Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- PHP HELP- i cant seem to get them to work?
- verify.php is meant to call users.php which it does but when asking it to call the database and compare the $_SESSION['company'] with the variable 'name' an error pops up . Here is the line with the error
- $result = mysql_query('SELECT * FROM profile WHERE name like $_SESSION['company']');
- . here are the two scripts.
- verify.php
- <?php
- if(isset($_POST['submit'])){
- $dbHost = "localhost"; //Location Of Database usually its localhost
- $dbUser = "root"; //Database User Name
- $dbDatabase = "test"; //Database Name
- $db = mysql_connect($dbHost,$dbUser)or die("Error connecting to database.");
- mysql_select_db($dbDatabase, $db)or die("Couldn't select the database.");
- $user = mysql_real_escape_string($_POST['usernam…
- $password = mysql_real_escape_string($_POST['passwor…
- $sql = mysql_query("SELECT company,password,salt
- FROM company
- WHERE username='$user'
- LIMIT 1");
- if(mysql_num_rows($sql) == 1){
- $row = mysql_fetch_array($sql);
- $userData = mysql_fetch_array($row, MYSQL_ASSOC);
- $hash = hash('sha256', $userData['salt'] . hash('sha256', $password) );
- session_start();
- $_SESSION['username'] = $row['username'];
- $_SESSION['company'] = $row['company'];
- $_SESSION['logged'] = TRUE;
- header("Location: users.php");
- exit;
- }else{
- header("Location: log_error.php");
- exit;
- }
- }else{
- header("Location: log_error.php");
- exit;
- }
- ?>
- users.php
- <style type="text/css">
- <!--
- body {
- background-color: #009901;
- }
- -->
- </style><?php
- session_start();
- if(!$_SESSION['logged']){
- header("Location: login.php");
- exit;
- }
- echo '<h2>Welcome, '.$_SESSION['company'].' </h2>';
- $con = mysql_connect("localhost","root");
- if (!$con)
- {
- die('Could not connect: ' . mysql_error());
- }
- mysql_select_db("test", $con);
- $result = mysql_query('SELECT * FROM profile WHERE name like $_SESSION['company']');
- if($result==true){
- echo "<dl>";
- while($row=mysql_fetch_array($result))
- {
- echo "<dt> Address:</dt>";
- echo "<dd>" . $row['address'] . "</dd>";
- echo "<dt> Phone Number:</dt>";
- echo "<dd>" . $row['phoneno'] . "</dd>";
- echo "<dt> Company Profile<br>:</dt>";
- echo "<dd>" . $row['notes'] . "</dd>";
- }
- echo "</dl>";
- }
- else{
- echo 'invalid query:'.mysql_error();
- }
- mysql_close($con);
- ?>
Add Comment
Please, Sign In to add comment