Mysqli_fetch_array in Locaweb, error logging in!

Asked

Viewed 297 times

-2

Hello, I have the following code:

<?php   
session_start();

require_once('conecta.php');    
$email = sha1($_POST['email']);
$senha = $_POST['senha'];


$sql = "SELECT * FROM dados WHERE email = '$email' AND senha = '$senha'";
$objDb = new db();
$link = $objDb->conecta_mysql();    
$resultado = mysqli_query($link, $sql);

if ($resultado) {
    $dados = mysqli_fetch_array($resultado);
    if (isset($dados['email'])) {

        $_SESSION['email'] = $dados["email"];
        $_SESSION['nome'] = $dados["nome"];



        header('Location: indexVol.php');
    } else {
        header('Location: entrar.php?erro=1');


    }
} else {
    echo 'Erro na execução da consulta, favor entrar em contato com o admin do site';
}
?>

But when I try to log in, it goes straight to header('Location: entrar.php?erro=1');, as if the database has no registered email and password, but it does. Does anyone have any idea what might be wrong? I know the code is not safe to sql Injection, but this is just a test for me to understand.

Note: The page is hosted on locaweb.com, I don’t know if there mysqli_fetch_array is available for use because Xampp works normally!

  • 1

    Let’s debug this, before your if($result) add echo mysqli_num_rows($result); and check how many lines your query returned! Then post here.

  • @Rafaelsalomão He returns no error, I asked for one var_dump($resultado) and he returns only object(mysqli_result)#3 (0) { }

  • 1

    If it does not return any line it means that there are no records with the login and password entered. If you use sha1 to save the password in the table at login time you must take the entered password and convert to sha1. Though I have said I make it clear that this code of yours is insecure!

  • But there’s the record, I changed it, I took sha1 out of the code, I re-signed it, and the var_dump($resultado) keeps coming empty, even though the register is in the bank!

  • @Rafaelsalomão I found out what the error was, I looked at the log in the hosting directory, and I had an error on another page, because of Session. Because in Locaweb you need to change the storage location of the Session, and I had not done that on the page the user is redirected after logging in! Thank you so much for your help!

  • 1

    Show Arthur, but take a look at the stack has many examples to mount the secure login.

Show 1 more comment

2 answers

1


The error at the beginning of the code may be generating the error, where you use SHA1 in the email, where the correct and in the email:

wrong:

<?php   
 session_start();

 require_once('conecta.php');    
 $email = sha1($_POST['email']);
 $senha = $_POST['senha'];

correct:

<?php   
 session_start();

 require_once('conecta.php');    
 $email = $_POST['email'];
 $senha = sha1($_POST['senha']);
  • I hadn’t really seen this, but I changed and still not logging in!

  • the error is the same or changed?

  • Remains the same thing, it jumps straight as es had no login data in the database!

  • have you give a var_dump($result) and see what appears?

  • vc take the mounted query ($sql ) and play straight into the database, return the expected result?

  • He returns object(mysqli_result)#3 (0) { }, and if I take the query mounted directly in the database it returns the expected!

  • 1

    I found out what the bug was, I looked at the log in the hosting directory, and there was an error on another page, because of Session. Because in Ocaweb you need to change the storage location of Session! Thank you very much for the help!

Show 2 more comments

1

Modify these lines:

$email = $_POST['email'];
$senha = sha1($_POST['senha']);
  • I modified, but still giving error, I asked for a var_dump($resultado) and he returns only object(mysqli_result)#3 (0) { }

  • You can edit the post and put its function conecta_mysql() ?

  • 1

    I found out what the bug was, I looked at the log in the hosting directory, and there was an error on another page, because of Session. Because in Locaweb you need to change the storage location of the Session, and I had not done that on the page the user is redirected after logging in! Thank you so much for your help!

Browser other questions tagged

You are not signed in. Login or sign up in order to post.