Need Explanation In Php Errors

[wolstech]

Some things to look at:

($err !== false ? '<div class="error">'.$err.'</div>' : null);

This is likely why it's broken. You need to use an IF statement. The ? : format requires PHP 5.4, which is not available on Stevie (which has 5.3.8). You will need to go through your code and rewrite these as IF statements. The conditional should also be != not !==. I personally would use !empty($err) instead.

 

if(empty($uname) || empty($pass) || empty($uname) && empty($pass)) $err .= $t['er_login'];

No need for the "empty($uname) && empty($pass)" part in these IF statements. As soon as one of them is empty, it's true, and the other one doesn't matter.

 

md5(input($_POST['pass']));

Use SHA1. You also should salt your passwords.

[Mhari]

Ok i will apply your advices

and thank you so much

[Mhari]

Am I did mistakes in this line?

$db->query("SELECT * FROM `users` WHERE (`nick` = '". $uname ."' OR `email` = '". $uname ."') AND `pass` = '". $pass ."'")->num_rows

even though the inputs was correct, error will displayed and said that the username doesn't exist

i have tried it with registered username..

What was my mistakes?

[wolstech]

That query won't find the user if the password is wrong. I generally do two queries, one to find the username, then one to check the password. That way I can tell if the user doesn't exist or if their password is just wrong.

 

Other than that, the issue may be with the num_rows being on the end.

 

What class is $db an instance of? In all the examples I've seen, the normal mysqli class doesn't let you put num_rows on the end like that. I usually see something like: $somevariable = $db->num_rows; though if($db->num_rows > 0) { /* Do Something */ } might be better for your use.

[Mhari]

Do you mean I have to create a variable for query like

$v = $db->query("SELECT * FROM `users` WHERE (`nick` = '". $uname ."' OR `email` = '". $uname ."') AND `pass` = '". $pass ."'");

and then use it like

if($v->num_rows == 1) //something

am i right?

[Mhari]

Ok solved. Thank you so much

[Mhari]

Hi,

i am so confuse about logout system. Every time i try, and every time too it produce an failure.

I have db connection file, classes file, and function file which i have included it in a file called config.php. And then i include config.php in logout file but i shows error like:

Warning: Cannot modify header information - headers already sent by (output started at /home1/mhr2/public_html/system/db.php:13) in /home1/mhr2/public_html/logout.php on line

12

the code is

<?php
require_once "config.php"; 
if(user::logged())
{
setcookie('uid', '', (time()-3600), '/');
setcookie('pass', '', (time()-3600), '/');
$_SESSION['uid'] = false;
$_SESSION['pass'] = false;
session_destroy();
header('location: /');
} else { header('location: /'); }
?>

and then i have tried to make a changes, but it shows error like:

Warning: session_destroy() [ function.session-destroy]: Trying to destroy uninitialized session in /home1/mhr2/public_html/logout.php on line 6

Warning: Cannot modify header information - headers already sent by (output started at /home1/mhr2/public_html/logout.php:6) in /home1/mhr2/public_html/logout.php on line 7

and the code is:

<?php
setcookie('uid', '', (time()-3600), '/');
setcookie('pass', '', (time()-3600), '/');
$_SESSION['uid'] = false;
$_SESSION['pass'] = false;
session_destroy();
header('location: /');
?>

please help me. I dont know where the mistakes is

[wolstech]

The headers already sent error is because setcookie() is just like the header() function. You can't use it once output has been sent. In your case, that output is being sent by whatever is on line 13 of db.php (the output is probably an error of some sort since DB classes don't usually produce screen output unless they're not working properly).

 

The session_destroy() error is because you didn't start your session. You have to initialize it using session_start() before you can destroy it.

[Mhari]

I think logout file need files like db.php and classes.php which will make me can check the condition in:

if(user::logged())
{ //destroy
header('location: /');
} else { header('location: /'); }

because user::logged() need classes.php file and classes.php file need db.php file. Is i am did mistakes in creating db.php file?

Here is it:

<?php
// make a connection to database

define('host', 'localhost');
define('user', 'dbuser');
define('pass', 'password');
define('db', 'dbname');

$db = new mysqli(host, user, pass, db);
if($db->connect_error){
die('Failed to connect: '. $db->connect_errno .'-'. $db->connect_error);
}
?>

this is the code in line 10 - 13:

if($db->connect_error){
die('Failed to connect: '. $db->connect_errno .'-'. $db->connect_error);
}
?>

am i did some output here?

[Mhari]

Ok the problem solved now. By adding this line in db.php file

else return null;

i thought that if the db connection was connected perfectly, it won't outputting anything, so i not putting "else".

And yeah, Thank you for guiding me

[wolstech]

You're welcome