bro it shows 0 as the number even if the correct email or wrong… here is what is shows
The email address provided does not match the one we have on file.
Click your browsers BACK button and try again.
number :0
I wonder if it’s not connecting to the database, as it should not be coming out with 0 for logged in and not logged in email address.
I’m going to try connecting to the database in the script
replace
[php]$manualentryused=true;
}
require(’/var/chroot/home/content/86/5984986/html/secure/globals.php’);
$sql = mysql_query(“SELECT user_id, email FROM " . SECURE_TABLE_PREFIX . “users WHERE email=’$clientemail’ AND user_id=’”.$_SESSION[SECURE_SESSION_PREFIX.“userId”].”’ ")or die(mysql_error());
$n = mysql_num_rows($sql);
if($n == 1){} else {
linklokShowMessage($ErrorTemplate,“The email address provided does not match the one we have on file.
Click your browsers BACK button and try again.”);
exit;
}
//stop script and display number of rows and userid
die(“number :$n”);
// Check email address entered is valid
if (!linklokvalidemail($clientemail))[/php]
with
[php]
$manualentryused=true;
}
// remove require(’/var/chroot/home/content/86/5984986/html/secure/globals.php’);
// db properties
define(‘DBHOST’,‘localhost’);
define(‘DBUSER’,‘database username’);
define(‘DBPASS’,‘password’);
define(‘DBNAME’,‘database name’);
// make a connection to mysql here
conn = mysql_connect (DBHOST, DBUSER, DBPASS);
conn = mysql_select_db (DBNAME);
if(!$conn){
die( “Sorry! There seems to be a problem connecting to our database.”);
}
$sql = mysql_query(“SELECT user_id, email FROM secure_users WHERE email=’$clientemail’ AND user_id=’”.$_SESSION[SECURE_SESSION_PREFIX.“userId”]."’ ")or die(mysql_error());
$n = mysql_num_rows($sql);
if($n == 1){} else {
linklokShowMessage($ErrorTemplate,“The email address provided does not match the one we have on file.
Click your browsers BACK button and try again.”);
exit;
}
//stop script and display number of rows and userid
die(“number :$n”);
// Check email address entered is valid
if (!linklokvalidemail($clientemail))
[/php]
make sure you put in your database connection details.
when i load the form.php file it gives this error…
Parse error: syntax error, unexpected ‘=’ in /home/content/86/5984986/html/new/Alink/Alink/linklokurl.php on line 881
sorry I forgot to add $ to 2 varibles:
[php]$conn = mysql_connect (DBHOST, DBUSER, DBPASS);
$conn = mysql_select_db (DBNAME);[/php]
this is what i get if i am logged in… or if i enter a wrong email or even if i enter a same email as the logged in user… it all gives me a same message…
The email address provided does not match the one we have on file.
Click your browsers BACK button and try again.
hmm right, if there are more then one user account with matching email/id then that could effect it lets see how many matching records are found for the email and id
add the following after the database connection:
[php]$matches = mysql_result(mysql_query(“SELECT COUNT(*) as Num FROM secure_users WHERE email=’$clientemail’ AND user_id=’”.$_SESSION[SECURE_SESSION_PREFIX.“secure_userId”]."’ "),0);
die(“total matches: $matches”);[/php]
here is how it looks like when i paste the code…
[php]
// make a connection to mysql here
$conn = mysql_connect (DBHOST, DBUSER, DBPASS);
$conn = mysql_select_db (DBNAME);
if(!$conn){
die( “Sorry! There seems to be a problem connecting to our database.”);
}
$matches = mysql_result(mysql_query(“SELECT COUNT(*) as Num FROM secure_users WHERE email=’$clientemail’ AND user_id=’”.$_SESSION[SECURE_SESSION_PREFIX.“secure_userId”]."’ "),0);
die(“total matches: $matches”);
$sql = mysql_query(“SELECT user_id, email FROM secure_users WHERE email=’$clientemail’ AND user_id=’”.$_SESSION[SECURE_SESSION_PREFIX.“userId”]."’ ")or die(mysql_error());
$n = mysql_num_rows($sql);
if($n == 1){} else {
linklokShowMessage($ErrorTemplate,“The email address provided does not match the one we have on file.
