grlayouts Posted August 9, 2011 Share Posted August 9, 2011 Hey guys, having a small problem which is probably so simple but my login isnt working it always comes back invalid login. I've posted both the login and index form below. anyone see the problem? <table width="300" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC"> <tr> <form name="form1" method="post" action="login.php"> <td> <table width="100%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF"> <tr> <td colspan="3"><strong>Member Login </strong></td> </tr> <tr> <td width="78">Username</td> <td width="6">:</td> <td width="294"><input name="myusername" type="text" id="user"></td> </tr> <tr> <td>Password</td> <td>:</td> <td><input name="mypassword" type="pass" id="pass"></td> </tr> <tr> <td> </td> <td> </td> <td><input type="submit" name="Submit" value="Login"></td> </tr> </table> </td> </form> </tr> </table> <?php $host="localhost"; // Host name $username="thief"; // Mysql username $password="#####"; // Mysql password $db_name="thief_game"; // Database name $tbl_name="players"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $user=$_POST['user']; $pass=$_POST['pass']; // To protect MySQL injection (more detail about MySQL injection) $user = stripslashes($user); $pass = stripslashes($pass); $user = mysql_real_escape_string($user); $pass = mysql_real_escape_string($pass); $stat = mysql_fetch_array(mysql_query("select * from players where user='$user' and pass='$pass'")); if (empty ($stat[id])) { print "Invalid login."; } ?> Link to comment https://forums.phpfreaks.com/topic/244331-login-error/ Share on other sites More sharing options...
PFMaBiSmAd Posted August 9, 2011 Share Posted August 9, 2011 To start with, type="pass" is not a valid form field type. Its type="password" Your form field names are myusername and mypassword. You would need to use those same names for the $_POST variables in your php code. They currently are not. Link to comment https://forums.phpfreaks.com/topic/244331-login-error/#findComment-1254934 Share on other sites More sharing options...
skwap Posted August 9, 2011 Share Posted August 9, 2011 Try this code <?php $host="localhost"; // Host name $username="thief"; // Mysql username $password="#####"; // Mysql password $db_name="thief_game"; // Database name $tbl_name="players"; // Table name // Connect to server and select databse. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); // username and password sent from form $user=$_POST['myusername']; $pass=$_POST['mypassword']; // To protect MySQL injection (more detail about MySQL injection) $user = stripslashes($user); $pass = stripslashes($pass); $user = mysql_real_escape_string($user); $pass = mysql_real_escape_string($pass); $stat = mysql_fetch_array(mysql_query("SELECT * FROM `players` WHERE `user` = '$user' AND `pass` = '$pass'")); if (empty ($stat[id])) { print "Invalid login."; } ?> Link to comment https://forums.phpfreaks.com/topic/244331-login-error/#findComment-1254952 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.