Jump to content

PHP beginner - help appreciated

Finker92

By Finker92
in PHP Coding Help

 Share

Recommended Posts

Finker92 Newbie

Finker92

Posted
Posted

:confused:

Hi all, I hope I am in the right place. I'm new to php/mysql so please be patient with me. I am trying to create a login script to validate username and password against a database I have created. I am not getting an error message but even when I enter correct username/password details from the database to test the code I am getting the message at the bottom of the script. I can't figure out why as I thought I had all bases covered, but obviously not. Here is my code. Thanks for any help in advance.

P.S. I have checked the names against my form and they are correct.

 

<html>

<html lang="en">

<head>

<meta charset="utf-8" />

<title>USER LOGIN</title>

</head>

<body>

<?php

if(empty($_POST['name'])){

$name=NULL;

echo "Sorry, you forgot to enter your username.</br>";

}else{

$name=$_POST['name'];

}

if(empty($_POST['password'])){

$password=NULL;

echo "Sorry, you forgot to enter a password.</br>";

}else{

$password=$_POST['password'];

}

$connection = @mysqli_connect('localhost','root','','BLOG_PROJECT')

OR die("Could not connect to server");

 

$username = stripslashes($name);

$password = stripslashes($password);

$username = mysql_real_escape_string($name);

$password = mysql_real_escape_string($password);

 

$info = "SELECT 'username', 'password' FROM USERS WHERE 'username'='$username' and 'password'='$password'";

$return=@mysql_query($info);

$rows=@mysql_num_rows($return);

 

if($rows==1){

session_register("username");

session_register("password");

header("location:admin.php");

echo "Hi $username. You are now logged in.";

}else{

echo "You have entered incorrect details. Please check your login details and try again.";

}

?>

</body>

</html>

Link to comment
https://forums.phpfreaks.com/topic/254307-php-beginner-help-appreciated/
Share on other sites
Finker92 Newbie

Finker92

Posted
  • Author
Posted

Oh! OK, apologies for wrong forum etiquette. Erm, that's not great news. Is all of the code dated or is it specific parts. I created most of it using Larry Ullman's book which I thought was fairly up to date, so confused as to what parts are old. Did use an online tut for latter parts though. Any suggestions/hints welcome.

Pikachu2000 Prolific Member

Pikachu2000

Posted
Posted

If that's from one of Larry's books, it must be an old one; he's usually somewhat ahead of the curve. Sometimes a bit hard to follow, but on top of things, nonetheless.

 

Anyhow, stripslashes shouldn't be used without checking to see if magic_quotes_gpc() is On (which it should not be anyhow), passwords should be hashed, session_register() has been deprecated for years, and the error suppression @ operator really shouldn't be used except in very limited instances.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.