Jump to content

Recommended Posts

LOGIN TABLE

<img alt="" height="213" src="images/the_new_inti.jpg" width="457" />

<table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">

<tr>

<form name="form1" method="post" action="checklogin.php">

<td>

<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">

<tr>

<td colspan="3"><strong>FOR GRADUATED / FRESH GRADUATE MEMBER LOGIN FOR ENJOY CHATTING</strong></td>

</tr>

<tr>

<td width="78">IC</td>

<td width="6">:</td>

<td width="294"><input name"ic" type="text" id="ic"></td>

</tr>

<tr>

<td>Password</td>

<td>:</td>

<td><input name="password" type="text" id="password"></td>

</tr>

<tr>

<td> </td>

<td> </td>

<td><input type="submit" name="Submit" value="Login"></td>

</tr>

</table>

</td>

</form>

</tr>

</table>

 

 

Check login php

<?php

$host="mysql5.000webhost.com"; // Host name

$username="a6722055_a"; // Mysql username

$password="inti88"; // Mysql password

$db_name="a6722055_inti"; // Database name

$tbl_name="members"; // Table name

 

// Connect to server and select databse.

mysql_connect("$host", "$username", "$password")or die("cannot connect");

mysql_select_db("$db_name")or die("cannot select DB");

 

// username and password sent from form

$ic=$_POST['ic'];

$password=$_POST['password'];

 

// To protect MySQL injection

$ic = stripslashes($ic);

$password = stripslashes($password);

$ic = mysql_real_escape_string($ic);

$password = mysql_real_escape_string($password);

 

$sql="SELECT * FROM $tbl_name WHERE ic='ic' and password='$password'";

$result=mysql_query($sql);

 

// Mysql_num_row is counting table row

$count=mysql_num_rows($result);

// If result matched $ic and $password, table row must be 1 row

 

if(count==1){

// Register $myusername, $mypassword and redirect to file "home.php"

session_register("ic");

session_register("password");

header("location:home.php");

}

else {

echo '<script type="text/javascript">

alert("Provide Wrong Username Or Password , Please TrY Again!!!");

window.location.href = "index.php";         

</script>';

}

?>

it's said password do not match. do not allow to login MY database

here

CREATE TABLE `members` (

  `ic` varchar(12) collate latin1_general_ci NOT NULL,

  `password` varchar(10) collate latin1_general_ci NOT NULL,

  `name` varchar(85) collate latin1_general_ci NOT NULL,

  `lastname` varchar(85) collate latin1_general_ci NOT NULL,

  `email` varchar(100) collate latin1_general_ci NOT NULL,

  `gender` varchar(6) collate latin1_general_ci NOT NULL,

  `address` varchar(2000) collate latin1_general_ci NOT NULL,

  `country` varchar(100) collate latin1_general_ci NOT NULL,

  PRIMARY KEY  (`ic`)

) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci;

 

--

-- Dumping data for table `members`

--

 

INSERT INTO `members` VALUES('850905075287', 'kiss', 'kiss', 'kiss', 'kiss', 'kiss', 'kiss', 'kiss');

I see a few problems here...

 

1.

You have your database details within your page.  NO NO NO.  create a separate php file with that information and just require it in all your pages.

 

2.

I believe you have your stripslashes and mysql_real_escape_string out of order.  MRES should be first.  This function adds slashes if necessary, then you need to strip them.

 

3.

$sql="SELECT * FROM $tbl_name WHERE ic='ic' and password='$password'";

You do not have a variable for ic=.  it should be ic='$ic'.

 

try that for now.

You have this information in your php file:

$host="mysql5.000webhost.com"; // Host name

$username="a6722055_a"; // Mysql username

$password="inti88"; // Mysql password

$db_name="a6722055_inti"; // Database name

$tbl_name="members"; // Table name

 

// Connect to server and select databse.

mysql_connect("$host", "$username", "$password")or die("cannot connect");

mysql_select_db("$db_name")or die("cannot select DB");

 

This is all very sensitive information because it tells me your database name and password.  I suggest changing since you posted it here.

 

Once a user logs in, you would assign a session variable to that user and check for the session on each of your pages.  When they log out, you clear all sessions.

 

I usually assign them their client_id  ie ($_SESSION['c_id'] = $row['client_id'];)

ok sir, below is the code:

// username and password sent from form

$ic=$_POST['ic'];

$password=$_POST['password'];

 

// To protect MySQL injection

$ic = mysql_real_escape_string($ic);

$password = mysql_real_escape_string($password);

$ic = stripslashes($ic);

$password = stripslashes($password);

 

 

$sql="SELECT * FROM $tbl_name WHERE ic='$ic' and password='$password'";

$result=mysql_query($sql);

 

// Mysql_num_row is counting table row

$count=mysql_num_rows($result);

// If result matched $ic and $password, table row must be 1 row

 

if($count==1){

// Register $myusername, $mypassword and redirect to file "home.php"

session_register("ic");

session_register("password");

header("location:home.php");

}

else {

echo '<script type="text/javascript">

alert("Provide Wrong Username Or Password , Please TrY Again!!!");

window.location.href = "index.php";         

</script>';

}

?>

<form name="form1" method="post" action="checklogin.php">

<td>

<table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">

<tr>

<td colspan="3"><strong>FOR GRADUATED / FRESH GRADUATE MEMBER LOGIN FOR ENJOY CHATTING</strong></td>

</tr>

<tr>

<td width="78">IC</td>

<td width="6">:</td>

<td width="294"><input name"ic" type="text" id="ic"></td>

</tr>

<tr>

<td>Password</td>

<td>:</td>

<td><input name="password" type="text" id="password"></td>

</tr>

<tr>

<td> </td>

<td> </td>

<td><input type="submit" name="Submit" value="Login"></td>

</tr>

</table>

</td>

</form>

</tr>

</table>

here is my login form

ok for some reason, your not posting the IC variable, but it looks fine .  I'm not really sure what is happening.

 

comment out your entire PHP.  Then do the following..

 

$id = $_POST['id'];

$password = $_POST['password'];

 

echo $id .' '. $password;

 

 

Just paste that and enter your info and press submit and tell me what it echos.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.