Page 1 of 1

[SOLVED] View donation points after login

PostPosted: Sun May 17, 2015 7:20 am
by er1615
what's wrong with this script ?
  1. <?php
  2. session_start();
  3.  
  4. mysql_connect('localhost', 'root', 'root');
  5. mysql_select_db('roseon');
  6.  
  7. if ( ($_SERVER['REQUEST_METHOD'] == 'POST') ) {
  8.     $sql = "SELECT id FROM accounts WHERE username = '%s' AND password = '%s';";
  9.     $sql = sprintf($sql, mysql_real_escape_string($_POST['user_name']), md5($_POST['password']));
  10.     $res = @mysql_query($sql);
  11.     if ( $res === false ) {
  12.         echo '<p class="error_block">Problem with loggin in</p>';
  13.     } elseif ( mysql_num_rows($res) == 0 ) {
  14.         echo '<p class="error_block">Invalid combination username/password</p>';
  15.     } else {
  16.         echo '<p class="ok_block">Valid login</p>';
  17.         $_SESSION['user_account_id'] = mysql_result($res, 0);
  18.     }
  19. }
  20. if ( isset($_SESSION['user_account_id']) ) {
  21.     echo 'Welcome: ' . $_SESSION['user_account_id'] . '<br />';
  22. } else {   
  23.     echo '
  24. <form action="" method="post">
  25. <div align="center"><br /></div>
  26.                 <table width="400" border="0" align="center">
  27. <tr>
  28. <td style="text-align: left;">User name: <input type="text" name="user_name" id="user_name"></td>
  29. </tr>
  30. <tr>
  31. <td style="text-align: left;">Password:  <input type="password" name="password" id="password"></td>
  32. </tr>
  33. </table>
  34. <p style="text-align: center;">     <input type="submit" name="login" id="login" value="login">
  35.  
  36. </p>    </form>
  37.     ';
  38. }
  39. $sql = "SELECT donation FROM accounts WHERE username = '%s';";
  40. $sql = sprintf($sql, $_SESSION['user_account_id']);
  41.  
  42. $res = mysql_query($sql);
  43. if ( $res === false ) {
  44. echo 'We could not get your donation points from the database, something went wrong!';
  45. }
  46. ?>


i want to make a script after we log in we can see our donation points, but after i try this script the result like this :

*this is before i log in
Picture1.jpg
Picture1.jpg (7.07 KiB) Viewed 17918 times


*this is after i log in, and it's show account id, not username, and the donation point still blank.
Picture2.jpg
Picture2.jpg (5.75 KiB) Viewed 17918 times

Re: [Help] View donation points after login

PostPosted: Mon May 18, 2015 5:22 am
by Vetyst
Dear er1615,

first of, the mysql_ prefixed functions have been depricated for a while now, and for security reasons they disabled their functionality.

instead u could try using mysqli or PDO.

as for your problem, replace row 39 with:

  1. $sql = "SELECT donation FROM accounts WHERE id = '%s';";

Re: [Help] View donation points after login

PostPosted: Mon May 18, 2015 10:49 am
by er1615
I try follow your advice and now it work well, thank you.