Jump to content

script for checking login

mariam

By mariam
in PHP Coding Help

 Share

Recommended Posts

mariam Member

mariam

Posted
Posted

i have created a table in database with 3 fields of id, user name and password

to check the entered username and password and direct to another php page the following script is used:

<?php
// username and password sent from form (i.e login box)
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword'];
$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysql_query($sql);
// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1){
// Register $myusername, $mypassword and redirect to file "login_success.php"
  session_register("myusername");
  session_register("mypassword"); 
  header("location:login_success.php");
  }
  elseif($count==2){
// Register $myusername, $mypassword and redirect to file "login_success.php"
  session_register("myusername");
  session_register("mypassword"); 
  header("location:login_success1.php");
  }
  else {
     echo "invalid entry";
  }

 

the issue is that when the password matches the corresponding username... it always directs it to the user name in the first row i.e.

"location:login_success"

even if entries of row 2 are entered

 

what is the possible error?

 

MOD EDIT: code tags added

Link to comment
https://forums.phpfreaks.com/topic/239728-script-for-checking-login/
Share on other sites
Pikachu2000 Prolific Member

Pikachu2000

Posted
Posted

When posting code, enclose it within the forum's 

 . . .

BBCode tags.

 

That code looks like it's probably from a tutorial on phpeasystep.com? Their code is obsolete and makes use of several deprecated functions such as session_register(), etc. To address your particular issue at the moment however, have you tried echoing $count to see what value it holds?

PFMaBiSmAd Advanced Member

PFMaBiSmAd

Posted
Posted

$count has nothing to do with which row was matched and in fact since you cannot control which row any particular data is in, you should not being trying to match a row number.

 

$count is the number of row(s) that the query matched. For any username/password combination, there should only be ONE row. $count will be zero if there was no matching row and it will be one if there was one matching row. The only way it could be two is if you have two rows with the same username/password combination.

 

If you want to redirect to a different location depending on which username/password combination was entered, you would either use a unique id (auto-increment) from your database table or some other unique value, such as a username or a specific column that holds the 'location' to redirect to.

mariam Member

mariam

Posted
  • Author
Posted

i have modified the code using the approach that the values of username field in the dtabase table are stored in an array and then put a loop to check which username was entered on the site...

 

the 'pagedir' has all the values of the location field (e.g login_sucess.php)

 

the pagedir value coressponding to the username is entered in the header() command;

 

my code now is (new addition in red)

 

<?php

 

//$mysql_host = "mysql14.000webhost.com";

//$mysql_database = "a3907930_mehreen";

//$mysql_user = "a3907930_root";

//$mysql_password = "aaaAAA111";

$host="localhost"; // Host name

$username="root"; // Mysql username

$password=""; // Mysql password

$db_name="mehreen"; // Database name

$tbl_name="members"; // Table name

 

// Connect to server and select databse.

mysql_connect($host, $username, $password)or die("cannot connect");

mysql_select_db($db_name)or die("cannot select DB");

 

// username and password sent from form

$myusername=$_POST['myusername'];

$mypassword=$_POST['mypassword'];

$sql="SELECT * FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";

$result=mysql_query($sql);

// Mysql_num_row is counting table row

$count=mysql_num_rows($result);

// If result matched $myusername and $mypassword, table row must be 1 row

 

 

if($count==1){

// Register $myusername, $mypassword and redirect to file "login_success.php"

  session_register("myusername");

  session_register("mypassword");

  //header("location:login_success.php");

  }

 

  else {

  echo "wrong";

  }

//addition:

//if ($myusername=) {

// header ("location:mariam_profile.php");

//}

 

 

 

//try2

$i=1;

$num_rows = mysql_num_rows ($result);

$names_reg=array ();

$pagedir=array();

 

$names = mysql_query("SELECT username FROM $tbl_name");

while ($row = mysql_fetch_array($names, MYSQL_ASSOC)) {

    $names_reg[] =  $row['username'];

}

 

$pages = mysql_query("SELECT location FROM $tbl_name");

while ($row = mysql_fetch_array($pages, MYSQL_ASSOC)) {

    $pagedir[] =  $row['location'];

}

 

 

while($i<= $num_rows)

  {

  if ($myusername=$names_reg[$i]) {

  header ("location:$pagedir [$i]");

  }

  $i++;

  }

?>

 

 

and the error is

The requested URL was not found on this server. The link on the referring page seems to be wrong or outdated. Please inform the author of that page about the error.

 

If you think this is a server error, please contact the webmaster.

 

is it that i cannot put variable in header?? how can i go abt it then??

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.