Jump to content

Wrong Password

eazyefolife

By eazyefolife
in PHP Coding Help

 Share

Recommended Posts

wildteen88 Regular Member

wildteen88

Posted
Posted

I have added some debug code.

<?php

$myusername = mysql_real_escape_string(stripslashes($_POST['username']));
$mypassword = mysql_real_escape_string(stripslashes($_POST['mypassword']));

$result = mysql_query("SELECT * FROM users WHERE Name = '$myusername' AND Password='$mypassword'");
$count = mysql_num_rows($result);
if($count==1)
{
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else
{
    echo '<h1>DEBUG IT</h1>';

    echo '<p>Match Username (<i>'.$myUsername.'</i>)... ';

    $query = mysql_query("SELECT Password FROM users WHERE name='$myusername'");

    if(mysql_num_rows($query) > 0)
    {
        echo 'SUCCESS';

        echo '<p>Match password... ';

        list($dbPassword) = mysql_fetch_row($query);

        if($myPassword == $dbPassword)
            echo 'SUCCESS';
        else
        {
            echo 'FAIL!';

            echo '<p>Password is wrong what is it?';

            echo '$myPassword = \''.$myPassword.'\'<br />';
            echo '$dbPassword = \''.$dbPassword.'\'';
        }
    }
    else
    {
        echo 'FAIL!';
    }

     echo "Wrong Username or Password. please go back.";
}
?>

Run that code and post the output. Make sure you are filling in your login form and running the above code directly.

Link to comment
Share on other sites
eazyefolife Newbie

eazyefolife

Posted
  • Author
Posted

I have added some debug code.

<?php

$myusername = mysql_real_escape_string(stripslashes($_POST['username']));
$mypassword = mysql_real_escape_string(stripslashes($_POST['mypassword']));

$result = mysql_query("SELECT * FROM users WHERE Name = '$myusername' AND Password='$mypassword'");
$count = mysql_num_rows($result);
if($count==1)
{
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else
{
    echo '<h1>DEBUG IT</h1>';

    echo '<p>Match Username (<i>'.$myUsername.'</i>)... ';

    $query = mysql_query("SELECT Password FROM users WHERE name='$myusername'");

    if(mysql_num_rows($query) > 0)
    {
        echo 'SUCCESS';

        echo '<p>Match password... ';

        list($dbPassword) = mysql_fetch_row($query);

        if($myPassword == $dbPassword)
            echo 'SUCCESS';
        else
        {
            echo 'FAIL!';

            echo '<p>Password is wrong what is it?';

            echo '$myPassword = \''.$myPassword.'\'<br />';
            echo '$dbPassword = \''.$dbPassword.'\'';
        }
    }
    else
    {
        echo 'FAIL!';
    }

     echo "Wrong Username or Password. please go back.";
}
?>

Run that code and post the output. Make sure you are filling in your login form and running the above code directly.

 

Wrong password:

 

Match Username ()... SUCCESS

Match password... FAIL!

Password is wrong what is it?$myPassword = ''
$dbPassword = '123456'Wrong Username or Password. please go back.

 

Right password:

 

Match Username ()... SUCCESS

Match password... FAIL!

Password is wrong what is it?$myPassword = ''
$dbPassword = '123456'Wrong Username or Password. please go back.

 

:'(

Link to comment
Share on other sites
wildteen88 Regular Member

wildteen88

Posted
Posted

Woops. Try

<?php

$myusername = mysql_real_escape_string(stripslashes($_POST['username']));
$mypassword = mysql_real_escape_string(stripslashes($_POST['mypassword']));

$result = mysql_query("SELECT * FROM users WHERE Name = '$myusername' AND Password='$mypassword'");
$count = mysql_num_rows($result);
if($count==1)
{
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else
{
    echo '<h1>DEBUG IT</h1>';

    echo '<p>Match Username (<i>'.$myusername.'</i>)... ';

    $query = mysql_query("SELECT Password FROM users WHERE name='$myusername'");

    if(mysql_num_rows($query) > 0)
    {
        echo 'SUCCESS';

        echo '<p>Match password... ';

        list($dbPassword) = mysql_fetch_row($query);

        if($mypassword == $dbPassword)
            echo 'SUCCESS';
        else
        {
            echo 'FAIL!';

            echo '<p>Password is wrong what is it?<br />';

            echo '$mypassword = \''.$mypassword.'\'<br />';
            echo '$dbPassword = \''.$dbPassword.'\'';
        }
    }
    else
    {
        echo 'FAIL!';
    }

     echo "Wrong Username or Password. please go back.";
}
?>

Link to comment
Share on other sites
eazyefolife Newbie

eazyefolife

Posted
  • Author
Posted

Woops. Try

<?php

$myusername = mysql_real_escape_string(stripslashes($_POST['username']));
$mypassword = mysql_real_escape_string(stripslashes($_POST['mypassword']));

$result = mysql_query("SELECT * FROM users WHERE Name = '$myusername' AND Password='$mypassword'");
$count = mysql_num_rows($result);
if($count==1)
{
session_register("myusername");
session_register("mypassword");
header("location:login_success.php");
}
else
{
    echo '<h1>DEBUG IT</h1>';

    echo '<p>Match Username (<i>'.$myusername.'</i>)... ';

    $query = mysql_query("SELECT Password FROM users WHERE name='$myusername'");

    if(mysql_num_rows($query) > 0)
    {
        echo 'SUCCESS';

        echo '<p>Match password... ';

        list($dbPassword) = mysql_fetch_row($query);

        if($mypassword == $dbPassword)
            echo 'SUCCESS';
        else
        {
            echo 'FAIL!';

            echo '<p>Password is wrong what is it?<br />';

            echo '$mypassword = \''.$mypassword.'\'<br />';
            echo '$dbPassword = \''.$dbPassword.'\'';
        }
    }
    else
    {
        echo 'FAIL!';
    }

     echo "Wrong Username or Password. please go back.";
}
?>

 

Even with wrong username and password I get:

 

DEBUG IT

Match Username ()... SUCCESS

Match password... FAIL!

