perezf Posted August 8, 2006 Share Posted August 8, 2006 I have a problem where the user cant log in but can register without a problemThe user can register and the information is put into the databasebut when the user logs in he/she gets an error saying Incorrect Password, try againcan someone please help me[code]<?function confirmUser($username, $password){ global $conn; if(!get_magic_quotes_gpc()) { $username = addslashes($username); } $q = "select password from users where username = '$username'"; $result = mysql_query($q,$conn); if(!$result || (mysql_numrows($result) < 1)){ return 1; //username failure } $dbarray = mysql_fetch_array($result); $dbarray['password'] = stripslashes($dbarray['password']); $password = stripslashes($password); if($password == $dbarray['password']){ return 0; //login successful } else{ return 2; //password failure }}function checkLogin(){ if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookpass'])){ $_SESSION['username'] = $_COOKIE['cookname']; $_SESSION['password'] = $_COOKIE['cookpass']; } if(isset($_SESSION['username']) && isset($_SESSION['password'])){ if(confirmUser($_SESSION['username'], $_SESSION['password']) != 0){ unset($_SESSION['username']); unset($_SESSION['password']); return false; } return true; } else{ return false; }}function displayLogin(){ global $logged_in; if($logged_in){ echo "<h1>Logged In!</h1>"; echo "Welcome <b>$_SESSION[username]</b>, you are logged in. <a href=\"logout.php\">Logout</a>"; } else{?><h1>Login</h1><form action="" method="post"><table align="left" border="0" cellspacing="0" cellpadding="3"><tr><td>Username:</td><td><input type="text" name="user" maxlength="30"></td></tr><tr><td>Password:</td><td><input type="password" name="pass" maxlength="30"></td></tr><tr><td colspan="2" align="left"><input type="checkbox" name="remember"><font size="2">Remember me next time</td></tr><tr><td colspan="2" align="right"><input type="submit" name="sublogin" value="Login"></td></tr><tr><td colspan="2" align="left"><a href="?page=Register with Us">Join</a></td></tr></table></form><? }}if(isset($_POST['sublogin'])){ if(!$_POST['user'] || !$_POST['pass']){ die('You didn\'t fill in a required field.'); } $_POST['user'] = trim($_POST['user']); if(strlen($_POST['user']) > 30){ die("Sorry, the username is longer than 30 characters, please shorten it."); } $md5pass = md5($_POST['pass']); $result = confirmUser($_POST['user'], $md5pass); if($result == 1){ die('That username doesn\'t exist in our database.'); } else if($result == 2){ die('Incorrect password, please try again.'); } $_POST['user'] = stripslashes($_POST['user']); $_SESSION['username'] = $_POST['user']; $_SESSION['password'] = $md5pass; if(isset($_POST['remember'])){ setcookie("cookname", $_SESSION['username'], time()+60*60*24*100, "/"); setcookie("cookpass", $_SESSION['password'], time()+60*60*24*100, "/"); } echo "<meta http-equiv=\"Refresh\" content=\"0;url=$HTTP_SERVER_VARS[PHP_SELF]\">"; return;}$logged_in = checkLogin();?>[/code]the database fields areusernamepassword Quote Link to comment Share on other sites More sharing options...
brown2005 Posted August 8, 2006 Share Posted August 8, 2006 wats ur url so i can check Quote Link to comment Share on other sites More sharing options...
perezf Posted August 8, 2006 Author Share Posted August 8, 2006 http://2fr3sh.com/doityourself/?page=Log%20IN Quote Link to comment Share on other sites More sharing options...
king arthur Posted August 8, 2006 Share Posted August 8, 2006 You have a call to mysql_numrows(), there's no such function. It's mysql_num_rows(). Quote Link to comment Share on other sites More sharing options...
xyn Posted August 8, 2006 Share Posted August 8, 2006 I noticed one problem...[code=php:0]$q = "select password from users where username = '$username'"; $result = mysql_query($q,$conn); if(!$result || (mysql_numrows($result) < 1)){ return 1; //username failure }[/code]should be...[code=php:0]$q = "select password from users where username = '$username'"; $result = mysql_query($q,$conn); if(!$result || (mysql_num_rows($result) < 1)){ return 1; //username failure }[/code]mysql_numrows() = wont exist. should be mysql_num_rows(); Quote Link to comment Share on other sites More sharing options...
Orio Posted August 8, 2006 Share Posted August 8, 2006 I see you are using a md5.Make sure the field in the database for the md5 passwrods is long enough to contain the string (has to be 32 chars minimum).Orio. Quote Link to comment Share on other sites More sharing options...
GingerRobot Posted August 8, 2006 Share Posted August 8, 2006 Thats not actually true xyn, mysql_numrows() also works. Ive no idea why though!I take it that you are applying the md5 function to the password when they register? Quote Link to comment Share on other sites More sharing options...
perezf Posted August 8, 2006 Author Share Posted August 8, 2006 problem still seems to occur Quote Link to comment Share on other sites More sharing options...
xyn Posted August 8, 2006 Share Posted August 8, 2006 [quote author=GingerRobot link=topic=103384.msg411614#msg411614 date=1155032380]Thats not actually true xyn, mysql_numrows() also works. Ive no idea why though!I take it that you are applying the md5 function to the password when they register?[/quote]I am only giving advice which I think is correct, my mysql that syntax doesn't exist. Quote Link to comment Share on other sites More sharing options...
king arthur Posted August 8, 2006 Share Posted August 8, 2006 Username and password are possibly reserved words in MySQL, try putting backticks around them:[code] $q = "select `password` from users where `username` = '$username'";[/code] Quote Link to comment Share on other sites More sharing options...
perezf Posted August 8, 2006 Author Share Posted August 8, 2006 password field was set to 30 not 32thank you now it worksi also had to fix numrows to num_rows Quote Link to comment Share on other sites More sharing options...
perezf Posted August 8, 2006 Author Share Posted August 8, 2006 Now can someone help me figure out how to log out Quote Link to comment Share on other sites More sharing options...
xyn Posted August 8, 2006 Share Posted August 8, 2006 if its sessions use what Orio says...let me get it Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.