Click your browsers BACK button and try again.”);
exit; [/php]
if i enter correct email or wrong email… they all give the same answer …total matches: 0
just thought we’re not using the global file anymore but still using reference from it, I’ve removed the references try this:
[php]
// make a connection to mysql here
$conn = mysql_connect (DBHOST, DBUSER, DBPASS);
$conn = mysql_select_db (DBNAME);
if(!$conn){
die( “Sorry! There seems to be a problem connecting to our database.”);
}
$matches = mysql_result(mysql_query(“SELECT COUNT(*) as Num FROM secure_users WHERE email=’$clientemail’ AND user_id=’”.$_SESSION[“secure_userId”]."’ "),0);
die(“total matches: $matches”);
$sql = mysql_query(“SELECT user_id, email FROM secure_users WHERE email=’$clientemail’ AND user_id=’”.$_SESSION[“secure_userId”]."’ ")or die(mysql_error());
$n = mysql_num_rows($sql);
if($n == 1){} else {
linklokShowMessage($ErrorTemplate,“The email address provided does not match the one we have on file.
Click your browsers BACK button and try again.”);
exit; [/php]
you have got session_start(); at the top of the file right?
no i dnt have session start there… but i have put it there nw… am im trying with the code u gave juxt
it still shows 0… for both corect email and wrong email…
do i still need this part…
[php]//stop script and display number of rows and userid
die(“number :$n”);
[/php]
are that could be what’s being causing all the problems as without session_start() sessions cannot be created r used so the check against the user session will always fail.
no you can remove that.
so does it display total matches: 0
so wat to do nw… nw session start is there…
yeah still givin that
total matches: 0
right under session_start(); put print_r($_SESSION); like :
[php]session_start();
print_r($_SESSION);[/php]
then post what is displays.
when user is not logged in it displays…
Array ( [secure_exp] => 1278272544 ) total matches: 0
and when user is logged on it displays
Array ( [secure_exp] => 1278272719 [secure_userId] => 5 [secure_username] => luvrockz [secure_name] => Luvrockz [secure_groups] => Array ( [0] => Admin [1] => downloadlinktest ) ) total matches: 1
and both of them are also displayed at the top of form.php
okay so that confirms $_SESSION[‘secure_userId’] is used when logged in, so why is the query failing even when logged in?.
I’m wondering if it’s anything to do with the email that is passed, replace
[php]$matches = mysql_result(mysql_query(“SELECT COUNT(*) as Num FROM secure_users WHERE email=’$clientemail’ AND user_id=’”.$_SESSION[“secure_userId”]."’ "),0);
die(“total matches: $matches”);[/php]
with
[php]$matches = mysql_result(mysql_query(“SELECT COUNT(*) as Num FROM secure_users WHERE user_id=’”.$_SESSION[“secure_userId”]."’ "),0);
die(“total matches: $matches”);[/php]
if I’m right if your not logged in you should get total matches: 0 otherwise total matches: 1 when logged in.
ok so here is what i get when im logged in
Array ( [secure_exp] => 1278273509 [secure_userId] => 5 [secure_username] => luvrockz [secure_name] => Luvrockz [secure_groups] => Array ( [0] => Admin [1] => downloadlinktest ) ) total matches: 1
and here is without loggin in…
Array ( [secure_exp] => 1278273597 ) total matches: 0
great now modify the session to look like this:
[php]
session_start();
print_r($_POST);[/php]
this is what i get when im logged in…
Array ( ) total matches: 1
and this is when im not logged in…
Array ( ) total matches: 0