turkman Posted March 2, 2010 Share Posted March 2, 2010 Hey Guys ive wrote this logging in script but im not sure why it isnt logging in ive added echos too see what two strings the strcmp is comparing and the output is this Admin 05957a3ee71e1ea8a059460b60647b3e pass = 05957a3ee71e1ea8a059460b60647b3e Login Failed Click Here To Continue Now both those hashed passwords seem to match so why isnt it logging in? if(isset($_GET['d'])){ //try loging if(isset($_POST['uname']) AND isset($_POST['pass'])){ $u = protect($_POST['uname']); $p = md5($_POST['pass']); echo $u ." " . $p . " <br>"; //now to login $val = "SELECT * FROM pword WHERE uname = '$u'"; $res = mysql_query($val) or die (mysql_error()); $numrows = mysql_num_rows($res); If($numrows < 1) { $_SESSION['LOGINSTATUS'] = "INVALID"; echo "<a href = 'index.php'> Login Failed: Click Here To continue blah vlah</a>";} while($row = mysql_fetch_array($res , MYSQL_ASSOC)) { if(strcmp($row['pass'],$pass)==0){ echo "<pass = " . $row['pass']; $_SESSION['uname'] =$row['uname']; $_SESSION['ID']= $row['ID']; $_SESSION['LOGINSTATUS'] = "VALID"; echo "<a href = 'index.php'>Login Accepted Click Here To Continue</a>"; } else{ echo "pass = " . $row['pass'] ."<br>"; echo "<a href = 'index.php'>Login Failed Click Here To Continue</a>"; } } } //header("Location: index.php"); } Link to comment https://forums.phpfreaks.com/topic/193846-help-with-logging-in-php/ Share on other sites More sharing options...
sangoku Posted March 2, 2010 Share Posted March 2, 2010 is it me or you did not open the connection? Link to comment https://forums.phpfreaks.com/topic/193846-help-with-logging-in-php/#findComment-1020187 Share on other sites More sharing options...
turkman Posted March 2, 2010 Author Share Posted March 2, 2010 sorry i left out the session_start bit and the includes at the top. Any other ideas? Link to comment https://forums.phpfreaks.com/topic/193846-help-with-logging-in-php/#findComment-1020188 Share on other sites More sharing options...
omniowner Posted March 2, 2010 Share Posted March 2, 2010 Quote Hey Guys ive wrote this logging in script but im not sure why it isnt logging in ive added echos too see what two strings the strcmp is comparing and the output is this Admin 05957a3ee71e1ea8a059460b60647b3e pass = 05957a3ee71e1ea8a059460b60647b3e Login Failed Click Here To Continue Now both those hashed passwords seem to match so why isnt it logging in? if(isset($_GET['d'])){ //try loging if(isset($_POST['uname']) AND isset($_POST['pass'])){ $u = protect($_POST['uname']); $p = md5($_POST['pass']); echo $u ." " . $p . " <br>"; //now to login $val = "SELECT * FROM pword WHERE uname = '$u'"; $res = mysql_query($val) or die (mysql_error()); $numrows = mysql_num_rows($res); If($numrows < 1) { $_SESSION['LOGINSTATUS'] = "INVALID"; echo "<a href = 'index.php'> Login Failed: Click Here To continue blah vlah</a>";} while($row = mysql_fetch_array($res , MYSQL_ASSOC)) { if(strcmp($row['pass'],$pass)==0){ echo "<pass = " . $row['pass']; $_SESSION['uname'] =$row['uname']; $_SESSION['ID']= $row['ID']; $_SESSION['LOGINSTATUS'] = "VALID"; echo "<a href = 'index.php'>Login Accepted Click Here To Continue</a>"; } else{ echo "pass = " . $row['pass'] ."<br>"; echo "<a href = 'index.php'>Login Failed Click Here To Continue</a>"; } } } //header("Location: index.php"); } You have your strcmp backwards. if (strcmp($pw1, $pw2)) { // This returns false. // $pw1 and $pw2 are NOT the same. } else { // $pw1 and $pw2 are the same. } Try flipping it around and see what happens. Link to comment https://forums.phpfreaks.com/topic/193846-help-with-logging-in-php/#findComment-1020193 Share on other sites More sharing options...
monk_sam Posted March 2, 2010 Share Posted March 2, 2010 Why don't you just var_dump $res or $numrows to see if you get 1. Link to comment https://forums.phpfreaks.com/topic/193846-help-with-logging-in-php/#findComment-1020194 Share on other sites More sharing options...
turkman Posted March 2, 2010 Author Share Posted March 2, 2010 i did have numrows echod before and it equalld 1 Which is right ! That strcmp being backwards thing cant be right?? Link to comment https://forums.phpfreaks.com/topic/193846-help-with-logging-in-php/#findComment-1020198 Share on other sites More sharing options...
omniowner Posted March 2, 2010 Share Posted March 2, 2010 Quote i did have numrows echod before and it equalld 1 Which is right ! That strcmp being backwards thing cant be right?? I just noticed you had it == 0 . So disregard. Link to comment https://forums.phpfreaks.com/topic/193846-help-with-logging-in-php/#findComment-1020199 Share on other sites More sharing options...
turkman Posted March 2, 2010 Author Share Posted March 2, 2010 i echo'd the strcmp result and its giving 32 as the result... The strings look identical!!! Link to comment https://forums.phpfreaks.com/topic/193846-help-with-logging-in-php/#findComment-1020200 Share on other sites More sharing options...
omniowner Posted March 2, 2010 Share Posted March 2, 2010 Quote i echo'd the strcmp result and its giving 32 as the result... The strings look identical!!! Why are you using strcmp? Pass the row value into a variable and compare the two? Link to comment https://forums.phpfreaks.com/topic/193846-help-with-logging-in-php/#findComment-1020201 Share on other sites More sharing options...
omniowner Posted March 2, 2010 Share Posted March 2, 2010 Just an idea.. while($row = mysql_fetch_array($res , MYSQL_ASSOC)) $rowpass=$row['pass']; { //for debug echo "$rowpass"; echo "$pass"; if($rowpass == $pass) { Link to comment https://forums.phpfreaks.com/topic/193846-help-with-logging-in-php/#findComment-1020205 Share on other sites More sharing options...
turkman Posted March 2, 2010 Author Share Posted March 2, 2010 got it working... sorry i made the variable $p which was a md5 hash of $_post['pass'] Then i compared $_POST['pass'] to row['pass'] rather than the $p My bad Link to comment https://forums.phpfreaks.com/topic/193846-help-with-logging-in-php/#findComment-1020211 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.