can't login , got problem with the code help

[yeakyau]

LOGIN TABLE

<img alt="" height="213" src="images/the_new_inti.jpg" width="457" />

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">

<tr>

<form name="form1" method="post" action="checklogin.php">

<td>

<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">

<tr>

<td colspan="3"><strong>FOR GRADUATED / FRESH GRADUATE MEMBER LOGIN FOR ENJOY CHATTING</strong></td>

</tr>

<tr>

<td width="78">IC</td>

<td width="6">:</td>

<td width="294"><input name"ic" type="text" id="ic"></td>

</tr>

<tr>

<td>Password</td>

<td>:</td>

<td><input name="password" type="text" id="password"></td>

</tr>

<tr>

<td> </td>

<td> </td>

<td><input type="submit" name="Submit" value="Login"></td>

</tr>

</table>

</td>

</form>

</tr>

</table>

 

 

Check login php

<?php

$host="mysql5.000webhost.com"; // Host name

$username="a6722055_a"; // Mysql username

$password="inti88"; // Mysql password

$db_name="a6722055_inti"; // Database name

$tbl_name="members"; // Table name

 

// Connect to server and select databse.

mysql_connect("$host", "$username", "$password")or die("cannot connect");

mysql_select_db("$db_name")or die("cannot select DB");

 

// username and password sent from form

$ic=$_POST['ic'];

$password=$_POST['password'];

 

// To protect MySQL injection

$ic = stripslashes($ic);

$password = stripslashes($password);

$ic = mysql_real_escape_string($ic);

$password = mysql_real_escape_string($password);

 

$sql="SELECT * FROM $tbl_name WHERE ic='ic' and password='$password'";

$result=mysql_query($sql);

 

// Mysql_num_row is counting table row

$count=mysql_num_rows($result);

// If result matched $ic and $password, table row must be 1 row

 

if(count==1){

// Register $myusername, $mypassword and redirect to file "home.php"

session_register("ic");

session_register("password");

header("location:home.php");

}

else {

echo '<script type="text/javascript">

alert("Provide Wrong Username Or Password , Please TrY Again!!!");

window.location.href = "index.php";         

</script>';

}

?>

it's said password do not match. do not allow to login MY database

here

CREATE TABLE `members` (

  `ic` varchar(12) collate latin1_general_ci NOT NULL,

  `password` varchar(10) collate latin1_general_ci NOT NULL,

  `name` varchar(85) collate latin1_general_ci NOT NULL,

  `lastname` varchar(85) collate latin1_general_ci NOT NULL,

  `email` varchar(100) collate latin1_general_ci NOT NULL,

  `gender` varchar(6) collate latin1_general_ci NOT NULL,

  `address` varchar(2000) collate latin1_general_ci NOT NULL,

  `country` varchar(100) collate latin1_general_ci NOT NULL,

  PRIMARY KEY  (`ic`)

) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci;

 

--

-- Dumping data for table `members`

--

 

INSERT INTO `members` VALUES('850905075287', 'kiss', 'kiss', 'kiss', 'kiss', 'kiss', 'kiss', 'kiss');

[coupe-r]

I see a few problems here...

 

1.

You have your database details within your page.  NO NO NO.  create a separate php file with that information and just require it in all your pages.

 

2.

I believe you have your stripslashes and mysql_real_escape_string out of order.  MRES should be first.  This function adds slashes if necessary, then you need to strip them.

 

3.

$sql="SELECT * FROM $tbl_name WHERE ic='ic' and password='$password'";

You do not have a variable for ic=.  it should be ic='$ic'.

 

try that for now.

[yeakyau]

1. You mean i should include users detail in database? it is,

than how to include users detail..

