JS Problem

[Kulag]

I am writing a web application which is based around a simple command system that I want to manipualte with JS. Index.php loads up the common.php file containing this code for commands:

*?- Command System -->
*form action="index.php" method="post" id="form">
*input type="hidden" name="act" id="act" value="">
*input type="hidden" name="id" id="id" value="">
*/form>
*script type="javascript">
var Fact=document.getElementById("act");
var Fid=document.getElementById("id");
var form=document.getElementById("form");
function actID(action,id)
{
Fact=action;
Fid=id;
form.submit();
}
function actx(action)
{
Fact=action;
form.submit();
}
*/script>

Index.php then includes the appropriate sub-page, eg. login.html. I replaced all occurences of < with *.

*html>
*body>
*form action="javascript:actx('login');" method="post">
*table>
*tr>
*td>
Username:*/td>
*td>
*input type="text" name="user" />*/td>
*/tr>
*tr>
*td>
Password:*/td>
*td>
*input type="password" name="pass" />*/td>
*/tr>
*tr>
*td>
*input type="submit" value="Login" />*/td>
*td>
*a href="javascript:actx('signup');">Register*/a>*/td>
*/tr>
*/table>
*/form>
*/body>
*/html>

That is my login page. Thus, the full page would look like this when everything is added together.

*?- Command System -->
*form action="index.php" method="post" id="form">
*input type="hidden" name="act" id="act" value="">
*input type="hidden" name="id" id="id" value="">
*/form>
*script type="javascript">
var Fact=document.getElementById("act");
var Fid=document.getElementById("id");
var form=document.getElementById("form");
function actID(action,id)
{
Fact=action;
Fid=id;
form.submit();
}
function actx(action)
{
Fact=action;
form.submit();
}
*/script>

*center>*div style='font-size:36pt;'>Test RPG*/div>*br>*div style='font-size:14pt;'>RPStatus Version 1.1.1*/div>*/center>*br>*br>*html>
*body>
*form action="javascript:actx('login');" method="post">

*table>
*tr>
*td>
Username:*/td>
*td>
*input type="text" name="user" />*/td>
*/tr>
*tr>

*td>
Password:*/td>
*td>
*input type="password" name="pass" />*/td>
*/tr>
*tr>
*td>
*input type="submit" value="Login" />*/td>

*td>
*a href="javascript:actx('signup');">Register*/a>*/td>
*/tr>
*/table>
*/form>
*/body>
*/html>

However, this code gives me the error:
Error: actx is not defined
Source File: javascript:actx('signup');
Line: 1

Can someone please tell me what is wrong with my code?

[DynamicTech]

If this is code, verbatim, try closing your form tags and placing the forms inside of your tables. in your anchor *a href="javascript:actx('signup');">, do this:
* ahref="javascript://" onClick="javascript:actx('signup');">. Let me know how it goes.

[Kulag]

The form tags are closed. I have the forms outside the tables because that's what VWD 8 told me to do. (Visual Web Developer) I'll try the other stuff tommorow morning. Bedtime!

[Kulag]

Okay, I tried those things, but it didn't work. Here's the output of the login page. As you can see, if you click either login or register, and then go to the Javascript Console(Firefox), you can see the error it gives me.

[DynamicTech]

I got your code, and am checking it out. Give me a little while to toy with it.

[DynamicTech]

Kulag, what are hoping to accomplish? Are you trying to place the value login or signup into the act value? I am assuming you are wanting your index.php
page to perform two different functions depending on whether the user wants to sign in or register. Let me do a rewrite and see what you think.

[DynamicTech]

I have three different solutions to your problem, as I understand it. I could not get the javascript to function properly. I messed around with almost two hours . Check them out here: http://www.dynamicit.us/test.htm.
They will be up till 3 pm. The third form involves some javascript, the rest are straight up form submissions via the post method. Let me know if I can help you any further.

[Kulag]

Nevermind, removed the type="javascript" property from the script tag and it works perfectly. Wierd...

[Kulag]

Well, all is working fine except my login script:

$result=mysql_query("select * from `members` where 'name' = '".$user."' and 'password' = '".$pass."'") or Bugnet();
if (mysql_num_rows($result)<1)
{
Login_Fail();
}
$row=mysql_get_rows($result);
$_SESSION[$rp_id_cookie]=$row['id'];
$_SESSION[$rp_user_cookie]=$row['user'];
$_SESSION[$rp_auth_cookie]=$row['permissions'];

What is wrong with this code? Every time I run it, despite the fact that the username and password are identical to those stored in the database, it calls Login_Fail. I checked it, and no rows are being returned by MySQL. Also, I get no PHP, javascript, or MySQL errors.

[DynamicTech]

Ok, let me edit this post. Your problem is within your mysql sytax. name and password should be literal. So your mysql sytax should look like this:

$result=mysql_query("select * from members where name = '".$user."' and password = '".$pass."'") or Bugnet();

I always write mine like this:

$result=mysql_query("SELECT * FROM members WHERE name = '$user' AND password = '$pass'") or Bugnet();

The way you have it now, mysql is reading name and password as variables and not row names.

Maybe this will help.

[Kulag]

What I have is a table with 4 columns (name, password, email, and permissions) each user is stored on a seperate row, so the query used, whit the correct username and password, should return one row, containing the data for that user. However, MySQL isn't returning ANY rows, so (mysql_num_rows($result)<1) is triggering, along with Login_Fail(). Basically, Login_Fail excecutes die("Error, no such user/password.").

