[SOLVED] login php through MySQL reguirments ???

[samoi]

Hello guy, I know I should have re-phrase the subject 

I just done with the registration script, with cronix help

 

now, I need to create a simple.

and I tried to put it like this

 

<?php
$username = clean($_POST['username']);
$password = clean($_POST['password']);

$conn = mysql_connect("localhost","root","root");
$db = mysql_select_db("sam");

$checkuser = "SELECT * FROM users WHERE username = '$username'";
$checkuserlog = mysql_query($checkuser);
$checkpass = "SELECT * FROM users WHERE password = '$password'";
$checkpasslog = mysql_query($checkpass);

if($username != $checkuserlog )
{
echo 'wrong username';
}
elseif($checkpasslog != $password)
{
echo ' wrong pass';
}
else{
echo ' logged in! ';

}
function clean($str)
{return mysql_escape_string($str);}
?>

 

but it printed me wrone username !

 

I don't know why.

 

tell me the requirment to build this script!

[btherl]

<?php
$username = clean($_POST['username']);
$password = clean($_POST['password']);

$conn = mysql_connect("localhost","root","root");
$db = mysql_select_db("sam");

$checkuser = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";
$checkuserlog = mysql_query($checkuser);
$num_results = mysql_num_rows($checkuserlog);

if($num_results == 0)
{
echo 'wrong username or password';
}
else{
echo ' logged in! ';

}
function clean($str)
{return mysql_escape_string($str);}
?>

 

You can try this code.  It will not tell you which of username and password is wrong though.

 

There are 2 problems in your original code:

 

1.  You check username and password, but not username and password together.  If user A has password X and user B has password Y, then you can login with username A and password Y, even though they are not for the same user!

2.  You need to use mysql_fetch_row() after a query to get the actual data.

[samoi]

<?php
$username = clean($_POST['username']);
$password = clean($_POST['password']);

$conn = mysql_connect("localhost","root","root");
$db = mysql_select_db("sam");

$checkuser = "SELECT * FROM users WHERE username = '$username' AND password = '$password'";
$checkuserlog = mysql_query($checkuser);
$num_results = mysql_num_rows($checkuserlog);

if($num_results == 0)
{
echo 'wrong username or password';
}
else{
echo ' logged in! ';

}
function clean($str)
{return mysql_escape_string($str);}
?>

 

You can try this code.  It will not tell you which of username and password is wrong though.

 

There are 2 problems in your original code:

 

1.  You check username and password, but not username and password together.  If user A has password X and user B has password Y, then you can login with username A and password Y, even though they are not for the same user!

2.  You need to use mysql_fetch_row() after a query to get the actual data.

 

Thank you man very much!

but what I really asked about, what are the requirments to build a login system script?

 

give me steps if you can please, and forgive my stupidity since I'm a beginner to the PHP, and I love so much, but I try my best to get it.

[Stephen]

Not sure what you mean by requirements. Like, the columns in the database? Simple ones would include userid, username, password, salt, email, join_date.

[samoi]

I'm sorry guys,

But I mean, what if you want to build a login system script. what are you going to do first, second ....etc.

what are the required pages for that? example: login.php, logout.php, logincheck.php

 

that's what I mean, I want some guides to get me build a login script.

 

Note: I have allready build a registration script goes with Mysql database !

but I just want to know what proccess can i take to build this script!

 

Thank you guys

[samoi]

anything new?!

[revraz]

http://www.roscripts.com/PHP_login_script-143.html

[samoi]

http://www.roscripts.com/PHP_login_script-143.html

 

Thank you man