PHP Help

[GoldenEagle]

I have written a file uploading utillity and it will not function right. The code is correct, I think. I run the query inside MySQL and it returns the values that I am loooking for. I am not sure, what the problem is but when I enter the correct info it always returns to authorization failed. Even if I leave it blank, its does that as well. If anyone has the solution, let me know.

Quote:

include ".\common_db.inc";

function db_connect() {
global $dbhost, $dbusername, $dbuserpassword, $default_dbname;
global $MYSQL_ERRNO, $MYSQL_ERROR;

$link_id = mysql_connect($dbhost, $dbusername, $dbuserpassword);

if(!$link_id) {
$MYSQL_ERRNO = 0;
$MYSQL_ERROR = "Connection failed to the host $dbhost.";
return 0;
}
else if(empty($dbname) && !mysql_select_db($default_dbname)) {
$MYSQL_ERRNO = mysql_errno();
$MYSQL_ERROR = mysql_error();
return 0;
}
else if(!empty($dbname) && !mysql_select_db($dbname)) {
$MYSQL_ERRNO = mysql_errno();
$MYSQL_ERROR = mysql_error();
return 0;
}
else return $link_id;
}

function auth_user($username, $userpassword) {
global $user_tablename;

$link_id = db_connect();

$query = "SELECT * FROM upload WHERE username = '$username'
AND userpassword = '$userpassword'";

$result = mysql_query($query);

if (!mysql_num_rows($result)) return 0;

else {
$query_data = mysql_fetch_row($result);
return $query_data[0]; }
}

function upload_file() {
global $userfile, $userfile_name, $userfile_size,
$userfile_type, $archive_dir, $WINDIR;

if(isset($WINDIR)) $userfile = str_replace("\\\\","\\", $userfile);

$filename = basename($userfile_name);

if($userfile_size <= 0) die ("$filename is empty.");

if(!@copy($userfile, "$archive_dir/$filename"))
die("Can't copy $userfile_name to $filename.");

if(!isset($WINDIR) && !@unlink($userfile))
die ("Can't delete the file $userfile_name.");

echo "$filename has been successfully uploaded.
";
echo "Filesize: " . number_format($userfile_size) . "
";
}
?>

$archive_dir = "./files";
function upload_form() {
global $PHP_SELF;
?>

Click here to change your password.


}

session_start();
if(!isset($username)) {
upload_form();
exit;
}

else {
session_register("username", "userpassword");
$username = auth_user($username, $userpassword);
if(!$username) {
session_unregister("username");
session_unregister("userpassword");
echo "Authorization failed. " .
"Please check your login/password details.";
exit; }
}
?>




if($action == 'upload') upload_file();
else upload_form();
?>

[Alf]

I hate global variables. I'd look there first for your problem.