adnan1

Hi, I am new to php and postgresql. I am having some problems in login a registered user. I do not understand why i am getting the error "Incorrect password, please try again" even though i am entering the right password. Could anyone please look at my code and let me know where i am going wrong. Thanks <?php // Connects to your Database include "connect.php"; //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['username'] | !$_POST['password']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = pg_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(pg_error()); //Gives error if user dosen't exist $check2 = pg_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>'); } while($info = pg_fetch_array( $check )) { $_POST['password'] = stripslashes($_POST['password']); $info['password'] = stripslashes($info['password']); $_POST['password'] = md5($_POST['password']); //gives error if the passwordword is wrong if ($_POST['password'] != $info['password']) { die('Incorrect password, please try again.'); } else { //then redirect them to the members area header("Location: members.php"); } } } else { // if they are not logged in ?> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="40"> </td></tr> <tr><td>password:</td><td> <input type="password" name="password" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> <?php }

Hi, I am new to php and postgresql. I am having some problems in login a registered user. I do not understand why i am getting the error "incorrect password" even though i am entering the right password. Could anyone please look at my code and let me know where i am going wrong. Thanks <?php //testing the session session_start(); ?> <?php // Connects to your Database include "connect.php"; $username = $_POST["username"]; $password = $_POST["password"]; $check = pg_query("SELECT * FROM users WHERE username = '$username' and password = '$password'")or die(pg_error()); $info = pg_fetch_array( $check ); while($info = pg_fetch_array( $check )) { if ($password != $info['password']) { echo "you have entered an incorrect username or password, please try again !"; } else { header("Location: members.php"); } } //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['username'] | !$_POST['password']) { die('You did not fill in a required field.'); } // checks it against the database $check = pg_query("SELECT * FROM users WHERE username = '".$_POST['username']."' and password = '".$_POST['password']."'")or die(pg_error()); $check2 = pg_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=register.php>Click Here to Register</a>'); } while($info = pg_fetch_array( $check)) { //gives error if the password is wrong if ($_POST['password'] != $check['password']) { echo "incorrect password !"; } else { //then redirect them to the members area $_SESSION["username"] = $username; } } } else { // if they are not logged in ?> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table valign="left" width="150" height="150" border="1"> <tr valign="left"> <tr valign="center"> <td> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="40"> </td></tr> <tr><td>Password:</td><td> <input type="password" name="password" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> <?php } ?>