CloudSex13 Posted April 13, 2009 Share Posted April 13, 2009 Hi, thanks for reading. I seem to get this error when I try logging in through a form I made: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ' MD5Password='482c811da5d5b4bc6d497ffa98491e38'' at line 1 My query is: $Username = $_POST['username']; $Password = md5($_POST['password']); $Query = mysql_query("SELECT * FROM Users WHERE Username='$Username', MD5Password='$Password' LIMIT 1") or die(mysql_error()); Would anyone have any suggestions? I'm using hosting from a hosting website. Thank you. Quote Link to comment https://forums.phpfreaks.com/topic/153861-solved-login-form-error/ Share on other sites More sharing options...
Maq Posted April 13, 2009 Share Posted April 13, 2009 Try: $Query = mysql_query("SELECT * FROM Users WHERE Username='$Username' AND MD5Password='$Password' LIMIT 1") or die(mysql_error()); Quote Link to comment https://forums.phpfreaks.com/topic/153861-solved-login-form-error/#findComment-808609 Share on other sites More sharing options...
Ashoar Posted April 13, 2009 Share Posted April 13, 2009 Also try this if the above does not work $Password = md5(trim($_POST['password'])); Quote Link to comment https://forums.phpfreaks.com/topic/153861-solved-login-form-error/#findComment-808614 Share on other sites More sharing options...
Maq Posted April 13, 2009 Share Posted April 13, 2009 Also try this if the above does not work $Password = md5(trim($_POST['password'])); Hehe, yeah forgot to pass the password to the MD5 function. Quote Link to comment https://forums.phpfreaks.com/topic/153861-solved-login-form-error/#findComment-808616 Share on other sites More sharing options...
CloudSex13 Posted April 13, 2009 Author Share Posted April 13, 2009 Hey Maq, Thanks for the reply. That did solve the MySQL error, but now, even though the credentials are valid, I'm being redirected to one of my errors. Does anyone have any clue why this login form would not be validating the correct credentials? Argh. <?php session_start(); include('config.php'); if (isset($_POST['login'])) { $Username = $_POST['username']; $Password = md5($_POST['password']); $Query = mysql_query("SELECT * FROM Users WHERE Username='$Username' AND MD5Password='$Password' LIMIT 1") or die(mysql_error()); $Get = mysql_fetch_array($Query); $Theusername = $Get['Username']; $Thepassword = $Get['MD5Password']; if (mysql_num_rows($Query == 1)) { $_SESSION['auth'] = 1; setcookie("laselfaawef", $Theusername, time()+(84600*30)); header("Location: main.php"); die(); } if ($Username != $Theusername || $Password != $Thepassword) { $error = " <div class=error> Incorrect username and/or password. </div>"; } elseif (empty($Username) || empty($Password)) { $error = " <div class=error> Incorrect username and/or password. </div>"; } else { $error = " <div class=error> An unknown error occurred. </div>"; } } ?> Quote Link to comment https://forums.phpfreaks.com/topic/153861-solved-login-form-error/#findComment-808619 Share on other sites More sharing options...
Maq Posted April 13, 2009 Share Posted April 13, 2009 This if should look like: if (mysql_num_rows($Query) == 1) { Quote Link to comment https://forums.phpfreaks.com/topic/153861-solved-login-form-error/#findComment-808625 Share on other sites More sharing options...
9three Posted April 13, 2009 Share Posted April 13, 2009 I don't think you need to md5 more than once. Double equals means you are comparing the two. One equal means you are assigning. Changes: if ($Username != $Theusername || $Password != $Thepassword) to: if ($Username !== $Theusername || $Password !== $Thepassword) Made some changes. Quote Link to comment https://forums.phpfreaks.com/topic/153861-solved-login-form-error/#findComment-808626 Share on other sites More sharing options...
CloudSex13 Posted April 13, 2009 Author Share Posted April 13, 2009 It's times like these that make me want to bash my head in with a sledgehammer. Thanks for saving me a further headache, Maq. Really, thanks. Quote Link to comment https://forums.phpfreaks.com/topic/153861-solved-login-form-error/#findComment-808627 Share on other sites More sharing options...
Maq Posted April 13, 2009 Share Posted April 13, 2009 9three, '!=' is the opposite of '==' and will work just fine for comparing strings. Using three would be comparing the datatype as well as the value. Quote Link to comment https://forums.phpfreaks.com/topic/153861-solved-login-form-error/#findComment-808641 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.