MDanz Posted August 5, 2009 Share Posted August 5, 2009 <?php session_start(); $username = $_POST['username']; $password = $_POST['password']; if ($username==$dbusername&&md5($password)==$dbpassword) { // connect to db $connect = mysql_connect ("localhost", "Master", "password") or die ("cannot connect"); $db_selected = mysql_select_db ("ustackc1_Login") or die ("cannot connect to db"); // query database $query = "SELECT * FROM Users WHERE username='$username' AND password='$password'"; $result = mysql_query ($query) or die(mysql_error()); $numrows = mysql_num_rows ($result); if ($numrows!=0) { // a row has been found therefore the variables entered must be valid echo "You are logged in. <a href='Admin.php'>Click here to enter the Admin Page</a> " . $username; $_SESSION['username']=$username; } else { echo "that username/password combination is incorrect"; } } else die ("please supply both username and password"); ?> It says the username/password combination is incorrect?? :'( Link to comment https://forums.phpfreaks.com/topic/168876-solved-where-did-i-go-wrong-incorrect-password/ Share on other sites More sharing options...
smerny Posted August 5, 2009 Share Posted August 5, 2009 where is $dbusername and $dbpassword being set? before that if statement... echo the vars like this echo "username = ".$username."</br>"; echo "dbusername = ".$dbusername."</br>"; echo "password = ".md5($password)."</br>"; echo "dbpassword = ".$dbpassword."</br>"; Link to comment https://forums.phpfreaks.com/topic/168876-solved-where-did-i-go-wrong-incorrect-password/#findComment-891014 Share on other sites More sharing options...
MDanz Posted August 5, 2009 Author Share Posted August 5, 2009 k i echoed those out an dbusername and dbpassword are blank.. how do i set this, i thought i did the mysql correct.. Link to comment https://forums.phpfreaks.com/topic/168876-solved-where-did-i-go-wrong-incorrect-password/#findComment-891017 Share on other sites More sharing options...
smerny Posted August 5, 2009 Share Posted August 5, 2009 where? i don't see you declaring those variables anywhere Link to comment https://forums.phpfreaks.com/topic/168876-solved-where-did-i-go-wrong-incorrect-password/#findComment-891020 Share on other sites More sharing options...
smerny Posted August 5, 2009 Share Posted August 5, 2009 you'll need to call the database before you go into your if statement... you'll need to search the database for the username supplied in POST and if it exists, compare the POST password with the db password associated with the POST username Link to comment https://forums.phpfreaks.com/topic/168876-solved-where-did-i-go-wrong-incorrect-password/#findComment-891027 Share on other sites More sharing options...
MDanz Posted August 5, 2009 Author Share Posted August 5, 2009 ok i changed alot and i now it says the user doesn't exist and it does... <?php session_start(); $username = $_POST['username']; $password = $_POST['password']; if($username&&$password) { $connect=mysql_connect("localhost","Master","password") or die ("Couldn't connect!"); mysql_select_db("ustackc1_Login") or die("Couldn't connect! "); $query = mysql_query ("SELECT * FROM Users WHERE username='$username'"); $numrow = mysql_num_rows($query); if($numrows!=0) { while($row = mysql_fetch_assoc($query)) { $dbusername = $row['username']; $dbpassword = $row['password']; } //check to see if they match if ($username==$dbusername&&md5($password)==$dbpassword) { echo "Welcome! <a href='Admin.php'>Click here</a> to enter your Stack page!"; $_SESSION['username']=$username; } else echo "Incorrect Password!"; } else echo"That user doesn't exist"; } else die("Please enter a username and a password"); ?> Link to comment https://forums.phpfreaks.com/topic/168876-solved-where-did-i-go-wrong-incorrect-password/#findComment-891045 Share on other sites More sharing options...
MDanz Posted August 5, 2009 Author Share Posted August 5, 2009 nvm i got it Link to comment https://forums.phpfreaks.com/topic/168876-solved-where-did-i-go-wrong-incorrect-password/#findComment-891046 Share on other sites More sharing options...
Maknis Posted August 5, 2009 Share Posted August 5, 2009 $numrows as the problem right? Link to comment https://forums.phpfreaks.com/topic/168876-solved-where-did-i-go-wrong-incorrect-password/#findComment-891050 Share on other sites More sharing options...
MDanz Posted August 5, 2009 Author Share Posted August 5, 2009 yep lol thx anyway Link to comment https://forums.phpfreaks.com/topic/168876-solved-where-did-i-go-wrong-incorrect-password/#findComment-891053 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.