adnan1 Posted July 16, 2008 Share Posted July 16, 2008 Hi, I am new to php and postgresql. I am having some problems in login a registered user. I do not understand why i am getting the error "Incorrect password, please try again" even though i am entering the right password. Could anyone please look at my code and let me know where i am going wrong. Thanks <?php // Connects to your Database include "connect.php"; //if the login form is submitted if (isset($_POST['submit'])) { // if form has been submitted // makes sure they filled it in if(!$_POST['username'] | !$_POST['password']) { die('You did not fill in a required field.'); } // checks it against the database if (!get_magic_quotes_gpc()) { $_POST['email'] = addslashes($_POST['email']); } $check = pg_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(pg_error()); //Gives error if user dosen't exist $check2 = pg_num_rows($check); if ($check2 == 0) { die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>'); } while($info = pg_fetch_array( $check )) { $_POST['password'] = stripslashes($_POST['password']); $info['password'] = stripslashes($info['password']); $_POST['password'] = md5($_POST['password']); //gives error if the passwordword is wrong if ($_POST['password'] != $info['password']) { die('Incorrect password, please try again.'); } else { //then redirect them to the members area header("Location: members.php"); } } } else { // if they are not logged in ?> <form action="<?php echo $_SERVER['PHP_SELF']?>" method="post"> <table border="0"> <tr><td colspan=2><h1>Login</h1></td></tr> <tr><td>Username:</td><td> <input type="text" name="username" maxlength="40"> </td></tr> <tr><td>password:</td><td> <input type="password" name="password" maxlength="50"> </td></tr> <tr><td colspan="2" align="right"> <input type="submit" name="submit" value="Login"> </td></tr> </table> </form> <?php } Link to comment https://forums.phpfreaks.com/topic/115008-postgesql-and-php-user-login-problem/ Share on other sites More sharing options...
btherl Posted July 17, 2008 Share Posted July 17, 2008 Try modifying your code like this: $post_password_stripped = stripslashes($_POST['password']); $db_password_stripped = stripslashes($info['password']); $post_password_stripped_md5 = md5($post_password_stripped); //gives error if the passwordword is wrong if ($post_password_stripped_md5 != $db_password_stripped) { print '$post_password_stripped: ' . urlencode($post_password_stripped) . '<br>'; print '$post_password_stripped_md5: ' . urlencode($post_password_stripped_md5) . '<br>'; print '$db_password_stripped: ' . urlencode($db_password_stripped) . '<br>'; die('Incorrect password, please try again.'); } That will show you exactly what values you are dealing with. It's likely that one of them will not be what you expected, and then you can start debugging from there. Link to comment https://forums.phpfreaks.com/topic/115008-postgesql-and-php-user-login-problem/#findComment-592105 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.