Login System

PF2G · December 17, 2011

Hi, PHPFreaks

I'm trying to do a login system, and i have this code:

<?php
session_start();

$username = "root";
$password = "";
$hostname = "localhost";
$database = "escola_musica";	
$connect = mysql_connect($hostname, $username, $password) or die("Erro na ligação à Base de Dados.");

$username = $_POST['username'];
$pass = $_POST['pass'];

mysql_select_db($database, $connect);
$sql="SELECT username, password FROM alunos WHERE username='$username'";

$resultado = mysql_query($sql, $connect) or die(mysql_error());

$num = mysql_num_rows($resultado);

if ($num>0) { 
$row = mysql_fetch_assoc($resultado);
} 

if ($num > 0 AND ($username == true AND $pass == true)) {
header("Location: index.php");
} else {
header("Location: login_form.php");
}
mysql_close($con);
?>

but even if i put the correct user and pass OR incorrect it goes to 'index.php' anyway.

Can someone help me, please?

Thank you

PF2G

melloorr · December 17, 2011

It doesn't make sense. At the top of you code you have the variable $username as "root" which is to log into you database, and at the bottom you have this:

if ($num > 0 AND ($username == true AND $pass == true)) {
header("Location: index.php");
} else {
header("Location: login_form.php");
}

Which, i THINK says, if you have the variable $username, then you can log in (same goes for password)

Also, do you have a login form? If yes post the code please

PF2G · December 17, 2011

Holy crap, the program was confused about the two variables (what a stupid basic mistake) :S

But now i changed and it gives me the same thing:

<?php
session_start();

$dbuser = "root";
$dbpass = "";
$dbhost = "localhost";
$dbname = "escola_musica";	
$connect = mysql_connect($dbhost, $dbuser, $dbpass) or die("Erro na ligação à Base de Dados.");

$username = $_POST['username'];
$pass = $_POST['pass'];

mysql_select_db($dbname, $connect);
$sql="SELECT username, password FROM alunos WHERE username='". $username. "'";

$resultado = mysql_query($sql, $connect) or die(mysql_error());

$num = mysql_num_rows($resultado);

if ($num>0) { 
$row = mysql_fetch_assoc($resultado);
} 

if ($num > 0 AND ($username == true AND $pass == true)) {
header("Location: index.php");
} else {
header("Location: login_form.php");
}
mysql_close($con);
?>

melloorr · December 17, 2011

See if this works:

[code]<?php
session_start();

$dbuser = "root";
$dbpass = "";
$dbhost = "localhost";
$dbname = "escola_musica";	
$connect = mysql_connect($dbhost, $dbuser, $dbpass) or die("Erro na ligação à Base de Dados.");

$username = $_POST['username'];
$pass = $_POST['pass'];

mysql_select_db($dbname, $connect);
$sql="SELECT username, password FROM alunos WHERE username='". $username. "'";

$resultado = mysql_query($sql, $connect) or die(mysql_error());

$num = mysql_fetch_assoc($resultado);

if ($username == $num['username'] AND $pass == $num['password']) {
header("Location: index.php");
} else {
header("Location: login_form.php");
}
mysql_close($con);
?>

[/code]

PF2G · December 17, 2011

OMG it worked.

Thank you, man.

Sign In

Login System

Recommended Posts

PF2G

Link to comment

Share on other sites

melloorr

Link to comment

Share on other sites

PF2G

Link to comment

Share on other sites

melloorr

Link to comment

Share on other sites

PF2G

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information