mysql_fetch_array not working
This code works on my computer, but when I run it on my web host's server, it doesn't. The output is "Incorrect password or email", even though I'm using the correct password. I thought I had made a mistake with the password开发者_高级运维s, but the code won't output $r['email'] or $r['passwordHash'], at the top of the while loop. If I use mysql_result on $sql, I get the data out, so something weird must be happening with mysql_fetch_array. Am I missing something here, or is this more likely a unique problem I should address with my host's support staff?
$query = "SELECT * FROM users WHERE user='$email'";
$sql = mysql_query($query);
while($r = mysql_fetch_array($sql)) {
echo $r['email'];
echo $r['passwordhash'];
if($passwordHash == $r['passwordhash']) {
$_SESSION['user_id'] = $email;
echo "started session";
}
else {
echo "Incorrect password or email";
}
}
Use $sql = mysql_query($query) or die (mysql_error())
to check if there's something going wrong with the query.
Alternatively, you could try mysql_fetch_assoc
(since I see you're most using associative arrays), to rule out a possible 'bug' of mysql_fetch_array (I doubt that but you could give it a try).
And check that $email
is not empty. If it's passed through a sanitizing function (as it should have before being put into the query), see if that function have actually returned a value or just NULL or an empty string.
And, btw, why are you using a while loop? Are you supposed to get more than one record (and passwords) with the same e-mail address?
One thing to check real quick would be PHP and MySQL version on your computer versus the web server. How are you handling the hashes, because that could also cause an issue.
Are you doing something like the following?
$password = md5($password);
If so, are you converting correctly on the web server side?
$password = $_POST['password'];
$passwordHash = md5($password);
unset($password);
$query = "SELECT * FROM users WHERE user='$email'";
$sql = mysql_query($query);
while($r = mysql_fetch_array($sql)) {
echo $r['email'];
echo $r['passwordhash'];
if($passwordHash == $r['passwordhash']) {
$_SESSION['user_id'] = $email;
echo "started session";
}
else {
echo "Incorrect password or email";
}
}
精彩评论