fonecave Posted May 3, 2008 Share Posted May 3, 2008 I am trying to access my database to match the password field for posted_password from a form then set a cookie I can't even get the php code to give me the password in the db for the submitted username! (which is an email address) If i can at least get info from the db i can finish the script HELP! <?php if (isset ($_POST['login'])) { $username=trim($_POST['username']); $pass=trim($_POST['pass']); if (empty($username) || empty($pass)) { echo '<form action="login.php" method="post"'; echo 'enctype="multipart/form-data">'; echo '<input type="text" name="username" /><br>'; echo '<br>'; echo '<input type="password" name="pass" />'; echo '<br>'; echo ' '; echo ' '; echo ' <input type="submit" '; echo 'name="login" value="Login" />'; echo '</form>'; echo "<script>alert('Please enter username and password to login.')</script>"; } else { $con = mysql_connect("localhost","admin_login","pass1"); if (!$con) { die('Contact [email protected] - Could not connect: ' . mysql_error()); } mysql_select_db("fonecave_00001", $con); $result = mysql_query("SELECT password FROM members WHERE email=$_POST['username']"); echo $result; } } else { echo '<form action="login.php" method="post"'; echo 'enctype="multipart/form-data">'; echo '<input type="text" name="username" /><br>'; echo '<br>'; echo '<input type="password" name="pass" />'; echo '<br>'; echo ' '; echo ' '; echo ' <input type="submit" '; echo 'name="login" value="Login" />'; echo '</form>'; } ?> Link to comment https://forums.phpfreaks.com/topic/104003-solved-mysql-authentication-help/ Share on other sites More sharing options...
BlueSkyIS Posted May 3, 2008 Share Posted May 3, 2008 $result = mysql_query("SELECT password FROM members WHERE email='$username'") or die(mysql_error()); if (mysql_numrows($result) > 0) { // found a match } Link to comment https://forums.phpfreaks.com/topic/104003-solved-mysql-authentication-help/#findComment-532437 Share on other sites More sharing options...
fonecave Posted May 3, 2008 Author Share Posted May 3, 2008 I get Match FoundResource id #3 if i type in an email address thats registered how do i try and match the password attached to the record with a variable to obtain a password match or fail? i.e if ($result == $pass) { do code } UPDATED: <?php if (isset ($_POST['login'])) { $username=trim($_POST['username']); $pass=trim($_POST['pass']); if (empty($username) || empty($pass)) { echo '<form action="login.php" method="post"'; echo 'enctype="multipart/form-data">'; echo '<input type="text" name="username" /><br>'; echo '<br>'; echo '<input type="password" name="pass" />'; echo '<br>'; echo ' '; echo ' '; echo ' <input type="submit" '; echo 'name="login" value="Login" />'; echo '</form>'; echo "<script>alert('Please enter username and password to login.')</script>"; } else { $con = mysql_connect("localhost","fonecave_admin","cloud9"); if (!$con) { die('Contact [email protected] - Could not connect: ' . mysql_error()); } mysql_select_db("fonecave_00001", $con); $result = mysql_query("SELECT password FROM members WHERE email='$username'") or die(mysql_error()); if (mysql_numrows($result) > 0) { echo 'Match Found'; echo $result; } else { echo "<script>alert('Login details incorrect.')</script>"; echo '<form action="login.php" method="post"'; echo 'enctype="multipart/form-data">'; echo '<input type="text" name="username" /><br>'; echo '<br>'; echo '<input type="password" name="pass" />'; echo '<br>'; echo ' '; echo ' '; echo ' <input type="submit" '; echo 'name="login" value="Login" />'; echo '</form>'; } } } else { echo '<form action="login.php" method="post"'; echo 'enctype="multipart/form-data">'; echo '<input type="text" name="username" /><br>'; echo '<br>'; echo '<input type="password" name="pass" />'; echo '<br>'; echo ' '; echo ' '; echo ' <input type="submit" '; echo 'name="login" value="Login" />'; echo '</form>'; } ?> Link to comment https://forums.phpfreaks.com/topic/104003-solved-mysql-authentication-help/#findComment-532453 Share on other sites More sharing options...
BlueSkyIS Posted May 3, 2008 Share Posted May 3, 2008 $result = mysql_query("SELECT id FROM members WHERE email='$username' and password='$pass'") or die(mysql_error()); if (mysql_numrows($result) > 0) { echo 'user name and password match'; // to get the id that was selected: list($id) = mysql_fetch_row($result); } Link to comment https://forums.phpfreaks.com/topic/104003-solved-mysql-authentication-help/#findComment-532455 Share on other sites More sharing options...
fonecave Posted May 3, 2008 Author Share Posted May 3, 2008 I dont want the id i just want the actual password stored in that record as there will either be none or just 1 as the registration process weeds out duplicates the mysql_numrows($result) lets me know if the login is not there at all but when the record is present i want to encapsulate the password in a variable so a can do a variable match if ($mysqlpassword == $pass) { } Link to comment https://forums.phpfreaks.com/topic/104003-solved-mysql-authentication-help/#findComment-532465 Share on other sites More sharing options...
BlueSkyIS Posted May 3, 2008 Share Posted May 3, 2008 switch id to pass in the query. Link to comment https://forums.phpfreaks.com/topic/104003-solved-mysql-authentication-help/#findComment-532467 Share on other sites More sharing options...
fonecave Posted May 3, 2008 Author Share Posted May 3, 2008 That's fantastic thanks again Link to comment https://forums.phpfreaks.com/topic/104003-solved-mysql-authentication-help/#findComment-532472 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.