Jump to content

[SOLVED] username and password check.

MDanz

By MDanz
in PHP Coding Help

 Share

Recommended Posts

MDanz Advanced Member

MDanz

Posted
Posted
$numrows = mysql_num_rows($query);

if ($numrows!=0)

 

{

while ($row = mysql_fetch_assoc($query));

{

$dbusername = $row ['username'];

$dbpassword = $row ['password'];

}

//check to see if they match

 

if ($username==$dbusername&&$password==$dbpassword)

{

echo "Welcome!";

}

else

echo "Incorrect Password!";

 

 

It keeps saying incorrect password.. only time it said welcome is when i deleted the echo "incorrect password" ;

 

 

 

Link to comment
https://forums.phpfreaks.com/topic/168218-solved-username-and-password-check/
Share on other sites
MDanz Advanced Member

MDanz

Posted
  • Author
Posted
<?php

$username = $_POST['username'];

$password = $_POST['password'];

 

if($username&$password)

 

{

 

 

$connect = mysql_connect ("localhost","ustackc1_Master","password")or die("Couldn't Connect");

mysql_select_db("ustackc1_Login")or die("Couldn't Connect");

 

$query = mysql_query("SELECT * FROM Users WHERE username ='$username'");

 

$numrows = mysql_num_rows($query);

if ($numrows!=0)

 

{

while ($row = mysql_fetch_assoc($query));

{

$dbusername = $row ['username'];

$dbpassword = $row ['password'];

}

//check to see if they match

 

if ($username==$dbusername&&$password==$dbpassword)

{

echo "Welcome!";

}

else

echo "Incorrect Password!";

}

else

die("That user doesn't exist!");

 

}

 

else {

 

die ("Please enter a username and password");

}

?>

 

heres the full php

 

 

lonewolf217 Member

lonewolf217

Posted
Posted

the problem is you are going through the while loop for all of the possible values of username and password, AND THEN you are comparing them. 

 

<?php
$numrows = mysql_num_rows($query);
if ($numrows!=0)

{
    while ($row = mysql_fetch_assoc($query));
   {
      $dbusername = $row ['username'];
      $dbpassword = $row ['password'];
      //check to see if they match
   
      if ($username==$dbusername && $password==$dbpassword)
      {
         echo "Welcome!";
      }
      else
         echo "Incorrect Password!";
   }

 

edit:  technically for logging in you should only be returning one row anyway, so yours will work, but its still bad practice.

 

as a previous poster said, how are you storing the passwords ?  One would hope that you hash them before setting them in your database, in which case you would have to hash the input from $_POST before trying to compare it

 

if it still doesn't work, then try echoing $username and $password and $dbusername and $dbpassword and visually compare them and also print them out here so we can see where you could be going wrong

TeNDoLLA Newbie

TeNDoLLA

Posted
Posted

Also worth a note. You are comparing here with bitwise operator not logical operator. This happens to work probably for you now but might lead into akward situations later.

if($username&$password)

 

Should be instead..

if($username && $password)

 

even better would be to check if they are not empty and exists..

if(!empty$(username) && !empty($password))

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.