

 

 

edit: i was posting this answer when you posted additional information.

[bigwater]

Wow thanks so much. Of course I knew it would be a silly little error but it gets so hard to thikn clearly at that point. You were right to check the hashed value, I forgot a dollar sign in the register page so I was registering a value of "p" as oppossed to the variable "$p" Here I'm thinking oohhh thats what my password looks like after SHA1 etc. but no that's what the letter p looks. Guess I should have tried a different password with one of those email address's.

This was the query I had in register.php

$q = "INSERT INTO users (email, pass, first_name, last_name, active, registration_date) VALUES ('$e', SHA1('p'), '$fn', '$ln', '$a', NOW())";

 

I added

 

echo SHA1('$p');

 

To the log in page and saw the values were different from those in the db (like you said) and from there it didn't take long to realize that I fprgot the '$' on the 'p' in the statement above.

Thanks again, I deffinitely learned something from this and hopefully this will save someone else some hair pulling as well.

[HartleySan]

Two posts ago, when you brought up that you suspected that the error was with the password, I instantly thought of the $p/p thing as well. And when I read your last post, it became clear to me that you noticed the same thing as well.

 

In the future though, it's probably best if you just directly copy code from your text editor into your post. In both instances of your query in your posts, you used '$p', which is different from just 'p', which ended up being the problem. As such, we would never have picked up on the problem by looking at the code segments you provided.

 

Anyway, glad you resolved it. I've had similarly stupid stuff before that's stumped me for a week, and when I finally caught the problem, it was such a relief (but at the same time, I felt so dumb).

 

Best of luck with whatever it is that you're working on.