Jump to content

Archived

This topic is now archived and is closed to further replies.

cameeob2003

Coding Messed Up Some Where?

Recommended Posts

[code]<?php
$host="myhost"; // Host name
$username="user"; // Mysql username
$password="pass"; // Mysql password
$db_name="dbname"; // Database name
$tbl_name="users"; // Table name
?>

<?php

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from signup form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>
[/code]

I am trying to get this to select the users from my MySQL database and allow them to login.
But when I try to get the page to use this script it says "Wrong Username or Password". That is what i wanted
it to say but I also want it LOG IN. I cant find out why it wont select the username and password to auth.
Any help would be great.

Share this post


Link to post
Share on other sites
echo out the sql before using it to see if you recieved your form variables correctly:
[code]echo $sql;exit; //debug code
$result=mysql_query($sql);[/code]
if that comes out alright then test whether that user exists but you have the wrong password:
[code]$sql = ="SELECT * FROM $tbl_name WHERE username='$myusername'";[/code]
see if that returns one row as expected

Share this post


Link to post
Share on other sites
Are you sure your not storing the passwords encrypted? If your not you should be.

Share this post


Link to post
Share on other sites
How would I go about getting the passwords encripted. I am new to the entire php thing if you have a link or something you can give me to guide me in the right direction that would be great.

Share this post


Link to post
Share on other sites
[a href=\"http://php.net/md5\" target=\"_blank\"]md5[/a]().

Share this post


Link to post
Share on other sites
Would I just use

[code]if (md5($str)) {
    echo "My text";
    exit;[/code]

or would i use

[code]if (md5($str) === '1f3870be274f6c49b3e31a0c6728957f') {
    echo "Would you like a green or red apple?";
    exit;[/code]

also if I use the

'1f3870be274f6c49b3e31a0c6728957f'

what would that be doing?

Share this post


Link to post
Share on other sites
[code]
//insert new password example
$password = md5($password);
$sql = "insert into table (password) values ('$password')";
.
.
.

//check password in database example

$password = md5($_POST['password']);
$sql = "select * from table where password = '$password'";

[/code]
make sure your password column is at least varchar 32

Share this post


Link to post
Share on other sites

×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.