Password is wrong what is it?
$mypassword = ''
$dbPassword = '123456'Wrong Username or Password. please go back.

 

But with the right one, I get the same thing.

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

There's no code in your code to make a connection to the mysql server, so things like mysql_real_escape_string() are returning a null/false value.

 

You should be learning php, developing php code, and debugging php code on a system with error_reporting set to E_ALL and display_errors set to ON in your master php.ini so that php would help you by displaying all the errors it detects. You would save a huge amount of time. Stop and start your web server to get any change made to the php.ini to take effect and confirm that the two settings are actually changed using a phpinfo() statement.

 

Link to comment
Share on other sites
PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

Someone already suggested how to save a ton of time by getting php to display all the errors it detects that would help point out problems -

You should be learning php, developing php code, and debugging php code on a system with error_reporting set to E_ALL and display_errors set to ON in your master php.ini so that php would help you by displaying all the errors it detects. You would save a huge amount of time. Stop and start your web server to get any change made to the php.ini to take effect and confirm that the two settings are actually changed using a phpinfo() statement.

 

I have not seen your form code posted yet, so it is also likely that the form is invalid and is not even submitting any $_POST data.

Link to comment
Share on other sites
eazyefolife Newbie

eazyefolife

Posted
  • Author
Posted

Someone already suggested how to save a ton of time by getting php to display all the errors it detects that would help point out problems -

You should be learning php, developing php code, and debugging php code on a system with error_reporting set to E_ALL and display_errors set to ON in your master php.ini so that php would help you by displaying all the errors it detects. You would save a huge amount of time. Stop and start your web server to get any change made to the php.ini to take effect and confirm that the two settings are actually changed using a phpinfo() statement.

 

I have not seen your form code posted yet, so it is also likely that the form is invalid and is not even submitting any $_POST data.

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Son of Mini-Missions - Home</title>

<style type="text/css">
<!--
body {
background-image: url(http://www.jservers.co.uk/imgs/bg.png);
background-repeat: repeat;
}
#apDiv1 {
position:absolute;
left:541px;
top:296px;
width:266px;
height:26px;
z-index:1;
font-size: 16px;
font-family: Georgia, "Times New Roman", Times, serif;
font-weight: bold;
}
.loginHolder tr td b {
font-weight: bold;
}
-->
</style></head>

<body>

<div align="center">
  <p><a href="index.php"><img src="logo.jpg" width="648" height="144" /></a></p>
  <table class="loginHolder">
    <tr>
      <td><b>Player Name</b></td>
      <td><b>Password:</b></td>
    </tr>
    <tr>
      <td height="24"><input name="username" type="text" value="My_SonofMM_PlayerName" /></td>
      <td><input name="password" type="password" id="loginPassword" value="MyPassword" /></td>
    </tr>
  </table>
  <form action="login.php" method="post">
    <input type="submit" name="button" id="button" value="Login" />
  </form>
  <hr />
<p align="center"> </p>
</div>
</body>
</html>

Link to comment
Share on other sites
eazyefolife Newbie

eazyefolife

Posted
  • Author
Posted

Your form fields are not located between the <form ...> </form> tags so they don't do anything.

 

Ref: http://w3schools.com/html/html_forms.asp

http://w3schools.com/php/php_forms.asp

 

So this is better?

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Son of Mini-Missions - Home</title>

<style type="text/css">
<!--
body {
background-image: url(http://www.jservers.co.uk/imgs/bg.png);
background-repeat: repeat;
}
#apDiv1 {
position:absolute;
left:541px;
top:296px;
width:266px;
height:26px;
z-index:1;
font-size: 16px;
font-family: Georgia, "Times New Roman", Times, serif;
font-weight: bold;
}
.loginHolder tr td b {
font-weight: bold;
}
-->
</style></head>

<body>

<div align="center">
  <p><a href="index.php"><img src="logo.jpg" width="648" height="144" /></a></p>
  <table class="loginHolder">
    <tr>
      <td><b>Player Name</b></td>
      <td><b>Password:</b></td>
    </tr>
    <tr>
      <td height="24"><form action="login.php" method="post"><input name="username" type="text" value="My_SonofMM_PlayerName" /></td>
      <td><input name="password" type="password" id="loginPassword" value="MyPassword" /></form></td>
    </tr>
  </table>
  <form action="login.php" method="post">
    <input type="submit" name="button" id="button" value="Login" />
  </form>
  <hr />
<p align="center"> </p>
</div>
</body>
</html>

Link to comment
Share on other sites
mattal999 Regular Member

mattal999

Posted
Posted

He has already stated that he is using an include to connect to the database.

 

By the way, should this:

 

$mypassword = mysql_real_escape_string(stripslashes($_POST['mypassword']));

Be:

 

$mypassword = mysql_real_escape_string(stripslashes($_POST['password']));

As I said yesterday, this change should be made. It is simply that your password is not getting set, because you have the wrong POST name. It should be 'password', not 'mypassword'.

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.