simmsy Posted March 5, 2011 Share Posted March 5, 2011 Hi I need help with my login script it says invalid password even when its correct however if i take out the md5 encryption of the password and use the encrypted password saved on mysql table it works please help? here is the code im using thanks: <? // Use session variable on this page. This function must put on the top of page. session_start(); ////// Logout Section. Delete all session variable. session_destroy(); $message=""; ////// Login Section. $Login=$_POST['submit']; if($Login){ // If clicked on Login button. $username=$_POST['username']; $md5_password=md5($_POST['password']); // Encrypt password with md5() function. // Connect database. $host="localhost"; // Host name. $db_user="removed"; // MySQL username. $db_password="removed"; // MySQL password. $database="removed"; // Database name. mysql_connect($host,$db_user,$db_password); mysql_select_db($database); // Check matching of username and password. $result=mysql_query("select * from signup where username='$username' and password='$md5_password'"); if(mysql_num_rows($result)!='0'){ // If match. session_register("username"); // Craete session username. header("location:main.php"); // Re-direct to main.php exit; }else{ // If not match. $message="--- Incorrect Username or Password ---"; } } // End Login authorize check. ?> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title></title> </head> <body> </tr> <? echo $message; ?> <form name="register" method="post" action="<? echo $PHP_SELF; ?>"> <tr> <td height="586" colspan="8" align="center" valign="top"><p> </p> <table> <tr> <td height="45" colspan="2" class="class2 style34"><div align="center"><a href="file:///F|/signin.html">Sign In</a>:</div></td> </tr> <tr> <td colspan="2"><div align="right"></div></td> </tr> <tr> <td width="76" height="45"><div align="right"><span class="class2 style34">Username<span class="style39">..</span></span></div></td> <td width="256"><div align="center"><span class="class2 style34"> <input name="username" type="text" id="username" size="20" height="14" /> </span></div></td> </tr> <tr> <td height="45"><div align="right"><span class="class2 style34">Password <span class="style39">..</span></span></div></td> <td><div align="center"><span class="class2 style34"> <input name="password" type="password" id="password" size="20" height="14" /> </span></div></td> </tr> <tr> <td height="45" colspan="2"><div align="center"><span class="class2 style34"> <input name="submit" type="submit" id="submit" value="Sign In" /> </span></div></td> </tr> </table></td> </tr> </form> </table> </div> </body> </html> MOD EDIT: Database credentials removed, . . . tags added. Link to comment https://forums.phpfreaks.com/topic/229699-php-login-script-help/ Share on other sites More sharing options...
cunoodle2 Posted March 5, 2011 Share Posted March 5, 2011 hurry up and remove your user/pass from your code so people don't steal it. Also this line is wrong.. if(mysql_num_rows($result)!='0') It should be.. if(mysql_num_rows($result)!=0) Link to comment https://forums.phpfreaks.com/topic/229699-php-login-script-help/#findComment-1183302 Share on other sites More sharing options...
simmsy Posted March 5, 2011 Author Share Posted March 5, 2011 I did change it and it said there was an error with that line? any other ideas? Link to comment https://forums.phpfreaks.com/topic/229699-php-login-script-help/#findComment-1183394 Share on other sites More sharing options...
Pikachu2000 Posted March 6, 2011 Share Posted March 6, 2011 When posting code, please enclose it within the forum's . . . BBCode tags. It would be a good idea to change your database username and password ASAP, since it was posted on the internet for about 6 hours. Link to comment https://forums.phpfreaks.com/topic/229699-php-login-script-help/#findComment-1183407 Share on other sites More sharing options...
Pikachu2000 Posted March 6, 2011 Share Posted March 6, 2011 If you echo $md5_password, and compare it manually to what's in the database, are they identical? Is the data type of the field that holds the password of the correct type, and of sufficient size to hold the md5 hash, such as CHAR(32)? Link to comment https://forums.phpfreaks.com/topic/229699-php-login-script-help/#findComment-1183408 Share on other sites More sharing options...
simmsy Posted March 6, 2011 Author Share Posted March 6, 2011 oh yeah thanks for that had a dozy moment! all changed now and problem sorted I just had it as a VARCHAR Thanks again I knew it would of been something stupid Link to comment https://forums.phpfreaks.com/topic/229699-php-login-script-help/#findComment-1183659 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.