Jump to content


Photo

Coding Messed Up Some Where?


  • Please log in to reply
6 replies to this topic

#1 cameeob2003

cameeob2003
  • Members
  • PipPipPip
  • Advanced Member
  • 79 posts

Posted 21 June 2006 - 10:53 PM

<?php
$host="myhost"; // Host name
$username="user"; // Mysql username
$password="pass"; // Mysql password
$db_name="dbname"; // Database name
$tbl_name="users"; // Table name
?>

<?php

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

// username and password sent from signup form
$myusername=$_POST['myusername'];
$mypassword=$_POST['mypassword'];

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else {
echo "Wrong Username or Password";
}
?>

I am trying to get this to select the users from my MySQL database and allow them to login.
But when I try to get the page to use this script it says "Wrong Username or Password". That is what i wanted
it to say but I also want it LOG IN. I cant find out why it wont select the username and password to auth.
Any help would be great.

#2 mainewoods

mainewoods
  • Members
  • PipPipPip
  • Advanced Member
  • 685 posts
  • LocationMaine

Posted 22 June 2006 - 12:14 AM

echo out the sql before using it to see if you recieved your form variables correctly:
echo $sql;exit; //debug code
$result=mysql_query($sql);
if that comes out alright then test whether that user exists but you have the wrong password:
$sql = ="SELECT * FROM $tbl_name WHERE username='$myusername'";
see if that returns one row as expected

#3 trq

trq
  • Staff Alumni
  • Advanced Member
  • 31,041 posts

Posted 22 June 2006 - 12:32 AM

Are you sure your not storing the passwords encrypted? If your not you should be.

#4 cameeob2003

cameeob2003
  • Members
  • PipPipPip
  • Advanced Member
  • 79 posts

Posted 22 June 2006 - 02:26 AM

How would I go about getting the passwords encripted. I am new to the entire php thing if you have a link or something you can give me to guide me in the right direction that would be great.

#5 trq

trq
  • Staff Alumni
  • Advanced Member
  • 31,041 posts

Posted 22 June 2006 - 02:28 AM

[a href=\"http://php.net/md5\" target=\"_blank\"]md5[/a]().

#6 cameeob2003

cameeob2003
  • Members
  • PipPipPip
  • Advanced Member
  • 79 posts

Posted 22 June 2006 - 02:57 AM

Would I just use

if (md5($str)) {
    echo "My text";
    exit;

or would i use

if (md5($str) === '1f3870be274f6c49b3e31a0c6728957f') {
    echo "Would you like a green or red apple?";
    exit;

also if I use the

'1f3870be274f6c49b3e31a0c6728957f'

what would that be doing?

#7 .josh

.josh
  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 22 June 2006 - 04:11 AM

//insert new password example
$password = md5($password);
$sql = "insert into table (password) values ('$password')";
.
.
.

//check password in database example

$password = md5($_POST['password']);
$sql = "select * from table where password = '$password'";

make sure your password column is at least varchar 32


Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users