I do see what you mean about the mysql_get_rows() function.

[DynamicTech]

I edited my last post. This one should be more relevant to your problem.
Let me know how it goes.

[Kulag]

Ah, yes that works, I wonder why though, since that kind of code has always worked in the past for me...

Anyways, I ran up against another odd bug, where PHP is telling me that a variable that I put in the config file (included) is not defined. I can echo the variable, and it's used in other locations without a problem.

Success:
if (isset($_SESSION[$rp_auth_cookie])) {$loggedin=1;}
else { $_SESSION[$rp_auth_cookie]=""; $loggedin=0;}
if ($_SESSION[$rp_auth_cookie]<1)
{
SignIn();
}

That's my authorisation code. However, the login code fails:
$result=mysql_query("select * from members where name = '$user' and password = '$pass'");
if (mysql_num_rows($result)<1)
{
Login_Fail();
}
$row=mysql_fetch_array($result);
$_SESSION[$rp_id_cookie]=$row['id'];
$_SESSION[$rp_user_cookie]=$row['name'];
$_SESSION[$rp_auth_cookie]=$row['permissions'];

It fails at the lines where it starts with $_SESSION. The following code also fails with the same error.
function Footer()
{
if ($loggedin=1)
{
?>
*br>*br>You are currently logged in as *?php echo $_SESSION[$rp_user_cookie];?>.*br>
Options: *a href="javascript:actID('edit-email',*?php echo $_SESSION[$rp_id_cookie];?>);">Change E-Mail Address*/a> *a href="javascript:actx('logout');">Logout*/a>
*?php if ($_SESSION[$rp_auth_cookie]=3) {?> *a href="admin.php">Admin Control Panel*/a>
*?php }
}
die("");
}

I've gone over this for quite a while without finding the error. I had the same error on a different project a while back when I used "==" for comparision rather than a single "=" in the if function. The if function was a few lines up, so I think it's the same here.

[DynamicTech]

However, the login code fails:
$result=mysql_query("select * from members where name = '$user' and password = '$pass'");
if (mysql_num_rows($result)<1)
{
Login_Fail();
}
$row=mysql_fetch_array($result);
$_SESSION[$rp_id_cookie]=$row['id'];
$_SESSION[$rp_user_cookie]=$row['name'];
$_SESSION[$rp_auth_cookie]=$row['permissions'];

It fails at the lines where it starts with $_SESSION.

Ok. now we're getting to the mysql returns.
Try this:

$result=mysql_query("select * from members where name = '$user' and password = '$pass'");
if (mysql_num_rows($result)==false)
{
Login_Fail();
}
If I remember correctly, if there are no rows to return, mysql num rows returns false.
Now, the return on mysql fetch row will be an array of field values returned from the table. I was wrong in my other post about having to loop through this return to get each value individually. Since you are looking for just one row returned, I'll code it like this:
$row=mysql_fetch_row($result);

This should return an array of values held within this row of your table.
For example: Say your table contains the fields id, name, and permissions, respectively. The return values will be:
id = $row[0]
name = $row[1]
permissions = $row[2]
We need to do this code like this:
$_SESSION[$rp_id_cookie]=$row[0];
$_SESSION[$rp_user_cookie]=$row[1];
$_SESSION[$rp_auth_cookie]=$row[2];

try this and see if your other error goes away. The $_SESSION[$rp_auth_cookie]=3 may just need a value.

[DynamicTech]

Although, I guess we could also approach it this way:

$result=mysql_query("select * from members where name = '$user' and password = '$pass'");
$row=mysql_fetch_row($result);
if($row==false){
Login_Fail();
}else{
$_SESSION[$rp_id_cookie]=$row[0];
$_SESSION[$rp_user_cookie]=$row[1];
$_SESSION[$rp_auth_cookie]=$row[2];}

[Kulag]

Well, I don't get any new errors, but the old ones are still there.

While we're at it, is there some sort of a 'case else' for use within a switch statment?

[DynamicTech]

Could you email me the files so i can get a look at the overall picture?
This address will be active till tommorrow: redis507-box@yahoo.com.
I think php does have a case/else. I will have to look into it to get the specifics.

[Kulag]

Ok, sent the email. Thanks, this has been a great help.

[Kulag]

The email didn't go through, so I'm attaching the zip file here.

[DynamicTech]

Sorry for the late reply kulag, but I have been down with the flu. i just got your file, and will look them over tommorrow.

[Kulag]

I am sorry about you getting the flu, and I don't mind about the amount of time it took. The script I gave you won't work even if you did figure out the cause of the missing variables, since html is sent to the browser before the session variables. I have fixed this, and made the indexes static. I would still like to have more dynamic indexes, so that if someone has multiple copies of the app running on the server, the session variables can be different.

[DynamicTech]

kulag, this file is showing to be corrupt.

[Kulag]

Try the file I attached above, if that doesn't work, I'll grab the newset copy and re-archive it. Maybe RAR next time...

[DynamicTech]

Winzip still says invalid archive. Winrar extracts giberish.

[Kulag]

Ok, here's a new zip archive done by IzARC.

[DynamicTech]

The file is still garbled. Are you uploading it binary or ASCII?

[Kulag]

I don't know, I just went to post reply, manage attachments, upload file from computer, and uploaded it. It doesn't give you any options.