Hello, I was making a login page with PHP and Mysql and have managed to debug all the errors, but the page says 'Wrong Username or Password' even though i have typed in the right password from the table.
I was wondering if anyone could help me.
Thanks
I have 4 php files:
main_login.php
check_login.php
login_success.php
logout.php
Here is all the code:
main_login.php:
<table>
<tr>
<form name="form1" method="post" action="check_login.php">
<td>
<table>
<tr>
<td><strong>Login form: </strong></td>
</tr>
<tr>
<td>UserName</td>
<td>:</td>
<td><input name="myusername" type="text" id="myusername"/></td>
</tr>
<tr>
<td>Password</td>
<td>:</td>
<td><input name="mypassword" type="text" id="mypassword"/>
</td>
</tr>
<tr>
<td> </td>
<td> </td>
<td><input type="Submit" name="Submit" value="Login"/></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
<?php
?>
check_login.php:
<?php
$host = "localhost";
$Username = "christopher";
$Password = "password";
$db_name = "test_db";
$tbl_name = "test";
//CONNECT TO SERVER
mysql_connect("$host", "$Username", "$Password") or die("CANNOT CONNECT");
mysql_select_db("$db_name") or die("CANNOT SELECT DB");
//USERNAME AND PASSWORD FROM FORM
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];
//SECURITY PROTECTION
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);
$sql = "SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result = mysql_query($sql);
$count = mysql_num_rows($result);
$count = 1;
if($count == 1){
session_register("myusername");
session_register("mypassword");
header("Location: http://localhost/login/2/login_success.php/");
} else {
echo "Wrong Username Or Password";
}
?>
login_success.php
<?php
session_start();
echo "login successful..";
if(!session_is_registered(myusername)){
header("location:main_login.php");
}
?>
<html>
<body>
LOGIN SUCCESSFUL
</body>
</html>
logout.php:
<?php
session_start();
session_destroy();
?>
check_login.php
login_success.php
logout.php
main_login.php