1

I have successfully connected to sql server 2012 in php using the script (db_connect.php) below:

    <?php   

    $serverName = "192.168.1.248\SQL2012"; //serverName\instanceName
    $connectionInfo = array( "Database"=>"TLSS", "UID"=>"sa", "PWD"=>"blablabla");


    $connect = sqlsrv_connect( $serverName, $connectionInfo);

    if( $connect) {
         echo "Database connection established.<br />";
    }else{
         echo "Connection could not be established.<br />";
         die( print_r( sqlsrv_errors(), true));
    }
?>

Now I have a login script that is not throwing any errors when I run it but it's not redirecting to the correct page when I put correct login credentials. The login script (login.php) is as below:

 <?php 
require_once 'php_action/db_connect.php';

session_start();

if(isset($_SESSION['userId'])) {
    header('location: http://192.168.1.248:8080/booking/generate_tdn.php'); 
}

$errors = array();

if($_POST) {        

    $username = $_POST['username'];
    $password = $_POST['password'];

    if(empty($username) || empty($password)) {
        if($username == "") {
            $errors[] = "Username is required";
        } 

        if($password == "") {
            $errors[] = "Password is required";
        }
    } else {
        $sql = "SELECT * FROM tblLogin WHERE login = '$username'";
        $result = sqlsrv_query ($connect , $sql );
        //$result = $connect->query($sql); NOt applicable to SQL Server

        if(sqlsrv_num_rows ($result ) == 1) {

            $password = $password; 
            // exists
            $mainSql = "SELECT * FROM tblLogin WHERE login = '$username' AND passwd = '$password'";
            $mainResult = sqlsrv_query($connect, $mainSql);
            //$mainResult = $connect->query($mainSql); Not applicable to SQL server

            if (sqlsrv_num_rows ($mainResult ) == 1){
            //if($mainResult->num_rows == 1) {
                $value = sqlsrv_fetch_assoc($mainResult);
                $user_id = $value['login'];

                // set session
                $_SESSION['userId'] = $user_id;

                header('location: http://192.168.1.248:8080/booking/generate_tdn.php'); 
            } else{

                $errors[] = "Incorrect username/password combination";
            } // /else
        } else {        
            $errors[] = "Username does not exist";      
        } // /else
    } // /else not empty username // password

} // /if $_POST
?>

When I run the login script, it's throwing the message "Username does not exist" meaning the code on lines 26-30 are not executing, but no error is being thrown. What am I missing?

Roland Tony
  • 11
  • 1
  • Are you sure there is only 1 row with that username? Echo out your query, run it directly in the database, and find out how many rows you get. "Username does not exist" happens when sqlsrv_num_rows is not 1. – aynber Jan 22 '19 at 17:39
  • @aynber I am sure that there is only 1 row with that Username – Roland Tony Jan 23 '19 at 10:07

0 Answers0