Jump to content

Postgesql and PHP user login problem


adnan1

Recommended Posts

Hi,

 

I am new to php and postgresql. I am having some problems in login a registered user. I do not understand why i am getting the error  "Incorrect password, please try again" even though i am entering the right password. Could anyone please look at my code and let me know where i am going wrong.

 

Thanks

 

 

<?php

// Connects to your Database

include "connect.php";

 

 

 

//if the login form is submitted

if (isset($_POST['submit'])) { // if form has been submitted

 

// makes sure they filled it in

if(!$_POST['username'] | !$_POST['password']) {

die('You did not fill in a required field.');

}

// checks it against the database

 

if (!get_magic_quotes_gpc()) {

$_POST['email'] = addslashes($_POST['email']);

}

$check = pg_query("SELECT * FROM users WHERE username = '".$_POST['username']."'")or die(pg_error());

 

//Gives error if user dosen't exist

$check2 = pg_num_rows($check);

if ($check2 == 0) {

die('That user does not exist in our database. <a href=add.php>Click Here to Register</a>');

}

while($info = pg_fetch_array( $check ))

{

$_POST['password'] = stripslashes($_POST['password']);

$info['password'] = stripslashes($info['password']);

$_POST['password'] = md5($_POST['password']);

 

//gives error if the passwordword is wrong

if ($_POST['password'] != $info['password']) {

die('Incorrect password, please try again.');

}

 

else

{

 

//then redirect them to the members area

header("Location: members.php");

}

}

}

else

{

 

// if they are not logged in

?>

<form action="<?php echo $_SERVER['PHP_SELF']?>" method="post">

<table border="0">

<tr><td colspan=2><h1>Login</h1></td></tr>

<tr><td>Username:</td><td>

<input type="text" name="username" maxlength="40">

</td></tr>

<tr><td>password:</td><td>

<input type="password" name="password" maxlength="50">

</td></tr>

<tr><td colspan="2" align="right">

<input type="submit" name="submit" value="Login">

</td></tr>

</table>

</form>

<?php

}

Link to comment
Share on other sites

Try modifying your code like this:

 

$post_password_stripped = stripslashes($_POST['password']);
$db_password_stripped = stripslashes($info['password']);
$post_password_stripped_md5 = md5($post_password_stripped);

//gives error if the passwordword is wrong
if ($post_password_stripped_md5 != $db_password_stripped) {
  print '$post_password_stripped: ' . urlencode($post_password_stripped) . '<br>';
  print '$post_password_stripped_md5: ' . urlencode($post_password_stripped_md5) . '<br>';
  print '$db_password_stripped: ' . urlencode($db_password_stripped) . '<br>';
  die('Incorrect password, please try again.');
}

 

That will show you exactly what values you are dealing with.  It's likely that one of them will not be what you expected, and then you can start debugging from there.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.