[coupe-r]

You have this information in your php file:

$host="mysql5.000webhost.com"; // Host name

$username="a6722055_a"; // Mysql username

$password="inti88"; // Mysql password

$db_name="a6722055_inti"; // Database name

$tbl_name="members"; // Table name

 

// Connect to server and select databse.

mysql_connect("$host", "$username", "$password")or die("cannot connect");

mysql_select_db("$db_name")or die("cannot select DB");

 

This is all very sensitive information because it tells me your database name and password.  I suggest changing since you posted it here.

 

Once a user logs in, you would assign a session variable to that user and check for the session on each of your pages.  When they log out, you clear all sessions.

 

I usually assign them their client_id  ie ($_SESSION['c_id'] = $row['client_id']

[yeakyau]

Hi sir,

yes still have same problem , cannot login it still echo out  my error msg  provide wrong username or password pls try again

 

ic=$ic  changed

[coupe-r]

you have

 

if(count==1){

 

it should be $count

[yeakyau]

ok already change to

 

if($count==1){

 

but still not allow to login.

[coupe-r]

OK.

 

Paste your code from declaring your variables to the code under $count ==1.

[yeakyau]

ok sir, below is the code:

// username and password sent from form

$ic=$_POST['ic'];

$password=$_POST['password'];

 

// To protect MySQL injection

$ic = mysql_real_escape_string($ic);

$password = mysql_real_escape_string($password);

$ic = stripslashes($ic);

$password = stripslashes($password);

 

 

$sql="SELECT * FROM $tbl_name WHERE ic='$ic' and password='$password'";

$result=mysql_query($sql);

 

// Mysql_num_row is counting table row

$count=mysql_num_rows($result);

// If result matched $ic and $password, table row must be 1 row

 

if($count==1){

// Register $myusername, $mypassword and redirect to file "home.php"

session_register("ic");

session_register("password");

header("location:home.php");

}

else {

echo '<script type="text/javascript">

alert("Provide Wrong Username Or Password , Please TrY Again!!!");

window.location.href = "index.php";         

</script>';

}

?>

[coupe-r]

OK,

 

echo out $count and see what the value is when you try to log in.

[yeakyau]

value is 0

[coupe-r]

OK good.

 

Now, echo out your input (username and password).  Then, look at your DB record to see if they match.

[yeakyau]

hi sir, blank...

it is echo $ic $password

[coupe-r]

ok, so your values are not posting.  Check to make sure your text boxes are in a form and you have named them ic and password.

[yeakyau]

wait the command echo '$ic $password';

like this correct?

[coupe-r]

No.

 

echo $ic;

echo '<br />';

echo $password;

 

 

[yeakyau]

<form name="form1" method="post" action="checklogin.php">

<td>

<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">

<tr>

<td colspan="3"><strong>FOR GRADUATED / FRESH GRADUATE MEMBER LOGIN FOR ENJOY CHATTING</strong></td>

</tr>

<tr>

<td width="78">IC</td>

<td width="6">:</td>

<td width="294"><input name"ic" type="text" id="ic"></td>

</tr>

<tr>

<td>Password</td>

<td>:</td>

<td><input name="password" type="text" id="password"></td>

</tr>

<tr>

<td> </td>

<td> </td>

<td><input type="submit" name="Submit" value="Login"></td>

</tr>

</table>

</td>

</form>

</tr>

</table>

here is my login form

[coupe-r]

for now, do this

 

<form name="form1" method="post" action="">

 

take out your php page.

[yeakyau]

only IC is blank not show out once echo .

and password is show

[yeakyau]

ok already take out, once click submit it display out password no ic.

[coupe-r]

so IC does not echo but password echos what you entered?

[yeakyau]

i enter 850905075287 than password 12345

[yeakyau]

sir, is there any solutions. :'(

[coupe-r]

ok for some reason, your not posting the IC variable, but it looks fine .  I'm not really sure what is happening.

 

comment out your entire PHP.  Then do the following..

 

$id = $_POST['id'];

$password = $_POST['password'];

 

echo $id .' '. $password;

 

 

Just paste that and enter your info and press submit and tell me what it echos.

[yeakyau]

now i need to add back the php pages? and include this code it is